Aetna ‘envelope error’ results in class-action HIPAA lawsuit

A data breach can take many forms—including a third-party mailer with sensitive health information inside.

Ragan Insider Premium Content
Ragan Insider Content

No hackers here—just a lack of attention to detail.

Insurance giant Aetna is now the subject of a class-action lawsuit after the HIV statuses of 12,000 patients were revealed in a mass mailer. At issue is the use of a large-window envelope through which sensitive information could be read.

Stat reported:

Legal groups on Monday filed a class-action lawsuit […] alleging the company violated the privacy of its customers by sending many of them letters through which the phrase “filling prescriptions for HIV” was visible through envelope windows.

Aetna was notified of the situation on July 31, after which it mailed a letter notifying patients of the breach of their privacy. The letter offered an apology to customers and called the mistake “unacceptable” in hopes to “earn back” their trust.

This latest error was triggered by Aetna’s response to an earlier lawsuit that alleged it was lax in protecting the personal information of HIV patients.

Stat reported:

To read the full story, log in.
Become a Ragan Insider member to read this article and all other archived content.
Sign up today

Already a member? Log in here.
Learn more about Ragan Insider.