Aetna Business Associate Agreement

The conciliation agreement also draws attention to the fact that in the past 24 months, Aetna has reported three other HIPC violations to the Citizens` Rights Office, which have affected a total of more than 25,000 people. Aetna was not only violated by the mailing against state and federal laws, but it also passed on its members` personal information about its members` health to outside lawyers who in turn passed that information on to a colony manager. While the external lawyer was a partner of Aetna and had signed a counterparty agreement, its subcontractor, the transaction trustee, was also a business partner, but no counterparty agreement was entered into prior to PHI`s disclosure. Another violation of HIPAA rules. The complaint and NY AG added a hipaa twist, claiming that although Aetna sent protected health information to its external attorney, who handled the case under a HIPC counterparty agreement, neither Aetna nor its external counsel entered into a counterparty agreement with the third settlement administrator responsible for sending the communications. Comparisons highlight the importance of maintaining and implementing comprehensive policies and procedures and related training and audits to prevent unauthorized disclosure of protected health information. . . .

shares