ACC breach affects 1,400 provider groups
The American College of Cardiology (ACC) has notified 1,400 institutions that some of their patient data may have been compromised after inadvertently being made available to a third-party vendor.
The organization redesigned the software for its national data registry and one table of patient data was copied into the software test environment sometime between 2009 and 2010. The incident was discovered in December, according to multiple reports.
Thousands of hospitals participate in the registry, providing data on patients and procedures to measure cardiovascular care. The ACC contacted all hospitals whose patient data may have been accessed and provided them with documentation of the organization's investigation into the incident.
One of the affected providers is Pensacola, Fla.-based Sacred Heart Health System. The ACC provided the health system with the names, birth dates, Social Security numbers and internal patient identification numbers of 532 patients who may have been compromised.
Sacred Heart posted a notificaiton on its website about the incident and had more patients involved than other affected providers. The ACC cannot share the names of other affected organizations due to confidentiality agreements, but the average number of patients involved per institution was fewer than 70.
Editor
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.