Call Us Today! 877-659-2467 contactus@arismedicalsolutions.com

Dental practices can be fined under HIPAA rules

Posted bySuze Shaffer
HIPAA experts

This week the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of four investigations related to the HIPAA privacy rule.

Two cases were part of the HIPAA Right of Access, bringing the total number of enforcement actions to twenty-seven since the initiative began. Another case included misuse of social media in response to a negative review.

  • A solo dental practitioner in Butler, Pennsylvania, failed to provide a patient with a copy of their medical record.  After being issued a Notice of Proposed Determination, the doctor requested a hearing before an Administrative Law Judge. The litigation was resolved before the court made a determination by a settlement agreement in which the doctor agreed to pay $30,000 and take corrective actions to comply with the HIPAA Privacy Rule’s right of access standard.
  • A dental practice with offices in Charlotte and Monroe, North Carolina, impermissibly disclosed a patient’s PHI on a webpage in response to a negative online review.  The practice did not respond to OCR’s data request, did not respond or object to an administrative subpoena, and waived its rights to a hearing by not contesting the findings in OCR’s Notice of Proposed Determination.  OCR imposed a $50,000 civil money penalty.
  • A dental practice in Fairhope, Alabama, who impermissibly disclosed its patients’ PHI to a campaign manager and a third-party marketing company hired to help with a state senate election campaign, agreed to take corrective action and pay $62,500 to settle potential violations of the HIPAA Privacy Rule.
  • A psychiatric medical services provider with two office locations in California, agreed to take corrective actions and pay OCR $28,000 to settle potential violations of the HIPAA Privacy Rule, including provisions of the right of access standard.

If you would like to read about other fines, follow this link:

https://arismedicalsolutions.com/what-are-some-of-the-actual-hipaa-fines/

To find out more about how our online HIPAA Keeper™ can help your organization with HIPAA Compliance click here:

https://arismedicalsolutions.com/aris-hipaa-compliance-system-for-medical-offices/

Or to schedule a demo click the contact us tab and scroll down.

“Simplifying HIPAA through Automation, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

View all posts by Suze Shaffer

Share This HIPAA Blog
Florida HIPAA Expert

What are common HIPAA violations and how to avoid them?

March 4, 2022
Florida HIPAA experts

How to defend against common cyber-attacks

April 4, 2022
©2024 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC