The Daily Tar Heel
Printing news. Raising hell. Since 1893.
Thursday, March 28, 2024 Newsletters Latest print issue

We keep you informed.

Help us keep going. Donate Today.
The Daily Tar Heel

Keep them abreast: Cyber breach on study exposes need for noti?cation

The Carolina Mammography Registry is a wonderful tool for cancer research. But those overseeing the registry need to adjust their approach to include notification of those people whose data is being used.

Federal law allows for certain types of research to be done without patient consent. The registry is exempt from consent because it requires such a large population to be effective.

But recently, the medical school server containing some of the registry’s data was hacked, and the medical records of about 180,000 women were exposed.

The medical school responded to this breach. But because the registry had a consent waiver, many women didn’t even know that their information was in the registry.

That should change. Even if their consent isn’t required, women getting mammograms should know their medical records might be used for research.

Since 1994, information about women who have received mammograms from around North Carolina has been collected for the registry. That information has been used by researchers to improve how mammograms are done.

The consent wavier is vital to the success of the registry. Karen McCall, vice president for public affairs and marketing at the medical school, said the registry involves the records of hundreds of thousands of women, making consent extremely difficult.

Furthermore, McCall said, requiring consent for medical research doesn’t yield a representative population for research.

But that doesn’t mean that patients shouldn’t know their information is being used for research. Many people simply assume that their medical records are never used without their consent.

There are many research programs at the University that operate without the consent of participants. But the registry is the only one — that we know of — that’s had a recent security breach.

The medical school has taken precautions to protect against future breaches.

Regardless, the public’s trust in the registry’s security has been shaken.

And it would show that the school is going the extra length to maintain trust in this valuable and much-needed research program.

To get the day's news and headlines in your inbox each morning, sign up for our email newsletters.