Lee County Emergency Medical Services notifies past customers of third-party security breach
Lee County Emergency Medical Services reports that on Aug. 4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services.
Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014. Intermedix hired a law firm called Smith, Gambrell & Russell (SGR); the firm was in possession of the data when the breach occurred.
Of all the records the firm handled, less than 2% of the total may have been compromised. At this time, there is no indication that any of the information was misused and the notice is being provided out of an abundance of caution, according to SGR.
The county immediately worked with Intermedix and SGR to assist their efforts to notify those who are potentially impacted, as required by federal law. Impacted individuals should receive a letter in the mail within the next 14 to 21 days.
The county is sharing this with media for transparency and to assist Lee County residents who may be receiving notification in the mail.
Lee County’s EMS website has been updated to include information about the types of protected health information involved, steps that individuals should take to protect themselves, a description of the SGR/Intermedix security breach and contact information for those with questions. The website URL is www.leegov.com/publicsafety/emergencymedicalservices. People can also call 800-939-4170.
Source: Lee County