Healthcare Firm EmCare Says 60,000 Employees and Patients Exposed in Breach

Dallas, Texas-based firm EmCare Inc disclosed on Saturday that a number of employees' email accounts had been accessed, potentially exposing personal information of almost 60,000 people, including 31,000 patients. EmCare, part of Envision Healthcare, provides outsourced physician services to hospitals around the U.S. It has more than 700 practices at locations ranging from major hospitals and health systems to rural hospitals and ambulatory care centers. In an incident notice statement published on its website on Saturday, April 20, 2019, EmCare said that it had discovered on February 19 that a third-party had gained unauthorized access to certain employees' email accounts. It said that these accounts "contained some patients', employees' and contractors' personal information, including name, date of birth or age, and for some patients, clinical information. In addition, in some instances, Social Security and driverís license numbers were impacted." The statement does not say how many accounts were accessed, nor how many people's personal information was contained within them. It later told Bloomberg that it may be almost 60,000 people, and that 31,000 were patients. There is no indication of how the unauthorized access was achieved.