Aetna is still paying the price for two 2017 privacy breaches involving mailings that potentially exposed HIV and cardiac condition information about thousands of individuals. The insurer agreed to a $17.2 million settlement of a class action lawsuit filed against the company in January. In September 2017, a mailing sent to 1,600 individuals concerning a study of patients with atrial fibrillation included the name and logo for the study – “IMPACT AFib” – which could have been interpreted as indicating that the addressee had an AFib diagnosis.”]
Source: https://www.inforisktoday.com/aetna-hit-more-penalties-for-two-breaches-a-11611

