Health-insurer Aetna has agreed to pay $17.2 million to settle claims that it violated the HIV-privacy rights of more than 13,000 customers, according to court papers filed this week.
Last year, 13,485 individuals allegedly had their privacy breached when Aetna shared their HIV-related information with its legal counsel and mail vendor.
Additionally, 11,875 of those individuals had their privacy violated when Aetna's mail vendor sent letters in envelopes with large windows, exposing their HIV-related information. Under the settlement, they will receive at least $500 with the option of pursuing additional compensation up to $20,000 each.
Those who weren’t affected by the mailing but still had their privacy breached will receive $75 each.
Additionally, "service awards" will be allotted to 37 plaintiffs named in a federal class-action suit filed in August, but the aggregate amount of the awards cannot exceed $100,000.
The settlement sets aside about $6.5 million to cover the claims of plaintiffs who demonstrate damages in excess of $500. If there's money left over in that fund, it will be evenly distributed to those affected by the mailing.
Numerous attorneys from across the country have been involved in the litigation, and the settlement is expected to cover an estimated $4.3 million in their fees and costs.
Moreover, about $180,000 has been set aside to administer the settlement funds.
Ronda B. Goldfein, executive director of the AIDS Law Project of Pennsylvania, praised the settlement.
“The fear of losing control of HIV-related information and the resulting risk of discrimination are barriers to health,” Goldfein said in a statement. “This settlement reinforces the importance of keeping such information private.”
If any checks mailed to recipients go uncashed, that money will be distributed to worthy HIV/AIDS organizations through a request-for-proposal process, Goldfein added.
Aetna issued the following statement:
“Through our outreach efforts, immediate relief program and this settlement, we have worked to address the potential impact to members following this unfortunate incident. In addition, we are implementing measures designed to ensure something like this does not happen again as part of our commitment to best practices in protecting sensitive health information.”
The settlement still must be approved by U.S. District Judge Juan R. Sanchez, and individuals who wish to "opt out" of the settlement will be given an opportunity to do so.