CVS Caremark recently mailed pharmacy benefit information to roughly 4,000 participants in the State of Ohio’s AIDS Drug Assistance Program, a CVS Health spokesperson told Becker’s Hospital Review via email. The letters included a reference code for the assistance program — which comprised a series of letters and numbers, PM 6402 HIV — that was visible through the envelope window.
“This reference code was intended to refer to the name of the program and not to the recipient’s health status,” the spokesperson wrote. “No other protected health information was exposed. As soon as we learned of this incident, we immediately halted the mailings and are currently taking steps to eliminate the reference to the plan name in any future mailings.”
More articles on cybersecurity:
Third-party security flaw exposes information of nearly 9k Silver Cross patients
Microsoft: New email spam sends users to tech support scam websites
Uber enters settlement after FTC alleges deceptive data privacy claims: 6 things to know
