In this day and age of your privacy getting spilled out across fiber optic and CAT 5 cables everywhere, Aetna digs down deep to find an old fashioned way of outing your personal information. And while I am joking about this, it is actually a fairly serious violation of privacy that most assuredly had some very negative consequences to the persons that were affected. A third party company was sending out mailers to HIV patients with information about their prescriptions, and the envelope had a huge window on it that allowed a good bit of reading to be done without opening the envelope. Don’t worry though, now that your neighborhood knows you are HIV positive, you get $500. However should these poor folks to claim financial of emotional distress, up to $20K can be claimed per individual. Thanks cageymaru.



The disclosure occurred on 28 July 2017 when the American managed health care company sent out letters to 12,000 of its customers who had filled prescriptions for HIV. Aetna conduct the mailing using a vendor, a third party which sent each patient a notice inside a window envelope. The type of envelope chosen by the vendor sometimes allowed the recipient’s personal health information (PHI), including their HIV diagnosis, to shift into view, thereby compromising their privacy.

Discussion

Source: [H]ardOCP – Not All Data Breaches are Digital