Wake Radiology, a multisite radiology group in central North Carolina that performs more than 650,000 procedures annually, has decided it will no longer participate in studies that require personal patient information after the University of North Carolina (UNC) revealed that hackers breached the security of a mammography database.
Wake Radiology, along with 35 other N.C.-based radiology groups, was a participant in the UNC/National Institutes of Health study known as the Carolina Mammography Registry (CMR). The study has been collecting information from radiology groups for the past 12 years without any known incidents.
The radiology group said it recently learned that a file containing sensitive patient data was stored unencrypted on a UNC server, which had been hacked over two years ago. This, according to UNC officials, resulted in the exposure of personal patient data.
Noting its “extreme concern about this occurrence," Wake Radiology said that every file it sent to CMR was encrypted and password protected to protect patient privacy. The group added that it was awaiting information on the investigation that is being conducted by UNC officials.
Wake Radiology informed its patients that “involvement in future studies will be limited to anonymous, unidentified data.”