In a press release sent out yesterday lawyers for the Legal Action Center in New York and the AIDS Law Project of Pennsylvania demanded that Aetna change the way that it sends patient information in the future.

Unfortunately, there isn’t really anything to be done for those recipients whose medications were shown through the envelope window. US postal workers delivering the letters or anyone picking up the mail that day had access to that information. So far, the lawyers say they’ve received 23 complaints from people whose HIV medications were disclosed.

Some people living with HIV are expected to live almost as long as those without it, thanks to improved medication with fewer side effects. However, the virus, which is spread in part through sexual contact or shared needles, is still heavily stigmatized. “People have been devastated. We’ve had a number of people tell us they had chosen not to disclose their HIV status to family members—but this is how their family members found out,” Sally Friedman, the director of the Legal Action Center, told STAT.

In the US, medical information is confidential between a healthcare provider and the patient (and in some cases, family members or caretakers with the patient’s consent), per the Health Insurance Portability and Accountability Act (HIPAA). However, there is no standard for what kinds of envelopes need to be used when mailing this information. In 2015, there were at least four separate instances of medical information being exposed through mailing envelopes that were not opaque.

Aetna apologized profusely in a subsequent letter sent to customers, and told recipients that they have the right to file complaints with the Office of Civil Rights in the Department of Health and Human Services. There’s no word on the vendor responsible for the mistake, but we’re guessing they won’t be working with Aetna in the future.

📬 Sign up for the Daily Brief

Our free, fast, and fun briefing on the global economy, delivered every weekday morning.