DALLAS (AP) – EmCare, a national physician recruitment firm, has revealed that a breach revealed personal data about 31,000 patients, including in some cases their social security number and clinical information.
EmCare Inc. said Saturday that an unauthorized third party had obtained access to information via employees' email accounts.
The company said it learned on February 19 that the offense had revealed the names, birthdates and social security numbers and driver's licenses of some patients, employees and contractors.
The company's representative, Aliese Polk, said that the email accounts of the violated employees contained personal information on fewer than 60,000 people, including approximately 31,000 patients.
The company, based in Plantation, Florida, said it was unclear whether personal information had been collected, and there was no indication that it had been used for fraud or identity theft.
EmCare said that he had started informing those concerned on Friday. He added that he was taking additional security measures to prevent another violation, including giving employees more training on email security.
The company announced that it had set up identity protection and credit monitoring services for patients and employees whose social security or license numbers were on display.
EmCare and its competitors, such as TeamHealth, provide staffing services to emergency rooms, billing and other services for hospitals.
A study from Yale University last year found that when EmCare was awarded a contract to run an emergency room, it often left the insurance networks and then presented patients with surprisingly high bills off the network. EmCare described the study as imperfect and dated.
This story has been corrected to show that the company is now based in Plantation, Florida.