Blog
EMS Cybersecurity Insights & Resources
AllHIPAAEMSePCREms cybersecurityHipaa compliancePHIIncident responseRansomwareEms securityBAAChain of custodyFire departmentMdmMFAPublic safetyAch fraud preventionAmbulanceBreach notificationBusiness email compromiseCADCad securityDe identificationDual approval workflowEms billing securityEpcr data securityFire station securityFoiaHipaa breachMutual aidNEMSISNist 800 88Phi sharingPhishingPublic recordsTabletop exerciseVendor riskZero trustZoll
Tabletop Exercises That Don't Waste a Chief's Afternoon
Four EMS-relevant tabletop scenarios, the injection format that produces a decision list, and the after-action template that gets used instead of filed.
Tabletop exerciseEms cybersecurityIncident responseRansomwarePublic safety
Mutual Aid and the Data-Sharing Agreement You Don't Have
When units cross jurisdictional lines on a mutual aid call, patient data crosses too. Most agencies lack DUAs and unified IR plans across multiple MSPs.
Ems cybersecurityIncident responseMutual aidBaa vs duaPhi sharing
BEC Against EMS Billing: The ACH Form That Costs Six Figures
EMS agencies lose six figures to BEC attacks on billing staff. Here is how the ACH change form scam works and the dual-approval workflow that stops it.
Ems cybersecurityOut of band verificationAch fraud preventionBusiness email compromiseEms billing security
Retiring MDTs: NIST 800-88, True Wipes vs. Factory Reset, and HIPAA Audit Proof
How NIST 800-88 applies to retiring EMS tablets, why factory resets leave PHI exposed, and the documentation needed for a HIPAA audit.
Epcr data securityChain of custodyEms cybersecurityNist 800 88Ssd sanitization