Chapel Hill, N.C. — UNC Health Care said Monday it has begun notifying patients of a potential breach where personal data provided by prenatal patients at two obstetric clinics were mistakenly transmitted to local county health departments.
The breach affects up to 1,300 patients who are believed to have completed Pregnancy Home Risk Screening Forms at their prenatal appointments at the Women’s Clinic at the North Carolina Women’s Hospital and UNC Maternal-Fetal Medicine at Rex Hospital between April 2014 and last month, officials said.
The forms are used to collect personal information from Medicaid-eligible prenatal patients and were shared with patients’ local health departments to connect them with support services. But a review of the practices of the two clinics found that forms completed by women who weren’t eligible for Medicaid may have mistakenly been sent to county health departments as well, officials said.
The forms may have included Social Security numbers and details about physical and mental health history, including HIV status and any sexually transmitted diseases, officials said.
UNC Health Care is working with all county health departments involved to request that electronic information on women not covered by Medicaid be purged from their computer systems and that any paper forms in their possession be sent back to the UNC clinics, officials said.
The health system also set up a call center dedicated to this issue for patients who have questions or would like to discuss the matter. The toll-free number is 1-800-596-8362, and personnel are able to speak with patients from 8 a.m. to 5 p.m. weekdays.
Officials said they don’t believe the data breach poses any financial threat to the patients, but UNC Health Care has offered free fraud resolution services for any patient who suffers from identity theft as a result of this incident.