• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Life Sciences
  • Investments
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage

EHR Fax Server Error Exposes Thousands of Physician Notes, Medical Records

by Fred Pennic 03/18/2019 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print
EHR Fax Server Error Exposes Thousands of Physician Notes, Medical Records
Two leaked documents found on the fax server, redacted. (Image Credit: TechCrunch)

Thousands of physicians’ notes and medical records were left exposed by a fax server error within Meditab, an all-in-one multi-specialty EHR, Practice Management and Billing software solution, TechCrunch first reports. Dubai-based cybersecurity firm SpiderSilk discovered the unsecured exposed fax server was running an Elasticsearch database with over 6 million records since its creation in March 2018. It is unknown if anyone else discovered the exposed fax server or how long the data was exposed.

Exposed Fax Server Error Details

Since the fax server did not have a password, anyone was able to read the transmitted faxes in real-time that contained medical records, doctor’s notes, prescription amounts, and quantities, as well as illness information, such as blood test results. In addition, the faxes contained exposed names, addresses, dates of birth, and in some cases Social Security numbers and health insurance information and payment data.  None of the data was encrypted, which also included personal and health information on children.

The compromised fax server was hosted on an subdomain of MedPharm Services, a Puerto Rico-based affiliate of Meditab. TechCrunch reached out to several patients who confirmed their exposed details from the faxes.

Next Steps

TechCrunch reached out to Meditab COO Kalpesh Patel who stated in an email response the company is “looking into the issue to identify the problem and solution.” The company’s general counsel  Angel Marrero said, “we are still reviewing our logs and records to access the scope of any potential exposure.” When asked if Meditab plans to inform regulators and customers about the exposed records. Marrero stated the company “will comply with any and all required notifications under current federal and state laws and regulations, as applicable.”

Related: Does the Fax Machine Still Have A Place in Modern Healthcare?

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: Cybersecurity, healthcare security breaches, medical records, Secure Cloud Faxing, secure patient data

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Interview

Reach7 Diabetes Studios Founder Chun Yong on Reimagining Chronic Care with a Concierge Medical Model

Most-Read

HHS Finalizes HTI-4 Rule: Prior Authorization & E-Prescribing Interoperability

HHS Finalizes HTI-4 Rule: Prior Authorization & E-Prescribing Interoperability

Meaningful Use Penalties_Meaningful Use_Partial Code Free_Senators Urge CMS to Establish Clear Metrics for ICD-10 Testing

CMS Finalizes TEAM Model: A New Era of Value-Based Surgical Care

White House Event Unveils CMS Health Tech Ecosystem Initiative

White House Event Unveils CMS Health Tech Ecosystem Initiative

Digital Health Faces Q2'25 Pullback: Funding Falls to 5-Year Low, But AI Dominates and $1B+ IPOs Emerge

Healthcare Investment Shifts in 1H 2025: AI Remains a Bright Spot Amidst Fundraising Decline

Digital Health Faces Q2'25 Pullback: Funding Falls to 5-Year Low

Digital Health Faces Q2’25 Pullback: Funding Falls to 5-Year Low

Beyond the Hype: Building AI Systems in Healthcare Where Hallucinations Are Not an Option

Beyond the Hype: Building AI Systems in Healthcare Where Hallucinations Are Not an Option

Health IT Sector Navigates Policy Turbulence with Resilient M&A

Health IT’s New Chapter: IPOs Return, Resilient M&A, Valuations Rise in 1H 2025

PwC Report: US Medical Cost Trend to Remain Elevated at 8.5% in 2026

PwC Report: US Medical Cost Trend to Remain Elevated at 8.5% in 2026

Philips Launches ECG AI Marketplace, Partnering with Anumana to Enhance Cardiac Care with AI-Powered Diagnostics

Philips Launches ECG AI Marketplace, Partnering with Anumana to Enhance Cardiac Care with AI-Powered Diagnostics

WeightWatchers Emerges from Bankruptcy, Launches New Menopause Program

WeightWatchers Emerges from Bankruptcy, Launches New Menopause Program

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |