Breach, Data Security

Touchstone Medical Imaging patient data accessible online

Tennessee-based Touchstone Medical Imaging is notifying an undisclosed number of patients that their personal information – including Social Security numbers – had inadvertently been made accessible via the internet.

How many victims? Undisclosed. Touchstone Medical Imaging did not return a request for the information. 

What type of personal information? Names, addresses, dates of birth, telephone numbers, health insurer names, radiology procedures, diagnoses and Social Security numbers.

What happened? A folder containing patient billing information had inadvertently been made accessible via the internet.

What was the response? The folder was secured and removed from public view. Touchstone Medical Imaging is reinforcing the education of employees and the monitoring of systems regarding the protection of patient information. All impacted patients are being notified.

Details: The incident impacted patients who had radiology procedures prior to August 2012. Touchstone Medical Imaging became aware that the folder was accessible on May 9. An internal investigation initially suggested the information in the folder was not readable, but on Sept. 5, new information revealed that the information may have been readable.

Quote: “We have no knowledge and there is no indication that any patient information has been used improperly,” according to a notification posted to the Touchstone Medical Imaging website.

Source:, “Notice To Patients Regarding Privacy Incident,” Oct. 3, 2014.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.