Blog
EMS Cybersecurity Insights & Resources
AllHIPAAEMSePCRPHIRansomwareCADHipaa complianceIncident responseBAAEms securityEms cybersecurityFire departmentMdmMFANEMSISVendor riskAmbulanceBreach notificationCad securityChain of custodyCisoClinical continuityDe identificationFire station securityFoiaPayrollPhishingPublic recordsPublic safetyService accountsThird party riskZero trustZoll
Building an Incident Response Plan That Survives Contact With a Real EMS Cyber Incident
Generic IT incident response plans fail in EMS. Build a plan that accounts for clinical continuity, dispatch, NEMSIS, and the 2 a.m. runbook.
Incident responseClinical continuityNEMSISRansomwareEMS
Vendor Risk Management for Small EMS Agencies Without a CISO
How to manage vendor risk for a small EMS agency without a CISO. A lean 80-20 approach focusing on the vendors that handle PHI and keep the trucks running.
BAAVendor riskThird party riskCisoEMS
Don't Click That Link: Email Phishing Targeting EMS Agencies for Payroll and Patient Data
EMS agencies are prime targets for phishing attacks targeting payroll and patient data. Here is how to stop them.
RansomwarePayrollEMSCADePCR
CAD-to-ePCR Interfaces and the Quiet HIPAA Risk
The CAD-to-ePCR bridge is often the weakest HIPAA control in EMS. Here’s where the PHI risk actually lives and what a defensible design looks like.
Service accountsCADePCRHIPAAPHI