Aetna sued for revealing HIV statuses of 12,000 patients
data protection

Aetna sued for revealing HIV statuses of 12,000 patients

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Health insurer, Aetna Inc, is being sued for a serious oversight that reportedly revealed the HIV status of around 12,000 patients when a letter was sent out to customers with large clear windows that referenced HIV medication.

It’s a monumental blunder that’s similar to the London sexual health clinic, 56 Dean Street breach, where an email was sent to over 700 patients with names and email addresses for recipients visible. We act for a large proportion of the people claiming in that action.

The clear window is of course intended to be clear, so the address is shown for posting, but this doesn’t change the fact that the letter clearly hadn’t been properly planned out given that private medical information was visible too.

A photograph of an unopened letter reportedly shows Aetna’s logo, the patient’s name and address, and the following text:

Dear [name],
The purpose of this letter is to advise you of the options…
Aetna health plan when filling prescriptions for HIV Medic…
Members can use a retail pharmacy or a mail order pharm…

This is a serious breach of sensitive medical information.

Number of patients affected uncertain

Aetna themselves appear unsure as to how many people are affected as it can depend on how the letter was folded and positioned in the envelope. The insurer has said that it used a third party firm to carry out mailing tasks, but did not identify who this was.

While the third party vendor may have been the ones to physically send out the information, Aetna has a responsibility to give clear instructions to anyone they provide access of sensitive information to look after it and ensure data protection rules are upheld.

Apology from Aetna

A company statement said:

“We sincerely apologise to those affected by a mailing issue that inadvertently expose the personal health information of some Aetna members. This type of mistake is unacceptable, and we are undertaking a full review of our processes to ensure something like this never happens again.”

The disturbing oversight may result in serious harm to the victims involved. The duty of care organisations owe when working with sensitive information like this is huge.

Claims for compensation

One victim is reportedly bringing an action after his sister found out he was taking HIV medication allegedly because of the breach. It could be easy for anyone picking up the mail to see enough content to realise that the recipient has HIV, which is a major breach of medical confidentiality.

Two organisations – Legal Action Centre (LAC) in New York, and AIDS Law Project – reportedly sent “cease-and-desist” letters to Aetna condemning the health insurer for the serious data breach. It’s believed there will be thousands seeking legal help to bring claims against Aetna.

Rhonda Goldfein, executive director of the Pennsylvania AIS group, criticised Aetna’s actions that led to the privacy violation in that, not only can this breach cause embarrassment, but also “a tangible risk of violence, discrimination and other trauma” that comes with the stigma of having the disease.

Like the 56 Dean Street Clinic action we’re involved in, this is an extremely serious data breach that has potentially caused a lot of distress and harm to the recipients. Many of the affected recipients in the Dean Street incident have instructed our firm, and we continue to work with the solicitors acting for the clinic in reaching settlements for the victims involved.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon