Resolution Agreement Requires Medical Imaging Company to Pay $3 Million to Settle Data Breach

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services revealed on May 6, 2019 that Tennessee-based Touchstone Medical Imaging (TMI) entered into a Resolution Agreement (RA) requiring them to pay a $3 million fine to settle a data breach that exposed over 300,000 patients’ protected health information (PHI). In addition to the significant monetary fine, TMI must adopt a corrective action plan that will address shortfalls in the company’s compliance with HIPAA Security and Breach Notification Rules, which is… Continue Reading