BJC HealthCare reports employee email breach exposes PHI for 19 facilities: 5 details

St. Louis-based BJC HealthCare reported an employee email breach on May 5 that may have exposed patient information.

Five things to know:

1. The health system identified suspicious activity in three employee email accounts on March 6 and launched an investigation, which determined an unauthorized person gained access to the accounts for a limited period of time.

2. The investigation was unable to determine if the unauthorized person viewed any emails or information while having access to the employee email accounts.

3. BJC reviewed all emails and attachments to which the unidentified person had access and found that some of the emails may have included patient names, medical records and limited treatment and clinical information. Some emails also included patient insurance information and Social Security numbers.

4. The incident affected the following BJC hospitals and facilities:

Alton Memorial Hospital
Barnes-Jewish Hospital
Barnes-Jewish St. Peters Hospital
Barnes-Jewish West County Hospital
BJC Behavioral Health
BJC Corporate Health Services
BJC Home Care
BJC Medical Group
Boone Hospital Center
Christian Hospital
Memorial Hospital Belleville
Memorial Hospital East
Missouri Baptist Medical Center
Missouri Baptist Physician Services, LLC
Missouri Baptist Sullivan Hospital
Parkland Health Center Bonne Terre
Parkland Health Center Farmington
Progress West Hospital
St. Louis Children’s Hospital

5. The health system plans to send letters to patients whose information was potentially breached.

More articles on cybersecurity:
45% of hospitals support password sharing for caregivers to access patient health information
28 health system cyberattacks, data breaches so far in 2020
LabCorp faces shareholder lawsuit after 2 cyberattacks in 12 months: 5 details

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers