The Bryan-based Texas' St. Joseph Health System (SJHS) recently announced that it experienced a security attack in which hackers gained unauthorized access to one server on its computer system during a two-day span in mid-December. The Eagle has reported that more than 405,000 patient and employee records were stored on the system server.
SJHS shut down access to the involved computer on December 18, hiring national security and computer forensics experts to thoroughly investigate the matter, its officials say. Its own investigation, which is ongoing, determined that this security attack may have resulted in unauthorized access to records for some SJHS patients, employees, and some employees’ beneficiaries. These records included names, social security numbers, dates of birth, and possibly addresses. For the affected patients, medical information was also accessible. For some of the affected employees, bank account information was also accessible.
On its website, SJHS says, “It is important to note that SJHS has received no reports that any of the personal information involved has been misused. We take this matter, and the security of our patients’, employees’, and employee beneficiaries’ personal information, very seriously. As a precaution, SJHS wants to assist individuals affected by this incident in protecting their identity, even though we are not aware of any misuse of the information, and we have been unable to determine whether any data was in fact taken.”
About the Author
Rajiv Leventhal
Managing Editor
Rajiv Leventhal is Managing Editor of Healthcare Innovation, covering healthcare IT leadership and strategy. Since 2012, he has been covering health IT developments for the publication's CIO and CMIO-based audience, and has taken keen interest in areas such as policy and payment, patient engagement, health information exchange, mobile health, healthcare data security, and telemedicine.
He can be followed on Twitter @RajivLeventhal