North Kansas City Hospital reports third party data breach

Personal data of patients at North Kansas City Hospital may have been compromised due to a breach in the system of Perry Johnson & Associates, Inc. (PJ&A), an external transcription service provider.

The breach, which occurred between March and May, was reported to the hospital by PJ&A in July. Exposed data includes:

• patient names,
• birth dates,
• genders,
• phone numbers,
• addresses,
• health insurance details,
• clinical information

North Kansas City Hospital did not disclose the number of affected individuals.

Following the discovery, North Kansas City Hospital, along with its subsidiary Meritas Health Corp., ceased using PJ&A's services and undertook an investigation with PJ&A until November 7, revealing limited information from Clay County Public Health Center was also affected.

Although the hospital's and Meritas Health's security systems were not directly breached, they have since enhanced their data privacy and security measures.

The hospital is notifying potentially impacted individuals and has advised them to monitor their accounts for signs of identity theft and fraud, and to contact major credit reporting agencies for fraud alerts and credit freezes.