Blog

EMS Cybersecurity Insights & Resources

All HIPAA EMS ePCR Hipaa compliance PHI Ems security Ransomware Ems cybersecurity Fire department Incident response MFA BAA Chain of custody De identification Foia Mdm Public records Public safety Zoll Access control Ach fraud prevention Ambulance Bec healthcare Breach notification Business email compromise CAD Cad logs Cad security Cyber insurance Dispatch center security Dual approval workflow Ems billing security Ems data Epcr data security Epcr offboarding Epcr security Eso Fire station security Hipaa compliant messaging ems Imagetrend Incident response panel Incident response plans Insider threat Knox box Mdt sanitization Mfa warranty Mobile messaging policy fire department NEMSIS NEMSIS Nist 800 88 Ocr sms guidance Operational chatter phi Operational security Passive reconnaissance Personal devices Phi exposure Phishing Pre plan security Psap Ransomware sublimit Re identification risk Revenue cycle management security Scene photos Sms hipaa violation Social engineering Social media Vendor risk Verification protocols Vishing Volunteer fire department Zero trust

Crew Phones and Social Media at the Scene: A HIPAA Framework Built for Reality

A practical HIPAA framework for EMS agencies managing crew phone photos, social media posts, and scene documentation on personal devices. No blanket bans, just real workflows.

HIPAAEMSPersonal devicesScene photosSocial media

May 28, 2026

Public Records Security: What To Never Release

A public safety security review: what records adversaries request, the statutory exemptions, and a review process every agency needs.

Public recordsFoiaCad logsOperational securityPassive reconnaissance

May 27, 2026

Cyber Insurance for Small EMS and Volunteer Fire Services — The Clauses That Matter

What the policy clauses, MFA warranties, ransomware sublimits, and IR panel restrictions actually mean for small EMS and volunteer fire departments.

Cyber insuranceMfa warrantyRansomware sublimitIncident response panelEms security

May 26, 2026

The Offboarding Gap That Leaves ePCR Access Open for Days

The gap between HR termination and ePCR access revocation in EMS agencies. How ImageTrend, ESO, and Zoll sessions stay alive and the same-day checklist that kills them.

Epcr offboardingImagetrendEsoZollHIPAA

May 25, 2026

BEC Against EMS Billing: The ACH Form That Costs Six Figures

EMS agencies lose six figures to BEC attacks on billing staff. Here is how the ACH change form scam works and the dual-approval workflow that stops it.

Business email compromiseEms billing securityAch fraud preventionDual approval workflowRevenue cycle management security

May 24, 2026

Social Engineering the Dispatch Center: Attack Scenarios and Verification Protocols

Three realistic social engineering attacks targeting public safety dispatch centers and the verification protocols that stop them.

Dispatch center securitySocial engineeringVishingPsapPublic safety

May 23, 2026

Retiring MDTs: NIST 800-88, True Wipes vs. Factory Reset, and HIPAA Audit Proof

How NIST 800-88 applies to retiring EMS tablets, why factory resets leave PHI exposed, and the documentation needed for a HIPAA audit.

Mdt sanitizationNist 800 88Hipaa complianceEpcr data securityChain of custody

May 22, 2026

Pre-Plan Security: The PHI-Adjacent Data Most Fire Departments Leave Unlocked

Alarm codes, Knox box combinations, occupant medical conditions, and hazmat locations live in your pre-plan system with weaker access controls than your ePCR. Here is the fix.

Pre plan securityKnox boxPHIFire departmentAccess control

May 21, 2026

The Texting Problem: When SMS Between Crews Becomes a HIPAA Issue

When does SMS between EMS crews cross from operational chatter into a HIPAA violation? Direct guidance on OCR rules, secure messaging policy, and what a defensible mobile policy looks like.

Sms hipaa violationHipaa compliant messaging emsMobile messaging policy fire departmentOcr sms guidanceOperational chatter phi

May 20, 2026

NEMSIS Data Submission and PHI Exposure — What Your Vendor Sends and Why You Should Verify It

Your ePCR vendor transmits full PHI through the NEMSIS V3 pipeline. The narrative field is an unguarded re-identification risk most agencies never audit. Here is how to validate the payload.

NEMSISPhi exposureEpcr securityEms dataHipaa compliance

May 19, 2026