Documenting all the places
personal data goes.


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.

Registries are organizations that track and compile lists of people with particular medical conditions and who are part of donor registries. This includes government bodies that collect this information, non-profit registries and companies that may assist in the collection and sharing of this information. State law may require the collection of certain medical conditions to be tracked by a registry while anyone who signs up as a potential donor may need to provide some medical information such as blood type and disease history.


Maine Cancer Registry purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.


Electronic Registry Systems had a data breach in 2006, in Georgia. On Nov. 23, 2006, two computers (one desktop, one laptop) were stolen from Electronic registry Systems, a business contractor in suburban Springdale, oH, that provides cancer patient registry data processing services. it contained the personal information (name, date of birth, Social security number, address, medical record number, medical data and treatment information) of cancer patients from hospitals in Pennsylvania, Tennessee, Ohio and Georgia, dating back to 1977 at some hospitals. hospitals include Emory Hospital, Emory Crawford Long hospital, Grady Memorial Hospital, as well as Geisinger Health System (PA) and williamson Medical Center (TN). UPDATE(1/14/07): the number of affected patients was increased from 25,000 to over 63,000. (63000 records involved) [source].


(return to health DataMap)

Copyright © 2012-2016 President and Fellows Harvard University.