Aetna Inc. settled today with the New York attorney general over claims the insurance provider sent letters that exposed through a transparent address window the HIV status of 2,460 state residents.
The insurance provider will pay $1.15 million in civil penalties under the settlement agreement. Aetna didn’t admit fault under the agreement, but agreed to update privacy protections for personal health information and hire outside consultants to monitor compliance with the settlement.
The claims were brought under New York state health privacy laws and the federal Health Insurance Portability and Accountability Act (HIPAA). Both prohibit the disclosure of sensitive health information.
“Health insurance companies handle personal health information on a daily basis and have a fundamental responsibility to be vigilant in protecting their members,” N.Y. Attorney General Eric Schneiderman (D) said in a statement.