Log in to WRAL.com with one click using your favorite social network:
OR
Log in using your WRAL.com account:



Wrong email/password combination.

Forgot password?

Register with WRAL.com using your favorite social network:
OR
Register for a WRAL.com account using our web form.

Login Options

1:33 a.m. • 2-10-12

Weather Forecast for Raleigh

  • Today: Rain.
    • Hi: 58° F
  • Sat: Partly Cloudy.
    • Hi: 54° F
  • Sun: Clear.
    • Hi: 43° F

Other Locations

> 7 Day Forecast

Doppler Image

Marketplace Links

Social Links

Main Menu

Posted: October 14, 2009

Mammography study hacked, personal data at risk

e-mail print friendly
N.C. lawmakers would consider changes to ID theft law

[search] Site Search

N.C. lawmakers would consider changes to ID theft law

Chapel Hill, N.C. — Hundreds of thousands of women found out by letter this week that their personal information, including Social Security numbers, might have been exposed to identity theft.

The Carolina Mammography Registry at the University of North Carolina School of Medicine gathers data from radiologists across the state. The breach at UNC affects women who did not know the registry existed and did not give consent to have their information included.

Patients, like Pam Bridges, were surprised and angered.

“To find out my information is out there floating around somewhere -- and this could happen to anybody,” she said. “That's what's frustrating to me as a citizen who does her best to try to protect her personal information ... because I don't want to be a victim of ID theft.”

Computer experts don’t know how or when the hack originated or how much data was compromised.

The North Carolina Department of Justice recommends that people who are notified of a possible breach of personal information monitor their credit closely, request a fraud alert from major credit bureaus and consider putting a freeze on new requests for credit.

Bridges wondered why Social Security numbers were passed along with study data. Some radiology offices used those numbers as patient identifiers.

Wake Radiology issued a statement Wednesday withdrawing from the study and any others that require personal data. “Involvement in future studies will be limited to anonymous, unidentified data,” the statement said.
 

Copyright 2011 by Capitol Broadcasting Company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
e-mail print friendly

23 Comments


WRAL.com welcomes your comments on this story. All comments are moderated prior to publication based on our posting guidelines. Please review them prior to posting and if your message is not approved.

View Comments VIEW ALL 23 COMMENTS

This story is closed for comments. Comments on WRAL.com news stories are accepted and moderated between the hours of 8 a.m. and 8 p.m. Monday through Friday.

Latest Comments
If anyone out there knows a good attorney let me know. Our file were passed on dispite hippa laws that were passed a few years back. I was told they were given permission by bla bla to do this. It is like me giving your son permission to drive the neighbors car! I feel a class action lawsuit is nin the making here.
St Ives
October 16, 2009 11:33 a.m.
I am also one of those women, got my letter on Oct 13th, and I AM furious. Nowhere did I sign a release form, and with all the other stuff that goes on in life, this is just one more headache to have to deal with that should have never happened due to someone else's negligence. I agree their servers are unsecure, and wonder why did they not apply appropriate security measures when running SSNs through a study.

I am certain we will see more breaches of information before it is taken seriously, and I too want to see the release form I signed.
LaLa-Land
October 15, 2009 12:09 p.m.
I too wonder why PII was attached to the data. I really don't have a problem with the mammogram information being used with or without my consent, but as someone else stated, there should have been a different identification process other than our personal information. I haven't received a leter, but I have gone to Wake Radiology every year since 2001.
Click to view my profile carolinarox
October 15, 2009 11:55 a.m.
Would someone please explain how they could legally give out not only medical info but personal info such as ss# without our signed consent

I called the contact number and also emailed the addy they provided this past monday and even though I was told they would investigate I have received no reply. I think an attorney may can answer that question and I am seriously thinking of calling one.
Ladyblue- the Phoenix
October 15, 2009 11:50 a.m.
Wow - the med school in greenville just had an occurrence where peoples information might possibly be leaked but they agreed to pay for credit monitoring for a year to make up for it.

So UNC gives away people's personal information without their knowledge and then refuses to do anything to make up for it....way to be the "flagship" university...hahahaha
findoutthefacts
October 15, 2009 11:25 a.m.
View Comments VIEW ALL 23 COMMENTS

Photo Spotlight

more photos
Report It

Multimedia

more
Click Here