Blog

3 Dental Practices Reach HIPAA Settlements

HIPAA
October 26, 2022
In September 2022, the OCR reached 3 new settlements with dental practices across the country, let's walk through the details.

3 Dental Practices Reach HIPAA Settlements

Just last month, the Office of Civil Rights (OCR) within the US Department of Health and Human Services (HHS) announced that they have reached a resolution in three new cases of potential HIPAA violations, all with dental practices. These cases are a part of the OCR’s dedication to enforcing individuals’ right to access their own information under HIPAA. 

These three enforcements serve as a continued reminder that the OCR is dedicated to the Right of Access Initiative. This initiative stems from the HIPAA Privacy Rule in which the priority is set for all individuals in the U.S. to be able to have quick and easy access to the health information that is being held on them. The OCR determined that this right to information was something that was becoming a larger problem over time, which is exactly why they have dedicated concerted efforts to solving this problem over the past few years. 

As mentioned above, all three of the cases this month were with dental practices, each of different sizes and in a different location. This information should be a signifier for all dental offices or similar healthcare practices. Even though large hospital groups are the most common subjects of OCR settlements that we see, smaller specialties and offices are not exempt from the rules and standards of HIPAA. 

This might be a good reminder to evaluate your organization’s methods of reaching or maintaining HIPAA compliance, and ensure that these satisfy the standards that you are held to under HIPAA. If you are looking to partner with someone to handle your compliance needs simply and efficiently, look no further than us at Accountable. Schedule a call with an expert or start our 14-day, no credit card-required free trial today to learn more! 

Now, let's look into the details of these three September 2022 settlements.  

Family Dental Care, P.C. (FDC) 

FDC, a dental office located in Chicago, Illinois, was the subject of a complaint to OCR which alleged that they had failed to provide a former patient with their complete records in a timely manner. The individual originally requested this information in May 2020 and received portions of this information at that time. At this time, this patient submitted the complaint to the OCR and an investigation began. In October 2020, as a result of the investigation, the former patient received a complete copy of their records over 5 months after the initial request. 

The OCR investigation reached the conclusion that FPC had failed to provide the requested medical records in a timely manner. This potential violation of the HIPAA Right of Acess Initiative. As a result of all this, Family Dental Care has agreed to pay $30,000 and submit to a corrective action plan. 

Great Expressions Dental Center of Georgia (GEDC-GA)

Great Expressions Dental Center of Georgia, a dental and orthodontics provider with locations across the state of Georgia, reached an agreement with OCR stemming from a potential HIPAA violation. This began in November 2020 when an individual requested their complete medical records from GEDC-GA and was told that it would cost a $170 copying fee. At this time, the patient submitted a complaint to OCR about this fee. 

The OCR launched an investigation and determined that GEDC-GA has failed to provide the requested medical records in a timely manner and that the fee stated was not reasonable or cost-based which is part of the allowance of the appropriate fee under the Right of Access Initiative. Following this, GEDC-GA has agreed to pay $80,000 and implement a corrective action plan from OCR. 

B. Steven L. Hardy, D.D.S., LTD

Lastly, B. Steven L. Hardy, doing business as Paradise Family Dental (Paradise) in a dental practice in Las Vegas, Nevada reached a settlement due to a potential violation. In October 2020, the OCR received a complaint from a mother who had failed to receive her and her daughter's medical records after repeated requests. She stated that she had submitted numerous requests beginning in early April 2020 through December 2020, before finally receiving the requested information on December 31st, 2020, eight months after the initial request. 

The OCR investigated this situation and found that Paradise had failed to provide the requested information in an appropriate amount of time. This situation violates the HIPAA Right of Access requirement, and because of that Paradise has agreed to pay $25,000 and submit to a corrective action plan. 

Conclusion

As always, these HIPAA violations are a great reminder to all covered entities and business associates to take an in-depth look at your HIPAA compliance practices. If any systems you are using or processes you have in place are not entirely compliant, then this is your reminder to update those. Specifically, this month should remind you to verify your processes for providing patients with the complete records they request in a timely manner for an appropriate cost. 

Accountable exists to make managing risk and compliance as simple as possible. Schedule a call with us today to see how we can help you respond to every access request in a timely manner, plus handle every other aspect of HIPAA.

More from the Blog

GenixTec has achieved HIPAA Compliance with Accountable
Compliant Tools

GenixTec has achieved HIPAA Compliance with Accountable

HIPAA and Workforce Training
HIPAA

HIPAA and Workforce Training

Understanding HIPAA Certification
HIPAA

Understanding HIPAA Certification

Is Google Docs HIPAA Compliant?
Compliant Tools

Is Google Docs HIPAA Compliant?

Is Calendly HIPAA Compliant?
Compliant Tools

Is Calendly HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is iCloud HIPAA Compliant?
Compliant Tools

Is iCloud HIPAA Compliant?

President Biden Looks to Boost Cybersecurity at U.S. Ports
Data Security

President Biden Looks to Boost Cybersecurity at U.S. Ports

Get Started
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to chat?

See how some of the fastest growing companies use Accountable to build trust through privacy and compliance.
Trusted by
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of ComplianceGet Support
Solutions
HIPAAGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
SitemapTerms of ServicePrivacy Policy