NorthStar Emergency Medical Services in Alabama is notifying 82,450 patients of an incident last year that involved protected health information.
According to a notification letter and press release by NorthStar, on September 16, 2022, NorthStar detected abnormal activity in their network. Investigation subsequently revealed that an unauthorized actor had accessed files containing protected health information. The types of information in the files included names, Social Security numbers, dates of birth, patient ID number, treatment information, Medicare/Medicaid number, and/or health insurance information.
Letters were sent to those affected on March 14, offering them 12 months of complimentary credit monitoring.
The incident does not yet appear on HHS’s public breach tool, but will eventually appear as NorthStar EMS is a HIPAA-covered entity. The number of patients affected noted above is the number reported to the Maine Attorney General’s Office as the total number of individuals affected.