Skip to main content

How to Avoid HIPAA Marketing Scams

Written by Modern Practice Solutions on . Posted in Modern Practice Solutions.

How to Avoid HIPAA Marketing Scams

Has your dental office received a phone call stating:
“My name is XX. I’m calling your office today to conduct your mandatory HIPAA Security Risk Assessment that’s required by the Department of Health and Human Services…” Learn how to avoid HIPAA marketing scams and protect your practice from misleading tactics designed to sell unnecessary services.

Reports from Dental Offices in Kentucky and Tennessee

Many dental offices in Kentucky and Tennessee have reported receiving these calls. The caller often sounds professional and uses a government-like tone. They imply they are HIPAA auditors, although they never claim to represent a federal agency.

Unfortunately, some front desk staff have shared information with these callers, mistakenly believing they were complying with a government requirement.

Understand the HIPAA Security Risk Assessment

First, understand that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule requires a Risk Assessment. This assessment helps covered entities, like dental practices, identify threats and vulnerabilities to electronic protected health information (ePHI). Additionally, it ensures compliance with physical, technical, and administrative safeguards.

Misleading Marketing Tactics

These calls are not from the government. Instead, they are deceptive marketing tactics to sell HIPAA Security Risk Assessment services. While the service may be legitimate, the marketing method is highly misleading. Callers intentionally make dental practice staff believe they are speaking with a government representative.

How the Government Communicates

When the Department of Health and Human Services contacts your office, the first communication typically arrives by hard copy letter through the mail. These letters are clearly identified with official government letterhead. After the initial letter, further communication usually occurs via email or through the agency’s secure portal.

Protect Your Practice

Never share compliance information over the phone. Train your team to handle compliance-related calls appropriately. Instruct them to forward these calls to your compliance officer, office manager, or the dentist(s) who own the practice. By taking these steps, you can prevent your practice from falling victim to deceptive marketing tactics.

For more information, contact Modern Practice Solutions.

Author

  • Modern Practice Solutions

    If you need support with OSHA and HIPAA compliance, you’re in the right place. Since 2000, we’ve been helping dental practices navigate these complex regulations. We understand the increasing challenges posed by evolving compliance requirements, cyber threats, and the significant government penalties for non-compliance. Let us help you stay protected and compliant.

    View all posts

Compliance Law, Dental Law, HIPAA, Modern Practice Solutions

Modern Practice Solutions

If you need support with OSHA and HIPAA compliance, you’re in the right place. Since 2000, we’ve been helping dental practices navigate these complex regulations. We understand the increasing challenges posed by evolving compliance requirements, cyber threats, and the significant government penalties for non-compliance. Let us help you stay protected and compliant.