You may also like ACC Now | WakeEd | Mouthful | Techn&ology
News
Web Search powered by YAHOO!
Campus Notes
Campus Notes is your one-stop shop for news and notes related to Triangle universities and community colleges. We'll cover it all here, from policy discussions to the silly things those crazy college kids are doing. Got an idea? Request? Criticism? Let us know. eric.ferreri@newsobserver.com.
Why the mammography study needs your personal info
Submitted by eferreri on 10/14/2009 - 15:13
I've heard from a lot of readers concerned about their personal data being compromised when a UNC Chapel Hill computer server was hacked.
These women, whose mammograms and related personal information were submitted by radiologists to a UNC-CH medical school study, have been asking one question more than any other lately: Why does UNC need social security numbers, dates of birth and other personal information for a medical study?
Karen McCall, a spokeswoman for UNC Health Care, explained today that the study tracks the mammograms of individual patients over time. So, if you have a mammogram each year and it is submitted to the study, someone will analyze it and look for patterns or suggestions that cancer either has developed or could in the future.
Thus, the personal data is necessary because they're examining specific cases, not just using data in aggregate.
"They're tracking people," McCall said. "They're trying to find out if they get cancer. Years ago, they used Social Security numbers. That's how we identified people. The radiologist is responsible for tracking the person for a long time. They give this responsibility to the registry, and the registry reports back to them. So they have to know who the people are."
The university ceased using Social Security numbers as identifiers in 2007, she said.
McCall explained further that this data was stored on two computer servers. One was secure, with all the data "coded," and scrubbed of personal information. But before that happened, it was stored on what she called a "transition" server.
That's the server that got hacked.
Want to post a comment?
In order to join the conversation, you must be a member of newsobserver.com. To register or to log in using your existing account, click here.Advertisements
Comments
McCall's explanation
Wed, 10/14/2009 - 15:41 — acts36Sorry! I don't buy that explanation. If you really wanted to track the data, you needed to find another way of converting the social security number to some insignificant id code.
As for the transition server, it shouldn't have been stored there if my personal information was on it...which it was! There is no excuse for jeapordizing a person's social security number, insurance information, address, phone number, etc. when the person is completely unaware that he or she is in your population based study! I am not buying it, sorry.
I would also like McCall to explain why UNC is not taking responsibility for its mistake and offering monthly fraud monitoring to the victims. This was the case with past errors by Bank of America, etc.