The use of clear windows on envelopes allowed private medical information to be revealed.
Thousands of Aetna insurance customers suffered an accidental disclosure of their HIV status. What was essentially a stationary error caused the private medical data of 12,000 policyholders to be openly visible in the mail.
The insurance company issued letters to certain clients, in envelopes with clear plastic windows.
The envelopes with plastic windows are commonly used by many companies to allow the recipient’s name and address to show through. That way, the mailing information printed on a paper inside the envelope can be viewed instead of having to print it directly onto the envelope or on a separate label. Unfortunately for thousands of Aetna insurance customers, the use of these envelopes accidentally revealed their HIV status.
The issue occurred when Aetna insurance customers were sent instructions for filing claims for HIV medications.
Though not all envelopes revealed the personal medical information, thousands of policyholders found that their medication information was displayed along with their name and address in the clear plastic window of the envelope. The nature of that medication inadvertently showed the HIV status of the customer.
The letters were issued to health plan members on July 28, 2017. The situation has been deemed a breach of customer privacy. The fear is that it could expose policyholders with HIV to discrimination, according to the AIDS Law Project of Pennsylvania and the Legal Action Center.
Those groups state that the letters were issued to Aetna health plan members who are currently taking HIV medications for treatment, as well as for the pre-exposure prophylaxis (PrEP), which is a course of medications helping to prevent a patient from acquiring HIV.
The specific number of Aetna insurance customers who suffered HIV status exposure is unknown. That said, the groups have received a considerable number of reports that the letters had already been viewed by family members, roommates and neighbors, among other people who could easily have access to a person’s mail. The groups wrote a joint letter to the insurance company, requesting the development of a plan of action to ensure that this type of mistake is not repeated.