Skip to main content
Over a doctor’s shoulder we see a spreadsheet of medical data on a vulnerable hospital computer.

North Kansas City Hospital Data Breach | PJ&A Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The Lyon Firm is investigating data breach reports involving North Kansas City Hospital and its subsidiary, Meritas Health Corporation. The companies recently announced that they were affected by the Perry, Johnson, and Associates (PJ&A) data breach. Contact our data breach lawyers to learn more about filing a class action claim.

What Happened at Kansas City Hospital?

On July 21, 2023, Perry Johnson & Associates, Inc. (PJ&A), a third-party medical transcription vendor used by North Kansas City Hospital (NKCH) and its subsidiary Meritas Health Corporation, discovered a potential data security incident involving an unauthorized actor gaining access to company systems and certain personal data.

PJ&A reported the data breach to the HHS’ Office for Civil Rights as affecting 8,952,212 individuals. North Kansas City reported the incident as well, adding to the total number of people impacted. The hospital stated that the protected health information of 502,438 individuals was compromised between March 27, 2023, and May 2, 2023.

During their investigation, North Kansas City Hospital also identified compromised data belonging to the Clay County Public Health Center, which may have included the following: name, date of birth, gender, phone number and address; health insurance information; and some clinical information.

After learning of a data breach that may impact your information, it is important to take appropriate steps to mitigate the risk of medical identity theft and fraud. With the rise in cyberattacks targeting healthcare institutions, millions of individuals have found themselves more vulnerable than ever before. To consider legal action, contact our data breach lawyers. You can file a claim or join an existing class of plaintiffs.

Our legal team is currently involved in numerous data theft cases and represents plaintiffs nationwide in a wide range of data privacy matters. We believe very strongly that any company that collects and stores your personal data has a duty to protect it with secure networks. Should the company fail to protect data due to security negligence, they may be liable for damages.