Touchstone Medical Imaging to pay $3M federal fine following cybersecurity breach

Touchstone Medical Imaging has agreed to pay a $3 million fine to the Office for Civil Rights (OCR) to settle potential Health Insurance Portability and Accountability (HIPAA) rule violations stemming from a large breach exposing patient’s health information.

According to the U.S. Department of Health and Human Services (HHS), the Tennessee-based imaging company allowed uncontrolled access to a server containing the personal health information of more than 300,000 patients, including names, birth dates, social security numbers and addresses.

Touchstone initially claimed that no patient data was exposed as a result of the hack, but an OCR investigation into the matter found the company did not properly investigate the event until months after the FBI and OCR notified the imaging company of the attack. Touchstone has since admitted to the security breach.

“Covered entities must respond to suspected and known security incidents with the seriousness they are due, especially after being notified by two law enforcement agencies of a problem,” said OCR Director Roger Severino, in a prepared statement from HHS. “Neglecting to have a comprehensive, enterprise-wide risk analysis, as illustrated by this case, is a recipe for failure.”

Additionally, Touchstone will create an action plan that includes the “adoption of business associate agreements, completion of an enterprise-wide risk analysis, and comprehensive policies and procedures to comply with HIPPA rules,” according to the same statement.

""

Matt joined Chicago’s TriMed team in 2018 covering all areas of health imaging after two years reporting on the hospital field. He holds a bachelor’s in English from UIC, and enjoys a good cup of coffee and an interesting documentary.

Around the web

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.

The newly cleared offering, AutoChamber, was designed with opportunistic screening in mind. It can evaluate many different kinds of CT images, including those originally gathered to screen patients for lung cancer. 

Trimed Popup
Trimed Popup