Regulatory Affairs – Medical imaging company will pay $3M HIPAA settlement

By | May 21, 2019

HIPAA Settlement

Read full article at MedCity

Touchstone Medical Imaging has agreed to pay $3 million to HHS’ Office for Civil Rights to settle a breach that exposed more than 300,000 patients’ protected health information.

Touchstone Medical Imaging, a diagnostic imaging services company based in Franklin, Tennessee, has agreed to pay $3 million to HHS’ Office for Civil Rights to settle potential HIPAA violations.

The company has also agreed to adopt a corrective action plan, which includes adopting business associate agreements, completing an enterprise-wide risk analysis and policies and procedures to comply with HIPAA.

According to its website, Touchstone has imaging centers in Arkansas, Colorado, Florida, Montana, Nebraska, Oklahoma and Texas.

In May 2014, the FBI and OCR notified Touchstone that one of its FTP servers allowed uncontrolled access to its patients’ protected health information, according to HHS. Search engines could index the patients’ PHI, which remained visible online even after the server was taken offline.

Read full article at MedCity

Author: News Editor

Kiosk manufacturer experience since 1993. Engineer for Verizon Bill Pay kiosks while at KIS in Colorado. Extensive device knowledge for printers, scanners, currency, PCI, ADA, touch screen technology, outdoor, biometrics such as fingerprint and IRIS. Runs and manages the current kiosk association, KMA. Works with U.S. Access Board on ADA and accessibility. PCI SSC participating organization. Member of National Retail Federation (NRF) and National Restaurant Association.