Main Dental Group Warns Patients About Possible HIPAA Violation

November 25, 2018

 

Key Dental Group, a dental practice in Pembroke Pines, FL, is notifying its patients concerning a suspected HIPAA violation which has the possibility to result in the illegal retrieving of their protected health information (PHI).

After altering its electronic medical record (EMR) database supplier, Key Dental Group requested its past supplier, MOGO, to return its EMR database. Although the end user license agreement (EULA) stated that all patient data should be returned on termination of the agreement, MOGO has declined to return the database.

MOGO communicated to Key Dental Group, through its lawyer, that the database would not be returned. The Pembroke Pines dental practice claims that in addition to violating the EULA, MOGO, as a HIPAA business associate, is in violation of the Health Insurance Portability and Accountability Act.

Any safety breach, such as the illegal retrieving of patients’ protected health information, needs notifications to be dispatched to affected patients. Key Dental Group cannot say whether the database has been retrieved after the end of the EULA, but as the KDG-MOGO database can no longer be retrieved, checked, or safeguarded from illegal access, notifications were considered necessary.

“Although Key Dental Group cannot conclusively say that illegal access has or will occur to this database, given the obvious violations of different parts of HIPAA activated by MOGO’s actions and the sensitivity of the information the database has, Key Dental Group, PA is openly notifying its patients at this time of this occurrence,” wrote Key Dental Group in a latest press release concerning the HIPAA occurrence.

All patients whose PHI – which includes names, health insurance information, medications, lab/test results, treatment information, diagnoses/conditions, medical histories, dates of birth, addresses, claims information, and the Social Security numbers of some Medicare/Medicaid patients – is present in the database have been told to be vigilant to the probability of identity theft and scam.