Radiology Regional Center’s 3rd Party failed to dispose PHI adequately!
In recent events Radiology Regional Center’s 3rd party physically leaked data on the streets as it was transporting the physical documents to be destroyed. I know traditionally we are accustomed to hearing about hacking and exfiltration, but this is a constant reminder that beaches come in all forms. In this case, the breach of data came from a 3rd party’s mistake in handling information.
A breach is a breach, whether it is digital or physical and Radiology Regional will be fined by HHS because of this one point, and I will place this in CAPS and BOLD; because a firm outsources a function to a 3rd party, does not absolve the firm from liability. Remember, you are still the first party.
For more information, please contact us!