BJC Healthcare has disclosed that the PHI of 33,420 of its customers has been exposed to people for 8 months without sufficient authentication needed to see the Protected Health Information.
The BJC Healthcare Company is among the biggest not-for-profit health care companies situated in the United States of America. The healthcare business, based in St Louis, manages two nationally known hospitals in Missouri – St. Louis Children’s Hospital and Barnes-Jewish Hospital in combination with 13 other facilities. The health system hired over 31,000 employees, recorded more than 154,000 hospital entries and completed more than 175,000 home health visits per year.
BJC Healthcare carried out a safety scan on January 23, 2018, which disclosed that one of its computer networks had been constituted which allowed confidential information to be retrieved without satisfactory verification checks. Prompt action was taken to reconstitute and defend the computer network to avoid data from being gotten.
The examination revealed a fault had occurred while organizing the computer network on May 9, 2017, letting documents and duplicates of ID documents to be accessible. Confidential information containing insurance cards, Social Security details, and driver’s license details were revealed together with patients’ names, ages, contact telephone numbers, addresses, and cure-related information.
The imaged documents held on the computer network included information accumulated from patients cured from 2003 to 2009. People who joined BJC Healthcare services after 2009 were not affected by the breach.
The inquiry didn’t find proof to suggest any of the documents were retrieved by illegal persons, even though data access might not be precluded with a high level of confidence. For that reason, out of an abundance of care, all persons whose PHI was probably obtained have been provided identity thievery safety facilities free of charge for one year.
Because of the occurrence, BJC Healthcare has revised its processes and policies in relation to data storing, which have been reinvigorated to prevent any future happenings of this type.