Dental Practice Responds to Negative Patient Review, Violates HIPAA
A North Carolina dental practice responded to a negative online review posted by a patient who had failed to follow the practice’s recommendations for care. Unfortunately, the response included personal health information about the patient, which violates the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The United States Department of Health and Human Services Office for Civil Rights (OCR) reacted to the HIPAA violation by fining the practice $50,000. Fines for such infringements are not typically so severe (more like in the $10,000 range) but this practice did not respond to the OCR’s formal request for information regarding its response to the patient’s review and waived its right to a hearing. Click here to read more.