Announcing a pullback of a major employee benefit was bad. Violating the privacy of two employees was worse.
AOL's foot-in-mouth CEO, Tim Armstrong, may not have known the names of two employees he says cost his company $1 million each in medical bills when he complained this month about their drag on the company's finances.
But that doesn't matter, says 20-year healthcare attorney Martha Knutson of San Diego. With those remarks specifying AOL employees' "distressed babies" she says, Armstrong certainly violated HIPAA, the Health Insurance Portability and Accountability Act of 1996. And in so doing, his clumsy misspeak serves as a cautionary tale for anyone even thinking about sharing patients' protected medical information without their consent.
Armstrong, who receives $12 million a year in compensation, used the babies' medical expenses to justify AOL's decision to limit its match for its 401(k) plan by distributing a lump sum to each participating employee at the end of the year, rather than making a contribution in every pay period. But he should have known better.
As an executive of a large company that self-insures healthcare expenses for its workers, "it wouldn't be unusual to have high level information" about costs, because AOL would have to come up with the money to pay those claims, Knutson says.