Charlotte, N.C.-based Atrium Health has apologized to users of its patient portal for potentially transmitting their data to Big Tech companies.
Here are five things to know, according to a Dec. 2 notice from Atrium Health:
1. From January 2015 through July 2019, the MyAtriumHealth and MyCarolinas patient portals, both on the web and mobile apps, contained tracking technologies that may have transmitted data to third-party vendors such as Google and Facebook (Atrium Health was known as Carolinas HealthCare prior to February 2018).
2. After so-called "pixel" technology used by hospitals and health systems came under fire in 2022, Atrium Health checked and found its patient portal at the time did not transmit data. But a new review found the technology was active from January 2015 before being disabled in July 2019.
3. "We apologize for any concern or inconvenience this may have caused and remain committed to protecting the confidentiality and security of our patients' information," the health system said in a statement. "We have and will continue to enhance our security controls, as appropriate, to minimize the risk of similar situations in the future."
4. Depending on the patients' web browsers, "cookie" settings and social media accounts, the transmitted data may have included names, email addresses, phone numbers, addresses, healthcare providers, medical treatments, IP addresses, and third-party identifiers/cookies. Atrium Health said it has no evidence any of the information was misused.
5. During the time period in question, the patient portal was available to Atrium Health patients in Mecklenburg County, N.C., and surrounding counties in North and South Carolina but not affiliates Winston-Salem, N.C.-based Atrium Health Wake Forest Baptist, Macon, Ga.-based Atrium Health Navicent and Rome, Ga.-based Atrium Health Floyd.