Data breach at UNC

March 31st, 2017 by admin Leave a reply »

University of North Carolina Health Care recently suffered data breach. It is notifying patients of a potential data breach at two UNC Health Care obstetric clinics. The incident involved PHI of 1,300 prenatal patients. The data was transmitted to local county health departments inadvertently.

Data breach involved patients who completed Pregnancy Home Risk Screening Forms at their clinical visits between April 2014 and February 2017 at the Women’s Clinic at N.C. Women’s Hospital and UNC Maternal-Fetal Medicine at Rex.

“If you completed a Pregnancy Home Risk Screening Form, it may have included information about you, such as demographic information (like your name and address), your race and ethnicity, your Social Security number, information about your physical and mental health, sexually transmitted diseases, your HIV status, smoking, drug and alcohol use, and medical diagnosis information related to your pregnancy and any prior pregnancies,” UNC Health Care said in the notification letter.

UNC Health Care after the incident set up a call center. It has also changed/modified its process for submitting patient pregnancy forms. The new provision will ensure eligible patients forms for Medicaid are sent to county health departments. Staff is trained to handle new procedure.

UNC has also asked all county health departments to delete the electronic health information on non-Medicaid patients from their systems.

As per the statement:

“UNC Health Care is committed to providing its patients with superior health care services and takes very seriously its obligation to protect the privacy of patients’ medical information. While UNC Health Care does not believe that any of the patients will be at financial risk as a result of the release any of this information to county health departments, UNC Health Care included in the letters a number of options available to patients for monitoring and reviewing their credit reports and has offered fraud resolution services for any patient who suffers from identity theft as a result of this incident, free of charge.”

___________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

Leave a Reply