The U.S. Department of Health and Human Services Office for Civil Rights resolved three investigations in March related to dental offices’ compliance with the Health Insurance Portability and Accountability Act Privacy Rule.
“Between the rising pace of breaches of unsecured protected health information and continued cyber security threats impacting the health care industry, it is critical that covered entities take their HIPAA compliance responsibilities seriously,” said Office for Civil Rights Director Lisa J. Pino in a news release. “OCR will continue our steadfast commitment to protect individuals’ health information privacy and security through enforcement, and we will pursue civil money penalties for violations that are not addressed.”
The Office for Civil Rights took the following enforcement actions that underscore the importance and necessity of compliance with the HIPAA Rules:
- Dr. Donald Brockley, D.M.D., a solo dental practitioner in Butler, Pennsylvania, allegedly failed to provide a patient with a copy of their medical record. After being issued a Notice of Proposed Determination, Dr. Brockley requested a hearing before an administrative law judge. The litigation was resolved by a settlement agreement in which he agreed to pay $30,000 and take corrective actions to comply with the HIPAA Privacy Rule's right of access standard.
- Dr. U. Phillip Igbinadolor, D.M.D. & Associates, a dental practice with offices in Charlotte and Monroe, North Carolina, allegedly impermissibly disclosed a patient’s protected health information on a webpage in response to a negative online review. The practice did not respond to the Office for Civil Rights’ data request, did not respond or object to an administrative subpoena and waived its rights to a hearing by not contesting the findings in the Notice of Proposed Determination. The Office for Civil Rights imposed a $50,000 civil money penalty.
- Northcutt Dental-Fairhope, a dental practice in Fairhope, Alabama, allegedly impermissibly disclosed patients’ protected health information to a campaign manager and a third-party marketing company hired to help with a state senate election campaign. The dental practice agreed to take corrective action and pay $62,500 to settle potential violations of the HIPAA Privacy Rule.
Compliancy Group is the ADA Member Advantage-endorsed partner that specializes in helping practices and organizations comply with HIPAA. Compliancy Group offers a 15% discount to ADA members. Visit compliancy-group.com/ada-hipaa-compliance/ for more information.