Blog

EMS Cybersecurity Insights & Resources

All 45 cfr 164 308 Access control Ach fraud prevention Ambulance Authentication BAA Bec healthcare Bed status Biometrics Body camera Business email compromise Cad logs Certificate based authentication Chain of custody Ciso Clinical continuity Compliance Cradlepoint Cve 2026 41940 Cyber insurance De identification Dispatch center security Dual approval workflow Ed notification EMS Ems billing security Ems cybersecurity Ems data Ems security ePCR Epcr data security Epcr offboarding Epcr security Ephi Eso Fire department Firstnet Fleet automation Foia HIPAA Hipaa compliance Hipaa compliant messaging ems Hipaa risk analysis Hospital Hosting Imagetrend Incident response Incident response panel Incident response plans Insider threat Knox box Mdm Mdt sanitization MFA Mfa warranty Micro segmentation Mobile messaging policy fire department NEMSIS Nemsis v3 Network security Nist 800 88 Ocr review Ocr sms guidance Operational chatter phi Operational security Passive reconnaissance Personal devices PHI Phi exposure Pre plan security Psap Public records Public safety Ransomware Ransomware sublimit Re identification risk Revenue cycle management security Runbook Safe harbor Scene photos Shared passwords Sierra wireless Sms hipaa violation Social engineering Social media Third party risk Training videos Vendor risk Verification protocols Vishing Volunteer fire department Web security Wpa2 enterprise Yubikey Zero touch provisioning Zero trust Zoll

Retiring MDTs: NIST 800-88, True Wipes vs. Factory Reset, and HIPAA Audit Proof

How NIST 800-88 applies to retiring EMS tablets, why factory resets leave PHI exposed, and the documentation needed for a HIPAA audit.

Mdt sanitizationNist 800 88Hipaa complianceEpcr data securityChain of custodyEms cybersecurity

May 22, 2026

NEMSIS Data Submission and PHI Exposure — What Your Vendor Sends and Why You Should Verify It

Your ePCR vendor transmits full PHI through the NEMSIS V3 pipeline. The narrative field is an unguarded re-identification risk most agencies never audit. Here is how to validate the payload.

Nemsis v3Phi exposureEpcr securityEms dataHipaa complianceRe identification risk

May 19, 2026