ST. LOUIS — BJC HealthCare is warning patients that their information may have been exposed after it discovered someone gained unauthorized access to three employee email accounts.
The suspicious activity was noticed on March 6 and a leading computer forensic firm was hired to investigate. It determined the email accounts had been accessed for a limited amount of time on March 6.
The investigation was unable to determine if any emails or attachments had been viewed.
"Out of an abundance of caution, BJC reviewed all the emails and attachments contained in the accounts to identify patient information that may have been accessible to the unauthorized person," BJC Health Care said.
Information that may have been exposed includes patient names, dates of birth, medical record or patient account numbers, as well as limited treatment and/or clinical information, such as provider names, visit dates, medications, diagnoses and testing information.
Health insurance information and social security numbers may have been exposed in some cases.
Some of the patients seen at the following hospitals may be affected:
- Alton Memorial Hospital
- Memorial Hospital Belleville
- Barnes-Jewish Hospital
- Memorial Hospital East
- Barnes-Jewish St. Peters Hospital
- Missouri Baptist Medical Center
- Barnes-Jewish West County Hospital
- Missouri Baptist Physician Services, LLC
- BJC Behavioral Health
- Missouri Baptist Sullivan Hospital
- BJC Corporate Health Services
- Parkland Health Center Farmington
- BJC Home Care
- Parkland Health Center Boone Terre
- BJC Medical Group
- Progress West Hospital
- Boone Hospital Center
BJC is mailing letters to any patients who may have had their information exposed once it finishes reviewing the email accounts.
There is no evidence, so far, that any patient information has been misused, but BJC said it will offer complimentary credit monitoring and identity protection to anyone whose social security or driver's license numbers is identified in the email accounts.
"BJC is committed to protecting the confidentiality and security of our patients’ information and regrets this incident and any concern or inconvenience it causes for patients," the system said in a press release. "To help prevent something like this from happening in the future, BJC has reinforced education with its staff regarding how to identify and avoid suspicious emails and is making additional security enhancements to its email environment."
A toll-free call center has been established for anyone with questions about the incidents; call 866-423-7547, Monday through Friday, from 8 a.m.-6 p.m.
