Over 32,000 patients across 48 states were impacted by a security breach of their Protected Health Information (PHI) that Cogent Health had outsourced to M2ComSys. The PHI was sometimes even indexed by Google, exposing patients names, physician names, dates of birth, diagnosis description, treatment data, medical history and medical records numbers. According to the article below, the outsourcing company's site had its firewall down. The access to these notes through the site began May 5, 2013, and ended following Cogent Healthcare’s discovery of the lapse on June 24, 2013.
How can a firewall not be functional?
Healthcare IT News
1SSA - Security Consulting, Training and Products