An FDNY employee may have compromised the personal information of over 10,000 people

Originally published at:


I hope whoever copied this data to a personal drive was fired! I would be fired if I did this on my job.

Also, why doesn’t FDNY disable copying files to external devices? These are also disabled by my employer. I’d have to try really hard to get fired under the don’t-copy-shit-to-personal-devices policy.

1 Like

contains personal information about the patient that may include name, address, gender, telephone number, date of birth, insurance information number as well as health information related to the reason for the ambulance call

So, HIPAA breach then?


This is at least a Tier 3 HIPPA violation. Also, I wonder if FDNY exceeded the maximum timeframe of 60 days for issuance of notifications following the discovery of the breach.


Same here. For a few years my work computer wouldn’t even read an external device without an admin pass.

I can now use external drives, but every file that is moved or copied from its location anywhere in the company is analyzed by some application looking for anything that looks like customer data and will stop the action.


This topic was automatically closed after 5 days. New replies are no longer allowed.