Alison Frankel reports that Aetna is suing Kurtzman Carson Consultants for exposing plan members’ HIV status in envelope windows sent out in July as part of notifying members of settlement negotiations in other litigation matters. The privacy breach resulting from the exposure resulted in Aetna members experiencing a privacy breach involving sensitive information, and led to yet new lawsuits and state and federal investigations and enforcement actions. Frankel reports:
Aetna rushed to contain the damage. By the end of September, it had set up an emergency assistance program, providing counseling and limited financial assistance to affected plan members and their families. In January, the company agreed to settle the privacy class actions for $17.2 million, without conceding liability. Aetna also agreed to pay a $1.15 million fine to resolve the New York AG’s investigation of the improper disclosure.
So far, Aetna is on the hook for nearly $20 million, not counting its own legal costs, from the botched settlement notification.
Or is it? In a complaint filed Monday in Philadelphia federal court, Aetna blames the claims administrator Kurtzman Carson Consultants (better known as KCC) for sending out settlement notices that exposed plan members’ medical information. Accusing KCC of gross negligence, Aetna wants the claims administrator to pay all of its costs from the epic notification fail.
Read more on Reuters.