Aetna has agreed to pay a civil penalty of $365,211.59 in New Jersey for allowing private health information to be viewed through envelope windows. The insurer will also pay $100,000 in Connecticut and $175,000 in the District of Columbia. Additionally, Aetna is expected to pay $17 million in compensation to individuals who filed a class action lawsuit. The violations occurred when Aetna disclosed HIV/AIDS-related information and patients’ identity through mailings. CVS Health, which recently merged with Aetna, also suffered a similar security breach in April. Aetna will implement policy and training reforms to safeguard protected health information.
MediSecure cyber security incident
The Australian Government is responding to a cybersecurity incident involving former prescription delivery service, MediSecure. The national prescription delivery service, Fred IT Group’s eRx Script