Press release from NORCOM, issued yesterday:
BELLEVUE, Wash.–The North East King County Regional Public Safety Communication Agency (NORCOM) has announced it is working with local and federal agencies to investigate the security breach of a server that stored records of an estimated 6,000 medical responses for Duvall Fire District 45, Skykomish Fire Department and Snoqualmie Pass Fire & Rescue (Fire District 51). The preliminary investigation reveals information in the potentially affected medical response records includes: names, addresses, dates of birth, nature of emergency call and initial medical condition. The breached files also contained personnel data for 231 full-time and volunteer firefighters who work or have worked for the three agencies. This data could include: driver license information, date of birth, social security number, emergency contact and limited medical information. NORCOM was notified of the data breach in late-December 2013. The hacked server is not connected to the 911 computer system. The server is no longer in service.
“Immediately when the breach was discovered, NORCOM took swift actions to identify and analyze the depth of the breach; we are working with the Bellevue Police Department and with the United States Secret Service’s Electronic Crimes Task Force on this investigation,” said Tom Orr, Executive Director of NORCOM. “We have begun notifying the people whose information was potentially compromised. Security and professionalism are paramount to NORCOM; we are implementing enhanced, significant security measures to prevent the potential for future compromise.”
NORCOM has designated an email and phone number for persons who are potentially affected by this breach: the informational hotline number is: 425.646.8011 and email is: [email protected].
Potentially affected persons can contact the three credit reporting agencies to place a fraud alert on their accounts. Contact information for credit bureaus: Experian 888.397.3742; Equifax 800.525.6285; TransUnion 800.680.7289.
About NORCOM
The North East King County Regional Public Safety Communication Agency (NORCOM) provides high quality emergency service communications to the public for emergency medical services, fire and police agencies. NORCOM is located in Bellevue, Washington. www.norcom.org
Update: Joseph Goedert of Health Data Management has some additional details on the incident, NORCOM’s security, and their plans for security enhancement. He also reports that HHS/OCR has been contacted, which answers one of the questions I had written to NORCOM to ask about – whether they were HIPAA-covered entities.