The Emergency Medical Services Authority (EMSA) has recently disclosed a cybersecurity incident that has impacted the privacy and security of patient information. On February 13, 2024, EMSA officials detected suspicious activity within their IT network, prompting immediate action to mitigate potential damage.
"The Emergency Medical Services Authority is committed to protecting the confidentiality and security of our patients’ information," said the EMSA spokesperson, emphasizing the organization’s dedication to patient security. Following the identification of the suspicious activity, EMSA invoked its incident response protocols, which included disabling certain systems as a precautionary measure.
"The Emergency Medical Services Authority is committed to protecting the confidentiality and security of our patients’ information,"
In coordination with a third-party forensic firm, EMSA initiated an investigation into the breach and notified law enforcement. The investigation elucidated that an unauthorized entity had gained access to their network between February 10 and February 13, 2024. "This investigation has confirmed that certain files containing personal information about EMSA patients were acquired by this unauthorized party," the spokesperson said.
"This investigation has confirmed that certain files containing personal information about EMSA patients were acquired by this unauthorized party,"
By the Numbers
The type of information potentially compromised included patients' names, addresses, dates of birth, dates of service, and in some cases, primary care provider names and Social Security numbers. As a precautionary measure, EMSA is sending out notification letters to those patients whose information was believed to be involved, provided that sufficient contact information is available.
In addition, EMSA has set up a dedicated, toll-free call center for patients with inquiries about the incident. "If you have questions, please call (866) 495-7098, available Monday through Friday, from 8:00 a.m. to 5:30 p.m. Central Time," the organization stated.
By the Numbers
To further mitigate risks, EMSA is offering those whose Social Security numbers were compromised complimentary credit monitoring and identity protection services. The organization also urges patients to remain vigilant about their communications and billing statements from healthcare providers. "It is always a good idea to carefully review the communications they receive from their healthcare providers," advised EMSA. "If patients see charges for services they did not receive, they should contact the issuing provider immediately."
"It is always a good idea to carefully review the communications they receive from their healthcare providers,"
Looking Ahead
Looking ahead, EMSA is committed to implementing additional safeguards to enhance the protection and monitoring of its systems. According to the spokesperson, "We have implemented, and will continue to adopt, additional safeguards to further protect and monitor our systems."
EMSA's proactive approach aims to reassure its patients and facilitate their trust in the organization, despite the unsettling nature of this incident. The organization recognizes the importance of transparency and is dedicated to protecting the information of all individuals under its care.