CVS Health is currently under fire for allegedly releasing the HIV status of 6,000 customers in Ohio, CNN reports.
According to the federal lawsuit, CVS mailed letters last year that unintentionally showed the status of participants in Ohio’s HIV drug assistance program through the envelopes’ clear windows. The letters—which also named their distributor Fiserv—included patients’ new benefits cards and additional information about a mail prescription program.
You May Also Like: Walmart Is Being Sued and the Reason Why Will Infuriate You
Three plaintiffs are leading the lawsuit against both companies, seeking a class-action suit and a jury trial. One of the unidentified plaintiffs stressed that this mistake was like handing “a weapon to anyone who handled the envelope, giving them the opportunity to attack his identity or cause other harm to him.” Another plaintiff feared the stigma associated with HIV, adding that his “friends and family run the risk of being stigmatized just by being seen with him.”
The patients’ attorneys claim that CVS did not disclose the privacy breach and failed to alert those affected by the mistake. However, CVS Health argues against this claim: “CVS Health places the highest priority on protecting the privacy of those we serve, and we take our responsibility to safeguard confidential information very seriously,” their statement to CNN said. “As soon as we learned of this incident, we immediately took steps to eliminate the reference code to the plan name in any future mailings.”
Read the full report on CNN, here.