DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

BJC HealthCare Raising St. Louis Notifies Participants of Unencrypted Emails

Posted on March 10, 2017 by Dissent

As seen on their site:

BJC HealthCare has notified 644 current and former Raising St. Louis participants that identifying information was shared between participating program partners through unencrypted emails. This is outside of established protocols and BJC sincerely regrets this error. However, no information related to Social Security numbers or other financial information was included in the emails.

BJC Raising St. Louis staff discovered on January 9, 2017, that files containing enrollment and visit information for Raising St. Louis program participants were emailed between service providers in an unsecured manner between January 17, 2014, and January 9, 2017. Immediately upon discovery, the required protocol for emailing data in a secured manner was established. The enrollment information included the participant’s name, address, telephone number, date of birth, date of visit, nursing notes and information related to medication and vaccinations. The email did NOT contain medical information such as diagnosis, tests, results, treatment or hospitalization, or financial data.

BJC investigated the email transmission and has discovered no indication that anyone other than the intended and authorized recipients read or accessed the email. BJC has also taken steps to re-educate staff on the process for sending emails in a secure manner through encryption.

Encryption is a process that translates information into a format that cannot be easily understood by an unauthorized recipient. It is required to be used when transmitting protected/personal health information between providers.

Participants whose names were included on the list have been mailed a letter explaining what occurred and who to contact with any questions. Participant questions can be directed toll-free to 844.867.7277 or by mail to BJC HealthCare, 4901 Forest Park Avenue, Mailstop 90-75-571, St. Louis, MO, 63108.

BJC has complied with all U.S. Department of Health and Human Services Office for Civil Rights notification requirements, including individual patient letters, public news release and website posting.

Category: ExposureHealth DataU.S.

Post navigation

← Il: Student expelled for hacking professors’ emails
Denton Heart Group notifies patients stolen hard drive held 7 years’ worth of PII/PHI →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.