BJC HealthCare has notified nearly 2,400 patients that an unprotected email that included identifying patient information was sent to another medical provider. According to a statement from the St. Louis-based nonprofit health system, the unencrypted email contained patients' names, genders, dates of birth and Medicare beneficiary identification numbers. However, the email did not contain medical information such as test results, treatment, hospitalization or financial data. The email was sent to the intended recipient but lacked the "required" encryption, the health system said in a statement.