Unencrypted email and data breach

March 24th, 2016 by admin Leave a reply »

BJC Healthcare Accountable Care Organization (BCJ ACO) in the St. Louis area recently announced data breach when an unencrypted email was sent to a participating medical practice in the BCJ ACO.It mentioned that 2,393 patients were possibly affected by the data security breach.

As per the statement, an email was sent containing patient information without the necessary security encryption. Affected information includes patient names, gender, dates of birth, and Medicare beneficiary identification numbers.  Medical information was not sent via email.

“BJC ACO investigated the email transmission and has discovered no indication that anyone other than the intended and authorized recipient at the medical practice read or accessed the email. BJC ACO has taken steps to re-educate staff on the process for sending emails in a secure manner”, the statement confirmed.

According to the statement: BJC ACO has complied with all U.S. Department of Health and Human Services Office for Civil Rights notification requirements, including individual patient letters, public news release and website posting.

About BJC ACO

BJC HealthCare was the first provider in the St. Louis area and one of 89 U.S. health care providers selected in 2012 as an Accountable Care Organization by the Centers for Medicare and Medicaid Services. CMS established ACOs that year to encourage groups of doctors, hospitals and other providers to coordinate health care services for Medicare patients and share in savings obtained through high-quality, well-coordinated care. BJC ACO currently coordinates care for approximately 40,000 patients in the BJC service area of metropolitan St. Louis, southern Illinois and mid-Missouri.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Leave a Reply