Touchstone Medical Imaging to Pay $3 Million to Settle HIPAA Data Breach

    On May 6, 2019, Touchstone Medical Imaging agreed to pay $3 million to the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to settle a data breach that exposed the protected health information (PHI) of over 300,000 patients, and potentially violated the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification Rule.

    The OCR investigation began in May 2014, after Touchstone was notified by the FBI and OCR that one of its FTP servers was breached and permitted search engines to index and display sensitive patient data on the Internet.

    Read more at the HHS

    Need a Data Privacy, Protection, and Security expert?

    If you are in need of an expert with experience in data privacy and data security disputes, we invite you to consider DisputeSoft.