Aetna has agreed to pay a civil penalty of $365,211.59 in New Jersey for allowing private health information to be viewed through envelope windows. The insurer will also pay $100,000 in Connecticut and $175,000 in the District of Columbia. Additionally, Aetna is expected to pay $17 million in compensation to individuals who filed a class action lawsuit. The violations occurred when Aetna disclosed HIV/AIDS-related information and patients’ identity through mailings. CVS Health, which recently merged with Aetna, also suffered a similar security breach in April. Aetna will implement policy and training reforms to safeguard protected health information.
Weekly Cybersecurity News Recap : Tenable, Qualys, Workday Data Breaches and Security Updates
This week in cybersecurity serves as a critical reminder of the pervasive risks within the digital supply chain, as several industry-leading companies disclosed significant data
