Blog Post

The HIPAA Breach Notification Rule: What Dental Practices Must Do When Patient Information Is Compromised

Jordan Uditsky • August 7, 2024

Every dental practice is sitting on a fortune. The patient information they electronically collect, maintain, store, and use is a potential gold mine for hackers, cybercriminals, and other technological bad actors who can sell and leverage that data for their own gain or nefarious ends. For these reasons, dentists and all other healthcare providers, facilities, and the vendors they work with are ripe and continuous targets for cyberattacks and data breaches.

 

Such occurrences can quickly metastasize into a legal, financial, and reputational nightmare for dental practice owners. And dental practices and dental service organizations are waking up to these nightmares with increasing frequency. According to the Ponemon Institute, dental practices experienced a 45% increase in data breaches in the last two years, with the average cost of a healthcare data breach reaching $9.23 million.

 

As we discussed in this earlier post, the HIPAA Security Rule imposes detailed and technical compliance obligations on dental practices regarding the protection of patients’ electronic personal health information (ePHI). But when a breach does occur, practice owners must take quick, decisive actions on several fronts to triage the situation and remediate the damage. This includes making required disclosures and providing notice of the breach as set forth in the HIPAA Breach Notification Rule.

 

The Breach Notification Rule mandates that covered entities, including dental practices, notify affected individuals, the Secretary of the Department of Health and Human Services (HHS), and, in certain cases, the media of a breach of unsecured PHI.

 

What Constitutes a Breach?

 

For purposes of the Breach Notification Rule, a breach is defined as the acquisition, access, use, or disclosure of PHI in a manner not permitted under HIPAA, which compromises the security or privacy of the PHI. This does not include unintentional access by a workforce member, inadvertent disclosure by a person authorized to access PHI, or when the unauthorized person to whom the disclosure is made would not reasonably have been able to retain the information.

 

PHI is considered unsecured if it is not rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of encryption or destruction. Breaches of secured PHI (i.e., encrypted data) do not require notification as set forth below.

 

Risk Assessment and Notification Requirements After Breach Discovered

 

Once a practice becomes aware of a potential data breach, it must conduct a risk assessment to determine if there is a low probability that the PHI has been compromised. Factors to consider in such an assessment include the nature and extent of the PHI involved, the unauthorized person who used or received the PHI, whether the PHI was actually acquired or viewed, and the extent to which the risk has been mitigated.

 

Within 60 days after the discovery of a breach, a dental practice must provide notice to any affected patients that includes:


  • A description of the breach
  • The types of information involved
  • The steps individuals should take to protect themselves
  • What the practice is doing to investigate and mitigate the breach, and
  • Contact information for further inquiries.

 

Notice to HHS

 

For breaches affecting more than 500 residents of a state or jurisdiction, practices must notify HHS as well as local media outlets of the breach. Specifically, the practice must notify HHS at the same time it provides notice to affected individuals. That notice must be given “without unreasonable delay” and in no case later than 60 calendar days after the discovery of a breach of security. For breaches involving fewer than 500 people, covered entities must notify HHS annually and no later than 60 calendar days following the end of the year.

 

What Dentists Need To Do To Comply With The Breach Notification Rule

 

While the Notification Rule’s obligations don’t kick in until after a breach, dental practices should take several steps before a breach happens to ensure compliance and minimize the damage and fallout:


  • Develop and Implement Policies and Procedures: Dentists should establish written policies and procedures for managing PHI and addressing potential breaches. These should include processes for identifying, investigating, and responding to breaches, conducting risk assessments, and notifying affected individuals and the appropriate authorities.
  • Regular Staff Training: All staff members should be trained on HIPAA regulations, including the Breach Notification Rule, and the office's specific policies and procedures for handling PHI. Regular training ensures that staff members are aware of their responsibilities and can recognize and report potential breaches.
  • Implement Security Measures: As noted, dentists should implement administrative, physical, and technical safeguards to protect PHI as set forth in the HIPAA Security Rule. This includes using encryption for electronic PHI, securing physical records, controlling access to information, and using secure communication channels.
  • Establish a Breach Response Team: Having a designated team responsible for managing breaches ensures a coordinated and effective response. This team should include individuals from different areas of the practice, such as IT, legal, and compliance.
  • Maintain an Incident Response Plan: An incident response plan outlines the steps to take when a breach is suspected or detected. It should include procedures for containment, investigation, risk assessment, notification, and mitigation.

 

Compliance with the Breach Notification Rule is just one of many actions dental practices must take in the unfortunate event of a data breach. In our next post, we will discuss several other aspects of data breach response and mediation, all of which are crucial to protecting practices and patients alike.

 

HIPAA Breach Notification Questions? Call Grogan, Hesse & Uditsky Today

 

At Grogan, Hesse & Uditsky, P.C., we focus a substantial part of our practice on providing exceptional legal services for dentists and dental practices, as well as orthodontists, periodontists, endodontists, pediatric dentists, and oral surgeons. We bring unique insights and deep commitment to protecting the interests of dental professionals and their practices and we welcome the opportunity to work with you.

 

If you have questions or concerns about your practice’s compliance with the HIPAA Breach Notification Rule, please call us at (630) 833-5533 or contact us online to arrange for your free initial consultation.

 

Jordan Uditsky, an accomplished businessman and seasoned attorney, combines his experience as a legal counselor and successful entrepreneur to advise dentists and other business owners in the Chicago area. Jordan grew up in a dental family, with his father, grandfather, and sister each owning their own dental practices, and this blend of legal, business, and personal experience provides Jordan with unique insight into his clients’ needs, concerns, and goals.

Speak to an Attorney

Related Posts

CTA Dead Forever? Reporting Deadlines Are Once Again On Hold, and Domestic Companies May Soon Be Permanently Relieved of All CTA Obligations.

By Jordan Uditsky March 12, 2025
Once again, mandatory Beneficial Ownership Information (BOI) reporting deadlines under the Corporate Transparency Act (CTA) have been put on hold. Not only have all deadlines been scrapped but domestic reporting companies may soon be permanently relieved of any CTA obligations whatsoever. Just days after stating it would enforce new March 21, 2025 deadlines, FinCEN issued a February 27, 2025, alert announcing that “ it will not issue any fines or penalties or take any other enforcement actions against any companies based on any failure to file or update” BOI reports by the current deadlines “until a forthcoming interim final rule becomes effective and new relevant due dates in the interim final rule have passed. FinCEN said that no later than March 21, 2025, it “intends to issue an interim final rule that extends BOI reporting deadlines, recognizing the need to provide new guidance and clarity as quickly as possible, while ensuring that BOI that is highly useful to important national security, intelligence, and law enforcement activities is reported.” Just two days after FinCEN’s announcement suspending existing deadlines, the Department of the Treasury went even further. In a March 2, 2025 release , the department said that “not only will it not enforce any penalties or fines associated with the beneficial ownership information reporting rule under the existing regulatory deadlines, but it will further not enforce any penalties or fines against U.S. citizens or domestic reporting companies or their beneficial owners after the forthcoming rule changes take effect either.” That is because “the Treasury Department will further be issuing a proposed rulemaking that will narrow the scope of the rule to foreign reporting companies only.” The bottom line is that it appears the new administration has decided to kill the CTA altogether as to domestic reporting companies. We will, of course, provide updates as warranted. If you have questions about this latest development or the CTA generally, please contact Jordan Uditsky at Grogan Hesse & Uditsky, P.C.

Should Your Practice Take a Closer Look At An “Invisible DSO”?

By Jordan Uditsky February 19, 2025
In a previous post , we discussed the pros and cons and ins and outs of selling a dental practice to a dental services organization (DSO). The DSO model continues to be attractive and popular. According to Grand View Research , the U.S. DSO market size was estimated at $26.9 billion in 2023 and is projected to grow at an annual rate of 16.4% from 2024 to 2030. Despite the exponential growth of DSOs, and the large amounts of private equity that fuel that expansion, they are still a relatively recent development in the dental industry. As such, the DSO model is still evolving and being refined in response to market conditions and demands. That evolution includes a new form of DSO – the “Invisible DSO” (IDSO) – designed to provide financial and operational support to private dental practices without the significant loss of autonomy and leadership that makes many owners wary of joining a traditional DSO. What Makes an IDSO “Invisible”? Unlike traditional DSOs that often impose centralized control over management and branding, IDSOs operate discreetly - almost “invisibly” - in the background. IDSOs allow dentists to keep their brand identity and operational independence without having to rebrand under a corporate umbrella. As important, dentists in an IDSO can still make clinical decisions without external interference – for the most part. Key Features of an IDSO That retention of leadership and control comes with many of the benefits of group affiliation within a traditional DSO, including: Equity Partnership Model. Dentists sell a portion of their practice (typically 51% to 80%) to the IDSO in exchange for a combination of cash and equity in the more extensive dental group. This allows dentists to "de-risk" their financial position while still maintaining ownership and influence over the practice. Operational and Administrative Support. As with traditional DSOs, IDSOs provide back-office support, including billing, human resources, marketing, compliance, and IT. This helps streamline operations without the dentist having to give up control over daily clinical decisions. Access to Growth Capital. As noted, private equity is the backbone of the DSO industry, including IDSOs. This readily available cash facilitates the ability of individual practices to expand, recruit more staff, and update technology, equipment, and infrastructure. Group Negotiation Power. By being part of a more extensive network, practices gain better negotiated rates on supplies, lab costs, and insurance reimbursements (which can be as much as 20% higher than independent practices). This reduces overhead and increases profit margins. Financial Security and Liquidity. Selling a portion of the practice to an IDSO provides dentists with an immediate financial payout. This can be a useful strategy for retirement planning or reducing financial risk while still retaining practice ownership. Additionally, the private equity behind DSOs may provide dentists with an opportunity to benefit from a future liquidity event, such as a sale to a larger investment group. Reduced Administrative Burden. One of the most appealing aspects of an IDSO is the ability to unburden themselves of many administrative functions, freeing dentists to focus on patient care and facilitating lower stress and higher job satisfaction.  Stronger Competitive Positioning. Solo dental practices face growing competition from corporate dental chains. IDSOs provide the resources needed to compete effectively while maintaining independence. Potential Downsides of Joining an IDSO While an IDSO can be a more attractive option than its traditional counterpart, it is not without potential downsides. These include: Invisibility Isn’t Absolute. The key distinguishing feature of an IDSO, as noted, is the ability of the practice owner to retain control of their practice, clinical decisions, and brand. However, that autonomy, while significant, is not limitless. Even if the dentist holds on to a great deal of decision-making power, the IDSO may influence staffing, marketing, financial decisions, and even treatment protocols. This can lead to conflicts between corporate interests and clinical judgment, potentially pressuring practitioners to prioritize profitability over patient care. Revenue Sharing. Since the IDSO takes a significant equity stake in the practice, profits must be shared. Accordingly, dentists might earn less per year compared to full ownership. Long-term Commitments. Most IDSOs require a long-term commitment, often 5–10 years. Dentists looking for total independence in the short term may find these agreements restrictive. Potential for Future Policy and Ownership Changes Although IDSOs promise, and usually deliver, autonomy, private equity-backed groups may eventually adjust policies or introduce new financial structures that affect dentists’ control. If a larger organization acquires the IDSO, there could be unexpected changes in how the practice is managed. An IDSO can change hands multiple times, and a practice owner could be stuck with the company even if their relationship with the organization otherwise goes south. Before joining an IDSO, it's essential to carefully review the terms, understand the long-term implications, and ensure that the partnership aligns with your personal and professional goals and your practice’s culture and outlook. Consulting with an experienced dental industry attorney can help you navigate the complexities of the decision. If you are a dental professional considering a sale or merger, please contact us at ddslawyers.com at (630) 833-5533 or contact us online to arrange for your complimentary initial consultation. We focus a substantial part of our practice on providing exceptional legal services for dentists and dental practices, as well as orthodontists, periodontists, endodontists, pediatric dentists, and oral surgeons. We bring unique insights and deep commitment to protecting the interests of dental professionals and their practices and welcome the opportunity to work with you. Jordan Uditsky, an accomplished businessman and seasoned attorney, combines his experience as a legal counselor and successful entrepreneur to advise dentists and other business owners in the Chicago area. Jordan grew up in a dental family, with his father, grandfather, and sister each owning their own dental practices, and this blend of legal, business, and personal experience provides Jordan with unique insight into his clients’ needs, concerns, and goals.

Dentists Have New Obligations and Limitations Regarding Third-Party Financing Under Recently Passed Illinois Law

By Jordan Uditsky January 15, 2025
Many dentists and dental practices offer financing arrangements as a way to help patients, especially the uninsured, pay for their care and treatment. For those who utilize third-party vendors for such financing, recently enacted amendments to the Illinois Dental Practice Act impose new disclosure and transparency obligations on dentists and practices and place limits on what staff can do and say in their interactions with patients regarding the subject. The amendments became effective January 1, 2025. With other states enacting or considering similar legislation regarding external patient financing for health care providers, these changes serve as a reminder to dentists in every jurisdiction about the importance of staying up to date on changes in their state’s laws and regulations. Here is what you need to know and do about these changes in order to ensure compliance once the calendar turns to the new year. No Establishing, Promoting, or Assisting With Third Party Financing A dentist, employee of a dentist, or agent of a dentist may not “arrange for, broker, or establish financing extended by a third party for a patient.” That term encompasses and prohibits submitting an application to a third-party creditor, lender, or creditor's intermediary for approval or rejection on behalf of a patient. It also prohibits dental practices from providing patients with software, links, or QR codes that have been customized with the practice’s branding. Practices can, however, provide patients with a third party’s marketing and advertising materials so long as they are not customized to the practice. Beyond providing or displaying generalized third-party advertising materials, dentists and staff cannot do much more in terms of helping a patient apply for or obtain financing. Anyone associated with a practice cannot do any of the following: Complete any portion of an application for financing extended by a third party for a patient or patient's guardian. Provide the patient or patient's guardian with an electronic device to apply for financing extended by a third party. Promote, advertise, or provide marketing or application materials for financing extended by a third party to a patient who has been administered or is under the influence of general anesthesia, conscious sedation, moderate sedation, or nitrous oxide; is being administered treatment; or is in a treatment area, including, but not limited to, an exam room, surgical room, or other area when medical treatment is administered, unless an area separated from the treatment area does not exist. Mandatory Disclosure When discussing or providing applications for financing extended by a third party, a dentist, employee of a dentist, or agent of a dentist must provide the following written notice in at least 14-point font: DENTAL SERVICES THIRD-PARTY FINANCING DISCLOSURE This is an application for a CREDIT CARD, LINE OF CREDIT, OR LOAN to help you finance or pay for your dental treatment. This credit card, line of credit, or loan IS NOT A PAYMENT PLAN WITH THE DENTIST'S OFFICE. It is a credit card, line of credit, or loan from a third-party financing company. Your dentist does not work for this company. Your dentist may not complete or submit an application for third-party financing on your behalf. You do not have to apply for a credit card, line of credit, or loan. You may pay your dentist for treatment in another manner. Your dentist's office may offer its own payment plan. You are encouraged to explore any public or private insurance options that may cover your dental treatment. The lender or creditor may offer a "promotional period" to pay back the credit or loan without interest. After any promotional period ends, you may be charged interest on portions of the balance that have already been paid. If you miss a payment or do not pay on time, you may have to pay a penalty and a higher interest rate. If you do not pay the money that you owe the creditor or lender, then your missed payments can appear on your credit report and could hurt your credit score. You could also be sued by the creditor or lender. If your dentist's office has completed or submitted an application for third-party financing on your behalf, you may file a complaint by contacting the Illinois Department of Financial and Professional Regulation at https://idfpr.illinois.gov/admin/dpr/dprcomplaint.html or by calling (312) 814-6910." Penalties for Non-Compliance A violation of these new rules and limitations is punishable by a fine of up to $500 for the first violation and a fine of up to $1,000 for each subsequent violation. IDFPR has the power to take additional disciplinary action as well. If you have any questions about these new requirements or third-party financing for dental services generally, please contact Jordan Uditsky at Grogan Hesse & Uditsky. We Focus on You So You Can Focus on Your Patients At Grogan Hesse & Uditsky, P.C., we focus a substantial part of our practice on providing exceptional legal services for dentists and dental practices, as well as orthodontists, periodontists, endodontists, pediatric dentists, and oral surgeons. We bring unique insights and deep commitment to protecting the interests of dental professionals and their practices and welcome the opportunity to work with you. Please call us at (630) 833-5533 or contact us online to arrange for your free initial consultation. Jordan Uditsky, an accomplished businessman and seasoned attorney, combines his experience as a legal counselor and successful entrepreneur to advise dentists and other business owners in the Chicago area. Jordan grew up in a dental family, with his father, grandfather, and sister each owning their own dental practices. This blend of legal, business, and personal experience provides Jordan with unique insight into his clients’ needs, concerns, and goals.
Show More

CTA Dead Forever? Reporting Deadlines Are Once Again On Hold, and Domestic Companies May Soon Be Permanently Relieved of All CTA Obligations.

By Jordan Uditsky March 12, 2025
Once again, mandatory Beneficial Ownership Information (BOI) reporting deadlines under the Corporate Transparency Act (CTA) have been put on hold. Not only have all deadlines been scrapped but domestic reporting companies may soon be permanently relieved of any CTA obligations whatsoever. Just days after stating it would enforce new March 21, 2025 deadlines, FinCEN issued a February 27, 2025, alert announcing that “ it will not issue any fines or penalties or take any other enforcement actions against any companies based on any failure to file or update” BOI reports by the current deadlines “until a forthcoming interim final rule becomes effective and new relevant due dates in the interim final rule have passed. FinCEN said that no later than March 21, 2025, it “intends to issue an interim final rule that extends BOI reporting deadlines, recognizing the need to provide new guidance and clarity as quickly as possible, while ensuring that BOI that is highly useful to important national security, intelligence, and law enforcement activities is reported.” Just two days after FinCEN’s announcement suspending existing deadlines, the Department of the Treasury went even further. In a March 2, 2025 release , the department said that “not only will it not enforce any penalties or fines associated with the beneficial ownership information reporting rule under the existing regulatory deadlines, but it will further not enforce any penalties or fines against U.S. citizens or domestic reporting companies or their beneficial owners after the forthcoming rule changes take effect either.” That is because “the Treasury Department will further be issuing a proposed rulemaking that will narrow the scope of the rule to foreign reporting companies only.” The bottom line is that it appears the new administration has decided to kill the CTA altogether as to domestic reporting companies. We will, of course, provide updates as warranted. If you have questions about this latest development or the CTA generally, please contact Jordan Uditsky at Grogan Hesse & Uditsky, P.C.

Should Your Practice Take a Closer Look At An “Invisible DSO”?

By Jordan Uditsky February 19, 2025
In a previous post , we discussed the pros and cons and ins and outs of selling a dental practice to a dental services organization (DSO). The DSO model continues to be attractive and popular. According to Grand View Research , the U.S. DSO market size was estimated at $26.9 billion in 2023 and is projected to grow at an annual rate of 16.4% from 2024 to 2030. Despite the exponential growth of DSOs, and the large amounts of private equity that fuel that expansion, they are still a relatively recent development in the dental industry. As such, the DSO model is still evolving and being refined in response to market conditions and demands. That evolution includes a new form of DSO – the “Invisible DSO” (IDSO) – designed to provide financial and operational support to private dental practices without the significant loss of autonomy and leadership that makes many owners wary of joining a traditional DSO. What Makes an IDSO “Invisible”? Unlike traditional DSOs that often impose centralized control over management and branding, IDSOs operate discreetly - almost “invisibly” - in the background. IDSOs allow dentists to keep their brand identity and operational independence without having to rebrand under a corporate umbrella. As important, dentists in an IDSO can still make clinical decisions without external interference – for the most part. Key Features of an IDSO That retention of leadership and control comes with many of the benefits of group affiliation within a traditional DSO, including: Equity Partnership Model. Dentists sell a portion of their practice (typically 51% to 80%) to the IDSO in exchange for a combination of cash and equity in the more extensive dental group. This allows dentists to "de-risk" their financial position while still maintaining ownership and influence over the practice. Operational and Administrative Support. As with traditional DSOs, IDSOs provide back-office support, including billing, human resources, marketing, compliance, and IT. This helps streamline operations without the dentist having to give up control over daily clinical decisions. Access to Growth Capital. As noted, private equity is the backbone of the DSO industry, including IDSOs. This readily available cash facilitates the ability of individual practices to expand, recruit more staff, and update technology, equipment, and infrastructure. Group Negotiation Power. By being part of a more extensive network, practices gain better negotiated rates on supplies, lab costs, and insurance reimbursements (which can be as much as 20% higher than independent practices). This reduces overhead and increases profit margins. Financial Security and Liquidity. Selling a portion of the practice to an IDSO provides dentists with an immediate financial payout. This can be a useful strategy for retirement planning or reducing financial risk while still retaining practice ownership. Additionally, the private equity behind DSOs may provide dentists with an opportunity to benefit from a future liquidity event, such as a sale to a larger investment group. Reduced Administrative Burden. One of the most appealing aspects of an IDSO is the ability to unburden themselves of many administrative functions, freeing dentists to focus on patient care and facilitating lower stress and higher job satisfaction.  Stronger Competitive Positioning. Solo dental practices face growing competition from corporate dental chains. IDSOs provide the resources needed to compete effectively while maintaining independence. Potential Downsides of Joining an IDSO While an IDSO can be a more attractive option than its traditional counterpart, it is not without potential downsides. These include: Invisibility Isn’t Absolute. The key distinguishing feature of an IDSO, as noted, is the ability of the practice owner to retain control of their practice, clinical decisions, and brand. However, that autonomy, while significant, is not limitless. Even if the dentist holds on to a great deal of decision-making power, the IDSO may influence staffing, marketing, financial decisions, and even treatment protocols. This can lead to conflicts between corporate interests and clinical judgment, potentially pressuring practitioners to prioritize profitability over patient care. Revenue Sharing. Since the IDSO takes a significant equity stake in the practice, profits must be shared. Accordingly, dentists might earn less per year compared to full ownership. Long-term Commitments. Most IDSOs require a long-term commitment, often 5–10 years. Dentists looking for total independence in the short term may find these agreements restrictive. Potential for Future Policy and Ownership Changes Although IDSOs promise, and usually deliver, autonomy, private equity-backed groups may eventually adjust policies or introduce new financial structures that affect dentists’ control. If a larger organization acquires the IDSO, there could be unexpected changes in how the practice is managed. An IDSO can change hands multiple times, and a practice owner could be stuck with the company even if their relationship with the organization otherwise goes south. Before joining an IDSO, it's essential to carefully review the terms, understand the long-term implications, and ensure that the partnership aligns with your personal and professional goals and your practice’s culture and outlook. Consulting with an experienced dental industry attorney can help you navigate the complexities of the decision. If you are a dental professional considering a sale or merger, please contact us at ddslawyers.com at (630) 833-5533 or contact us online to arrange for your complimentary initial consultation. We focus a substantial part of our practice on providing exceptional legal services for dentists and dental practices, as well as orthodontists, periodontists, endodontists, pediatric dentists, and oral surgeons. We bring unique insights and deep commitment to protecting the interests of dental professionals and their practices and welcome the opportunity to work with you. Jordan Uditsky, an accomplished businessman and seasoned attorney, combines his experience as a legal counselor and successful entrepreneur to advise dentists and other business owners in the Chicago area. Jordan grew up in a dental family, with his father, grandfather, and sister each owning their own dental practices, and this blend of legal, business, and personal experience provides Jordan with unique insight into his clients’ needs, concerns, and goals.

Dentists Have New Obligations and Limitations Regarding Third-Party Financing Under Recently Passed Illinois Law

By Jordan Uditsky January 15, 2025
Many dentists and dental practices offer financing arrangements as a way to help patients, especially the uninsured, pay for their care and treatment. For those who utilize third-party vendors for such financing, recently enacted amendments to the Illinois Dental Practice Act impose new disclosure and transparency obligations on dentists and practices and place limits on what staff can do and say in their interactions with patients regarding the subject. The amendments became effective January 1, 2025. With other states enacting or considering similar legislation regarding external patient financing for health care providers, these changes serve as a reminder to dentists in every jurisdiction about the importance of staying up to date on changes in their state’s laws and regulations. Here is what you need to know and do about these changes in order to ensure compliance once the calendar turns to the new year. No Establishing, Promoting, or Assisting With Third Party Financing A dentist, employee of a dentist, or agent of a dentist may not “arrange for, broker, or establish financing extended by a third party for a patient.” That term encompasses and prohibits submitting an application to a third-party creditor, lender, or creditor's intermediary for approval or rejection on behalf of a patient. It also prohibits dental practices from providing patients with software, links, or QR codes that have been customized with the practice’s branding. Practices can, however, provide patients with a third party’s marketing and advertising materials so long as they are not customized to the practice. Beyond providing or displaying generalized third-party advertising materials, dentists and staff cannot do much more in terms of helping a patient apply for or obtain financing. Anyone associated with a practice cannot do any of the following: Complete any portion of an application for financing extended by a third party for a patient or patient's guardian. Provide the patient or patient's guardian with an electronic device to apply for financing extended by a third party. Promote, advertise, or provide marketing or application materials for financing extended by a third party to a patient who has been administered or is under the influence of general anesthesia, conscious sedation, moderate sedation, or nitrous oxide; is being administered treatment; or is in a treatment area, including, but not limited to, an exam room, surgical room, or other area when medical treatment is administered, unless an area separated from the treatment area does not exist. Mandatory Disclosure When discussing or providing applications for financing extended by a third party, a dentist, employee of a dentist, or agent of a dentist must provide the following written notice in at least 14-point font: DENTAL SERVICES THIRD-PARTY FINANCING DISCLOSURE This is an application for a CREDIT CARD, LINE OF CREDIT, OR LOAN to help you finance or pay for your dental treatment. This credit card, line of credit, or loan IS NOT A PAYMENT PLAN WITH THE DENTIST'S OFFICE. It is a credit card, line of credit, or loan from a third-party financing company. Your dentist does not work for this company. Your dentist may not complete or submit an application for third-party financing on your behalf. You do not have to apply for a credit card, line of credit, or loan. You may pay your dentist for treatment in another manner. Your dentist's office may offer its own payment plan. You are encouraged to explore any public or private insurance options that may cover your dental treatment. The lender or creditor may offer a "promotional period" to pay back the credit or loan without interest. After any promotional period ends, you may be charged interest on portions of the balance that have already been paid. If you miss a payment or do not pay on time, you may have to pay a penalty and a higher interest rate. If you do not pay the money that you owe the creditor or lender, then your missed payments can appear on your credit report and could hurt your credit score. You could also be sued by the creditor or lender. If your dentist's office has completed or submitted an application for third-party financing on your behalf, you may file a complaint by contacting the Illinois Department of Financial and Professional Regulation at https://idfpr.illinois.gov/admin/dpr/dprcomplaint.html or by calling (312) 814-6910." Penalties for Non-Compliance A violation of these new rules and limitations is punishable by a fine of up to $500 for the first violation and a fine of up to $1,000 for each subsequent violation. IDFPR has the power to take additional disciplinary action as well. If you have any questions about these new requirements or third-party financing for dental services generally, please contact Jordan Uditsky at Grogan Hesse & Uditsky. We Focus on You So You Can Focus on Your Patients At Grogan Hesse & Uditsky, P.C., we focus a substantial part of our practice on providing exceptional legal services for dentists and dental practices, as well as orthodontists, periodontists, endodontists, pediatric dentists, and oral surgeons. We bring unique insights and deep commitment to protecting the interests of dental professionals and their practices and welcome the opportunity to work with you. Please call us at (630) 833-5533 or contact us online to arrange for your free initial consultation. Jordan Uditsky, an accomplished businessman and seasoned attorney, combines his experience as a legal counselor and successful entrepreneur to advise dentists and other business owners in the Chicago area. Jordan grew up in a dental family, with his father, grandfather, and sister each owning their own dental practices. This blend of legal, business, and personal experience provides Jordan with unique insight into his clients’ needs, concerns, and goals.
Show More
Share by: