Diane here, COO and the least technical member of our group! I’ll occasionally take control of our blog to give y’all a break from hearing from Kyle. My posts will focus more on things happening in mainstream media or whatever I find interesting, relevant, or scandalous. Enjoy! 🖤
Heartbeat International, according to their website, is the first and largest network of “pro-life pregnancy resource centers” with a reported 3,600 affiliated centers in over 90 countries. Crisis pregnancy centers (CPCs), like Heartbeat International affiliates, claim to be an alternative to Planned Parenthood and other reproductive health centers.
In an exclusive, Jessica Valenti reports receiving video evidence that Heartbeat International improperly safeguarded client data. Valenti reports one video was a recording of a demo for their CRM (customer relationship management software) where “viewers are shown the full names of thirteen women who visited the Unexpected Pregnancy Center in New Iberia, Louisiana, along with information about their due date, last menstrual period, and whether they were given an ultrasound or pregnancy test”. The video goes on to even show a map which highlights where each of these women live.
These videos are part of Heartbeat International’s online training program, Heartbeat Academy, and is part of training for their affiliate employees and volunteers. According a to recent report, Heartbeat Academy, has over ten thousand active participants…so over 10,000 people had access to these women’s personally identifiable information. As if this situation couldn’t get any cringier, at one point this video was available via a simple Google search. The links are now password protected, but as Valenti suggests, we have no idea how long that information was publicly accessible.
It’s important to know CPCs offer free services and therefore are not beholden to HIPAA (the Health Insurance Portability and Accountability Act), which mandates medical entities protect personally identifiable information (PII) from fraud and theft. So CPCs aren’t required to follow the same laws as your doctor’s office.
I feel for these women and anyone else who has had their privacy violated by Heartbeat International. This is a clear violation of privacy and the fall out of this breach of security could have very real life ramifications.
To learn more about this situation, check out the links below:
- https://jessica.substack.com/p/exclusive-health-data-breach-at-americas
- https://www.nbcnews.com/health/health-news/watchdog-group-asks-5-attorneys-general-investigate-crisis-pregnancy-c-rcna148188
- https://campaignforaccountability.org/cfa-statement-on-heartbeat-international-health-data-leak/
Real talk – I’ve been sitting on the idea to write this post for a few weeks now, but finally sat down to do the work on the two-year anniversary of the overturning of Roe v. Wade. I have lots of thoughts and opinions about the overturning of Roe v. Wade and the existence of crisis pregnancy centers (if you want to talk more about this send me a message on LinkedIn) and, to be honest, learning about this lapse in security didn’t help to shift those thoughts and opinions.
As citizens in an increasing digital world, it’s so important to be aware and educated about what data entities are collecting about us – whether it’s an online service or a brick and mortar establishment. Your data will eventually end up on a database somewhere and will need to be protected from hacks, leaks, and carelessness. Here at AbsolutelyNothing, our goal is help inform and advocate on behalf of YOU so you can be in control of your data. If you like what we are doing and want to show the love, click the “buy us a coffee” button. These donations go directly to helping to build the future of AbsolutelyNothing, and small monthly
Until next time,
Diane