EMI Health
| Primary URL | Location | Industry | www[.]emihealth[.]com |
Country
United States of America
|
Financial Services
|
|---|
Profile
EMi Health operates as a health insurance provider headquartered in the United States, with a specific association with the state of Utah. The organization's core function is to offer health insurance products and services, managing coverage and claims for its members. While the provided context does not detail the full scope of its markets or the specific types of plans offered, its identification as a Utah health insurance provider indicates a primary operational focus within that state. The company serves a membership of individuals and likely employer groups, facilitating access to healthcare services and processing medical claims. Its business places it within the highly regulated health insurance sector, subject to both state and federal regulations governing member privacy, benefits, and claims processing.
A defining event in the organization's recent history is the cybersecurity incident discovered on July 29, 2021. During this breach, an unauthorized actor gained access to EMI Health's network, deployed malware, and exfiltrated documents containing sensitive member information. The compromised data included a broad array of personal and health details, such as names, Social Security numbers, driver's license numbers, addresses, dates of birth, health insurance identification numbers, and clinical information including diagnoses and treatment details. Notably, full financial account numbers were not affected. In response, EMI Health initiated a review to identify all impacted individuals and committed to issuing detailed breach notifications. The organization established a dedicated call center to address member inquiries and implemented enhanced claims scrutiny procedures to detect potential fraud resulting from the data exposure. Additionally, the company offered complimentary credit monitoring services to those whose sensitive identifiers were compromised, representing a standard but significant post-breach remediation effort for a health insurer handling such a volume of protected health information.