By Marjorie Nesin
---- — Editor’s Note: The name of the billing company in this story has caused some confusion with other companies that have similar names. The company involved in the Gloucester ambulance billings is Fliorida-based Advanced Data Processing Inc., also known as ADPI.
Any Gloucester residents transported in a Fire Department ambulance over the past six months may have had their Social Security number and other personal compromised, thanks to a security breach on the part of the city ambulance’s billing company.
Any residents who were transported over the time frame have been mailed letters notifying them of the incident, and urging residents to alert the credit bureau. Gloucester police said Wednesday that some recipients of the letter have called to ask whether the letter itself is part of a scam. It’s not; it’s legitimate, police are assuring residents.
According to Florida-based Advanced Data Processing, Inc. — or ADPI — the city ambulance’s outside billing company, one of its employees had illegally obtained patient account information, including names, birth dates and Social Security numbers. No medical information, however, was accessed or disclosed, according to ADPI. The company is not related either to a Peabody-based firm Automatic Data Processing, which uses the same initials, or New Jersey-based ADP, which is the world’s largest payroll processing firm.
The ADPI employee had been using the ambulance users’ information in a “scheme” to file false tax returns, according to the Florida company. The employee has since been fired and faces criminal punishment, according to the company.
”The employee has been apprehended by authorities, was immediately terminated by the company and no longer has access to our system,” ADPI wrote in a letter to those whose information may have been compromised.
Gloucester General Counsel Suzanne Egan said Wednesday that the city’s ambulance service – run through the Fire Department — will continue its billing contract with the company, given that it has taken steps steps to prevent a similar incident in the future.
”I have been talking to the general counsel of (ADPI) and they’ve assured me that they’ve put in place the proper internal controls and that this will not be happening again,” Egan said.
In its letter to potential victims, ADPI recommends that those who were transported and billed should place fraud alerts or security freezes on their credit reports by contacting one of the three major national credit bureaus. ADPI also suggests checking credit reports regularly and contacting the local IRS Service Center if recipients suspect tax filings have been submitted fraudulently in their names.
In a prepared statement issued a week ago today, ADP said that, as a result of the breach the company is reiterating its “rigorous compliance program” which includes new employee and annual employee training, background checks on new hires and additional privacy and security measures surrounding medical information security.
”As a result of this incident, the company is reinforcing to employees the importance of the security and confidentiality of sensitive personal data,” ADP wrote.
Marjorie Nesin can be reached at 978-283-7000, x3451, or at firstname.lastname@example.org.