BJC Healthcare says identifying documents of more than 33,000 patients was accessible on the internet without the correct security controls for more than seven months.
The health care provider says it discovered what happened during an internal security scan. Scanned documents on the server include copies of patient driver’s licenses, insurance cards and treatment-related documents. The documents are from patient visits between 2003-2009.
BJC says no personal data was accessed, but the potential for access existed. Affected patients were notified out of an abundance of caution and offered complimentary identity theft protection, the health care provider says.
Copyright 2018 KMOV (Meredith Corporation). All rights reserved.