In recent events Radiology Regional Center’s 3rd party physically leaked data on the streets as it was transporting the physical documents to be destroyed. I know traditionally we are accustomed to hearing about hacking and exfiltration, but this is a constant reminder that beaches come in all forms. In this case, the breach of data came from a 3rd party’s mistake in handling information.

A breach is a breach, whether it is digital or physical and Radiology Regional will be fined by HHS because of this one point, and I will place this in CAPS and BOLD; because a firm outsources a function to a 3rd party, does not absolve the firm from liability. Remember, you are still the first party.

For more information, please contact us!