DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Touchstone Medical Imaging reveals data breach

Posted on October 4, 2014 by Dissent

Dave Lewis reports:

Touchstone Medical Imaging is a company that is based in Brentwood Tennessee. This is a medical firm that provides services such as MRI, CT scans, Ultrasound and Mammography. Today they announced that they suffered a data breach as the result of an open share that was exposed to the Internet.

This shared folder contained billing information of patients including Social Security numbers, names, addresses, date of birth, and phone numbers. They state that no medical information records were stored in this folder however, they make no mention of possible financial information being stored. It is a fair question as they indicated that the information was billing related.

Read more on CSO.

Touchstone Medical Imaging posted a notice on their web site, linked from their home page:

NOTICE TO PATIENTS REGARDING PRIVACY INCIDENT

Touchstone Medical Imaging, LLC is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice is regarding an incident involving some of that information.

On May 9, 2014, we became aware that a seldom-used folder containing patient billing information relating to dates prior to August 2012 had inadvertently been left accessible via the internet. Upon learning this, we immediately secured the folder and removed it from public view. We also began an internal investigation which initially led us to believe that the patient information in the folder was not readable. However, on September 5, 2014, we obtained new information that suggested that the patient information may have been readable and included patients’ names, dates of birth, addresses, telephone numbers, health insurer names, radiology procedures, diagnoses and in some instances, Social Security numbers. Medical records were not included.

This incident did not affect all Touchstone patients, but only certain patients who had radiology procedures prior to August 2012.

We have no knowledge and there is no indication that any patient information has been used improperly. However, in an abundance of caution, we began sending letters to affected patients on October 3, 2014, and have established a dedicated call center to answer questions you may have. If you believe you are affected but do not receive a letter by October 24, 2014, please call 1- 877-919-9183, Monday through Friday, from 8:00 AM to 8:00 PM Central Time.

We deeply regret any inconvenience this may cause our patients. To help prevent this from happening again, we are reinforcing the education of our employees and the monitoring of our systems regarding the protection of our patients’ information and continually reviewing and enhancing our policies and procedures.

Related posts:

  • Tennessee diagnostic medical imaging services company pays $3,000,000 to settle breach exposing over 300,000 patients’ protected health information
Category: Uncategorized

Post navigation

← Woman Billed For Imposter’s Psychiatric Services
Trial in massive ID theft case postponed →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • 70% of healthcare cyberattacks result in delayed patient care, report finds
  • Police disrupt “Diskstation” ransomware gang attacking NAS devices
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • Mississippi Law Firm Sues Cyber Insurer Over Coverage for Scam
  • Ukrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Supplier
  • Computer Whiz Gets Suspended Sentence over 2019 Revenue Agency Data Breach
  • Ministry of Defence data breach timeline
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan
  • A year after cyber attack, Columbus could invest $23M in cybersecurity upgrades

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Upstate NY county clerk again refuses to enforce Texas abortion judgment
  • Attorney General James Leads Coalition Urging Congress to Protect Americans from Masked ICE Agents
  • Attorney General Tong Announces $85,000 Settlement with TicketNetwork for Violations of the Connecticut Data Privacy Act​
  • Fourth Circuit upholds West Virginia ban on abortion pills
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • The EU’s Plan To Ban Private Messaging Could Have a Global Impact (Plus: What To Do About It)
  • A Balancing Act: Privacy Issues And Responding to A Federal Subpoena Investigating Transgender Care

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.