Eric Fader wrote an article, "A New Era Of Health Care
Privacy And Security Enforcement," for Law360. The
article is about the significance of Henry Schein Practice
Solutions Inc.'s $250,000 settlement of Federal Trade
Commission charges that it "falsely advertised the level of
encryption it provided to protect patient data." As previously
discussed
here, the company was charged with deceptively marketing its
Dentrix G5 software to dentists as providing industry-standard
encryption that would help dental practices satisfy their
obligations under HIPAA to secure patients' protected health
information when, in fact, Dentrix did not use the Advanced
Encryption Standard (AES) recommended by the National Institute of
Standards and Technology (NIST).
Eric writes that the enforcement action should serve as a wake-up
call to any health care provider or vendor that may have thought
that all it needed to do in order to protect the privacy and
security of protected health information was to comply with HIPAA
regulations.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.