WASHINGTON (Legal Newsline) – The Federal Trade Commission has reached a $250,000 agreement with Henry Schein Practice Solutions Inc. to resolve allegations the company falsely advertised the encryption level it provided to protect patient data.
The FTC alleges that Schein, a provider of office management software for dental practices, marketed its Dentrix G5 software deceptively, claiming it had industry-standard encryption of sensitive patient information. Schein allegedly ensured that by using its software, dental practice patient data would be protected, a must under the Health Insurance Portability and Accountability Act (HIPAA).
Schein was aware, according to the FTC, that Dentrix G5 used less complex methods than Advanced Encryption Standard – the industry standard recommended by the National Institute of Standards and Technology.
“Strong encryption is critical for companies dealing with sensitive health information,” Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, said. “If a company promises strong encryption, it should deliver it.”
Schein will now pay $250,000 to the FTC and will be prohibited from misleading customers about its products. Schein must also notify all of its customers who purchased Dentrix G5 about the case and provide the FTC with regular reports.