Brokers and joint venture partners: You spoke and we heard you
You may recall a recent email from us regarding the launch of a new Aetna broker full-disk encryption validation service. The service would have required you to download a software agent to your device. Based on your feedback, we are going to use a self-validation solution instead.
A better solution
Beginning on September 17, 2018, the first time you visit a broker website, you will see a pop-up message that asks you to verify if your device is encrypted. Your response (either “Yes” or “No/I don’t know”) generates a web browser file called a cookie, which can be read by any Aetna broker website you visit from the same device and browser.
Each cookie has an expiration date. When it expires, you will be asked to re-verify your encryption status. If you answer “yes” to the encryption pop-up, your cookie will expire in 12 months. This means you’ll be set for a year when you use the same device. If your device is not encrypted or you don’t know if your device is encrypted, the cookie will expire in 90 days. This will give you an opportunity to verify or install encryption.
Full-disk encryption – protecting your business
So why are we doing this? Full-disk encryption helps keep your devices secure by automatically converting everything stored on your computer into a form that cannot be read by anyone who does not have the password.
Full-disk encryption offers several advantages:
- Protects your business investment by enhancing the security of your business data
- Protects sensitive consumer data, which increases consumer confidence
- Helps preserve professional reputations and reduce costs associated with a security breach
- Ensures compliance with HIPAA, the New York Cybersecurity Regulation (23 NYCRR 500), and other federal, state, and industry-specific regulations related to data privacy and security
- Provides “safe harbor” from required HIPAA notifications if a breach occurs [78 Federal Register 5639]
Read these FAQs to learn more about Aetna’s updated full-disk encryption verification program.
We appreciate your support to help ensure the privacy and security of Aetna and joint venture member data.
If you have any questions, please contact your Aetna representative.