BJC Healthcare data breach, 33,000 affected

March 16, 2018

BJC HealthCare said a data storage error potentially compromised 33,420 patient records when the information was accidentally made publicly available for nine months.

BJC, based in St. Louis, said in a statement that a misconfigured server was left without a security protocol in place making it possible for someone to view scanned documents containing patient’s driver’s licenses, insurance cards, and treatment-related documents from 2003 to 2009.

Other patient data that was possibly left visible included name, address, telephone number, date of birth, Social Security number, driver’s license number, insurance information, and treatment-related inform. The server itself was left unsecure from May 9, 2017 through Jan. 23, 2018.

The issue was discovered during an internal security audit.

“The BJC investigation did not reveal that any personal data was actually accessed. Since the potential for access existed, BJC out of an abundance of caution has offered affected patients complimentary identity theft protection. BJC has implemented additional information systems processes to prevent further errors of this nature in the future,” BJC said.

SC Media has the article

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...