25% off all training courses Offer ends June 26, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends June 26, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Key Dental Group Alerts Patients About Potential HIPAA Violation

Posted By on Nov 21, 2018

Key Dental Group, a dental practice in Pembroke Pines, FL, is informing patients of an alleged HIPAA violation that could potentially result in the unauthorized accessing of patients’ protected health information (PHI).

After changing its electronic medical record (EMR) database provider, Key Dental Group requested its former vendor, MOGO, the return its EMR database. Even though the end user license agreement (EULA) stated that all patient data must be returned on termination of the agreement, MOGO has refused to return the database.

MOGO communicated to Key Dental Group, via its attorney, that the database would not be returned. The Pembroke Pines dental practice alleges that in addition to violating the EULA, MOGO, as a HIPAA business associate, is in violation of the Health Insurance Portability and Accountability Act.

Any security breach, such as the unauthorized accessing of patients’ protected health information, requires notifications to be sent to affected patients. Key Dental Group cannot say whether the database has been accessed after the termination of the EULA, but since the KDG-MOGO database can no longer be accessed, monitored, or protected from unauthorized access, notifications were deemed necessary according to the HIPAA Rules for dentists.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

“While Key Dental Group cannot definitively say that unauthorized access has or will occur to this database, given the apparent violations of various portions of HIPAA triggered by MOGO’s actions and the sensitivity of the information the database contains, Key Dental Group, PA is publicly notifying its patients at this time of this incident,” wrote Key Dental Group in a recent press release about the HIPAA incident.

All patients whose PHI – which includes names, addresses, dates of birth, medical histories, diagnoses/conditions, lab/test results, treatment information, medications, health insurance information, claims information, and the Social Security numbers of some Medicare/Medicaid patients – is present in the database have been told to be alert to the possibility of identity theft and fraud.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist