Patient data at risk following missing unencrypted CD

Share this article:

Jersey City Medical Center (JCMC) patients are being notified that their information may have been compromised after an unencrypted CD went missing after being mailed.

How many victims? The number of patients affected is undisclosed.

What type of personal information? Names, Social Security numbers and birth dates.

What happened? An unencrypted CD containing patient information went missing after it was mailed by the JCMC via United Parcel Service to a company that intended to review payments to hospitals in the state.

What was the response? JCMC sent letters to those impacted by the breach and has offered them one year of free identity theft monitoring.

Details: The package was mailed on June 13, 2014 and was to be delivered on June 16. According to the letter sent to patients affected by the incident, JCMC “learned on or about that date” that the scheduled package had not arrived. By July 22, 2014, JCMC received a letter from the United Parcel Service notifying it that the package could not be found. The information contained on the CD is related to the NJ Medicaid program. .

Quote: “The Medical Center sincerely regrets this unfortunate incident because we consider the security of patient information to be of the utmost importance,” Shani Newell, privacy officer at the Jersey City Medical Center, said in the notification letter.

Source:, “Jersey City Medical Center Letter to Patients” August 2014.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters



More in The Data Breach Blog

Transcript website flaw exposed personal data on 98k users expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.