Touchstone Medical Imaging to Pay $3 Million to Settle HIPAA Data Breach

    Mikaela Berst

    On May 6, 2019, Touchstone Medical Imaging agreed to pay $3 million to the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to settle a data breach that exposed the protected health information (PHI) of over 300,000 patients, and potentially violated the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification Rule.

    The OCR investigation began in May 2014, after Touchstone was notified by the FBI and OCR that one of its FTP servers was breached and permitted search engines to index and display sensitive patient data on the Internet.

    Read more at the HHS

    Need an expert?

    DisputeSoft provides expert consulting and testimony to assist counsel in cost-effectively resolving software failure, intellectual property, and computer forensics disputes.