FTC Drills Dental Software Provider For Deceptive Encryption Promises

Sunday, January 24, 2016
By: George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

A leading dental office management software provider has agreed to pay $250,000 to settle the Federal Trade Commission’s (FTC) claims that it falsely advertised its product as having industry-standard encryption. This encryption would help clients meet obligations under federal health privacy law to protect patient information.

Protecting Patient Information.

The Dentrix G5 software is used by dentists to perform office tasks such as entering patient data, sending appointment reminders, submitting insurance claims and recording diagnostic information. According to the FTC, Henry Schein Practice Solutions Inc. violated  The Federal Trade Commission Act Section 5: Unfair or Deceptive Acts or Practices, by falsely claiming that its software provided adequate encryption of sensitive patient information. The FTC’s Section 5 of the Federal Trade Commission Act (FTC Act) (15 USC 45) prohibits ‘‘unfair or deceptive acts or practices in or affecting commerce.’’  PracticesHenry Schein ( or, It) also claimed that those using the product would meet regulatory obligations under the Health Insurance Portability and Accountability Act (HIPAA).

Although advertisements claimed the product would help dental providers, the product’s encryption capabilities fell short of the promises. In 2010, the company was warned that its software was “less secure and more vulnerable” than industry-standard encryption. Despite this warning, the company continued to falsely marketing its product.

The Repercussions of Deceptive Acts or Practices.

The FTC alleges that the company’s misrepresentation of its software caused harm to dentists by leading them to believe they were in compliance with federal health privacy laws. Failure to comply with HIPAA can result in both civil and criminal penalties. To read further on this, click here to read one of my previous blogs.

To read more on the importance of enforcing privacy and security rules, click here.


Do you think the software provider was given a fair penalty? How can the FTC further eliminate cases such as this?

Contact a Health Law Attorney Experienced in Defending HIPAA Complaints and Violations.

The attorneys of The Health Law Firm represent physicians, medical groups, nursing homes, home health agencies, pharmacies, hospitals and other health care providers and institutions in investigating and defending alleged HIPAA complaints and violations and in preparing Corrective Action Plans (CAPs).

For more information about HIPAA violations, electronic health records or corrective action plans (CAPs) please visit our website at www.TheHealthLawFirm.com or call (407) 331-6620 or (850) 439-1001.


Grande, Allison. “FTC dings dental software prover for encryption promises.” Law 360. (January 5, 2016). Web.

About the Author: George F. Indest III, J.D., M.P.A., LL.M., is Board Certified by The Florida Bar in Health Law. He is the President and Managing Partner of The Health Law Firm, which has a national practice. Its main office is in the Orlando, Florida, area. www.TheHealthLawFirm.com The Health Law Firm, 1101 Douglas Ave., Altamonte Springs, FL 32714, Phone: (407) 331-6620.

KeyWords: Health Insurance Portability and Accountability Act (HIPAA), HIPAA compliance, data security, protected health information (PHI), Patient privacy, Federal Trade Commission (FTC), penalties for HIPAA violation, defense attorney, defense lawyer, HIPAA defense attorney, health law, The Health Law Firm, dentist defense attorney, legal representation for dentists

“The Health Law Firm” is a registered fictitious business name of George F. Indest III, P.A. – The Health Law Firm, a Florida professional service corporation, since 1999.
Copyright © 1996-2016 The Health Law Firm. All rights reserved.

Like this blog? Add your public comments:

Items in bold indicate required information.