The Charlotte Observer reports:
Atrium Health publicly apologized to patients and is notifying people who may have been impacted by an online data disclosure spanning 4 1/2 years before the pandemic, the healthcare giant announced Monday. Personal information may have been sent to third-party vendors such as Google, Facebook (now Meta) and similar media platforms via internet tracking technologies from January 2015 through July 2019, Atrium said.
Atrium website notice indicates that the breach involved online tracking technologies that were active on its MyAtriumHealth (formerly MyCarolinas) patient portal available through both the my.atriumhealth.org website and mobile application (the “Patient Portal”).
The type of information may have varied by patient and situation:
The following information may have been involved: IP address; third-party identifier/cookies (a unique string of numbers or characters); and, in some instances, if contained in a URL address visited by the user or button text clicked by the user, information about a patient’s treatment or provider. Additionally, if a user was prompted to fill out a form that included their first and last name, email address, phone number, city, state, ZIP code and gender, that information may also have been shared with these third-party vendors.
Read Atrium Health’s full website notice.