Aetna recently announced the launch of a new broker full-disk encryption validation service, which would have required brokers to download a software agent to their devices. After growing concerns, Aetna has decided to use a self-validation solution instead.
Beginning on September 17, 2018, the first time you visit a broker website, you will see a pop-up message that asks you to verify if your device is encrypted. Your response (either “Yes” or “No/I don’t know”) generates a web browser file called a cookie, which can be read by any Aetna broker website you visit from the same device and browser.
Each cookie has an expiration date. When it expires, you will be asked to re-verify your encryption status. If you answer “yes” to the encryption pop-up, your cookie will expire in 12 months. This means you’ll be set for a year when you use the same device. If your device is not encrypted or you don’t know if your device is encrypted, the cookie will expire in 90 days. This will give you an opportunity to verify or install encryption.