Saturday, January 9, 2016

Dental Practice Software Provider Settles FTC Charges It Misled Customers About Encryption of Patient Data | Federal Trade Commission

Dentrix G5 used a less complex method of data masking to protect patient data than Advanced Encryption Standard (AES), which is recommended as an industry standard by the National Institute of Standards and Technology (NIST) and provides the appropriate protection to meet certain regulatory obligations under HIPAA. Nevertheless, for two years, Schein touted the product's "encryption capabilities" for protecting patient information and meeting "data protection regulations" in multiple marketing materials, including newsletters and brochures targeted at dentists.

https://www.ftc.gov/news-events/press-releases/2016/01/dental-practice-software-provider-settles-ftc-charges-it-misled