AOL’s Outing of ‘Distressed Babies’ Raises Questions About Medical Privacy

By Dana Wilkie Jul 20, 2015

When AOL’s CEO told a company town hall gathering that two “distressed babies” cost the company $1 million each in medical expenses, he ignited a national controversy and raised questions about employers’ access to workers’ medical records. 

CEO Tim Armstrong made the remarks in February 2014, telling those gathered that AOL was scaling back its 401(k) contribution matches in part because of the company’s health care costs associated with the two births in 2012 and the Affordable Care Act.

“We had two AOLers that had distressed babies that were born that we paid a million dollars each to make sure those babies were okay in general,” Armstrong said at the time.

It wasn’t difficult for those inside the company to deduce that one of the babies was Deanna Fei’s daughter, Mila, who had been born at 25 weeks weighing one pound, nine ounces. While in the hospital, Mila suffered a brain hemorrhage and the collapse of her right lung. At the time of the town hall gathering, Fei’s husband, Peter Goodman, was an editor at AOL’s Huffington Post, although he has since left the company. Fei was not employed by AOL. 

Armstrong’s revelation inspired Fei to write a book about what she called an invasion of her privacy and the shame Fei says she felt at Armstrong using a “dehumanizing phrase” like “distressed babies.” 

It should be made clear to workers that it’s typical for employers to have access to certain high-level claims information, said Jeff Nowak, partner and co-chair of the Labor and Employment practice group at Franczek Radelet in Chicago. “This type of claims information is useful to employers when looking at the effectiveness of their plans, from both a cost and human resources perspective,” he said. 

If self-insured, as AOL was, an employer is paying for expenses up to a certain level, after which excess insurance might take responsibility for costs, said David L. Barron, an attorney with Cozen O'Connor in Houston. Even if not self-insured, the employer group’s claims history will be important in underwriting the cost of the employer’s health care plans. 

“The question is, who within the organization should have access to the data, and how specific does it need to be?” Barron said. “Each year, the employer must make decisions about the structure and type of benefit plans it will offer to employees, and claims history is important for that process.”

Reports about high-cost claimants that get to the CEO level should have identifying employee information stripped out—which is typically done by a third-party administrator. It's likely that Armstrong saw one of these reports that referenced a high cost of care for two unnamed infants, Nowak said. 

But even if the records don’t include identifying information, it usually won’t be hard for an employer to deduce the source of a high-cost claim, Barron said. 

“After all, the employer typically would receive medical documentation to support a leave of absence, so the employer will know if an employee has a premature baby or someone in the employee’s family has a catastrophic medical emergency,” Barron said. 

In a 1996 survey by University of Illinois professor David Linowes—who two decades earlier led a congressional Privacy Protection Study Commission—35 percent of Fortune 500 employers admitted to looking at their employees' health records to make company-related decisions. 

Employers are also entitled to basic medical information if an employee claims that a medical condition prevents him from doing his job, Nowak said. Under the federal Family and Medical Leave Act (FMLA) and the Americans with Disabilities Act (ADA), for instance, when a medical condition impacts an employee’s job, the employer has the right to know basic information “about an employee’s medical condition, their limitations in performing their job and any accommodations that may be required to perform the job,” Nowak said. 

Privacy Laws and Protections 

Armstrong later privately apologized to Fei and her family. But what troubled Fei, according to her book, was that AOL knew the medical details surrounding her daughter, even if it didn’t explicitly name Mila or her parents. More broadly, Armstrong’s knowledge made it seem probable to her that companies could be privy to all sorts of information about employees—fertility treatments, substance abuse treatments, oncology care.

So what privacy protections do employees have? 

The Health Insurance Portability and Accountability Act (HIPAA) requires health plans, health providers and health care clearinghouses to keep an individual’s protected health information confidential. 

“The law does protect the privacy of medical records, but the employer, especially where self-insured, has a right to know certain data, like the costs of claims,” Barron said. “Sharing such information beyond the sphere of those who have a need to know —for example, making a public statement regarding an employee’s medical condition—would be a different story.”

Added Nowak: “AOL’s CEO does not appear to have identified the individual or communicated any specific medical information to the broader audience, so his comments may not constitute a clear HIPAA violation.” 

“However,” Nowak said, “if my employer client asked me for counsel in this situation, we would advise against making these kinds of statements. Clearly, there are better, more appropriate ways of communicating to your employees the generous benefits available under your plan. Here, it might have been more appropriate to affirm that the company maintains a benefit-rich plan which has covered many employees’ catastrophic illnesses and injuries over the years, and that the company is committed to such a plan into the future.”

Still, if an employer looks at medical records and can deduce, because of an unusual medical case, who the employee is—which happened in Mila’s case—is it possible the employer may view this worker negatively? And might that tempt the employer to treat the worker in a negative way because he or she is costing the company so much money? 

“This certainly is a risk in theory, but this scenario occurs far less than you might think,” Nowak said. “For the vast majority of employers, they maintain strict confidentiality protocols to ensure that an employee’s medical information is safeguarded and accessed only by a small number of benefits or HR-related professionals who must have access to this information to make critical and lawful benefits and employment-related decisions.” 

There are legal protections for workers whose employers treat them negatively because they can deduce that the worker is costing the company a lot in medical expenses. The Employee Retirement Income Security Act of 1974 (ERISA), Section 510, prevents employers from interfering with an employee securing benefits under an employee benefit plan. 

ERISA Section 510 “has been used by many a plaintiff where an employee—or a covered dependent—with a high claims history is terminated, disciplined or effectively excluded from the plan, due to a reduction in hours, for example,” Nowak said. 

Negative treatment of an employee with a high-cost claims history could also raise concerns under the FMLA in the case of a serious medical condition involving an employee or family member, or under the ADA if an employee’s medical condition rose to the level of a disability. 

Dana Wilkie is an online editor/manager for SHRM.


Job Finder

Find an HR Job Near You
Post a Job

Apply by October 19

Get recognized as an HR expert. Earn your SHRM-CP and SHRM-SCP certification, and set yourself apart.

Apply Now


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect