Click here for more sample CPC practice exam questions with Full Rationale Answers

Practice Exam

Click here for more sample CPC practice exam questions and answers with full rationale

Practice Exam

CPC Practice Exam and Study Guide Package

Practice Exam

What makes a good CPC Practice Exam? Questions and Answers with Full Rationale

CPC Exam Review Video

Laureen shows you her proprietary “Bubbling and Highlighting Technique”

Download your Free copy of my "Medical Coding From Home Ebook" at the top left corner of this page

Practice Exam

2016 CPC Practice Exam Answer Key 150 Questions With Full Rationale (HCPCS, ICD-9-CM, ICD-10, CPT Codes) Click here for more sample CPC practice exam questions with Full Rationale Answers

Practice Exam

Click here for more sample CPC practice exam questions and answers with full rationale

FTC fines software vendor over false encryption claims

Henry Schein Practice Solutions, Inc., a provider of office management software for dental practices, agreed to pay $ 250,000 to the Federal Trade Commission (FTC) to settle charges that Schein lied to consumers about the level of encryption its product provides. The charges specifically address the level of security offered by Schein’s Dentrix G5 software, an office and data management tool that was marketed to address the day-to-day operations of a dental office including database storage of patient records. The software, originally launched in 2012, was marketed as offering encryption capabilities that would help a practice meet HIPAA security requirements.

In contradiction to Schein’s statements to consumers, Dentrix G5 did not use the National Institute of Standards and Technology (NIST) industry standard Advanced Encryption Standard (AES) security. Schein was aware that its product used a less complicated data encryption method and continued to explicitly promote the software’s data encryption capabilities and claimed that the software met “data protection regulations” in marketing material, the FTC alleged in its complaint.

The U.S. Computer Emergency Readiness Team (US-CERT) issued a warning in 2013 about the data encryption method Schein used in its software. Dentrix G5 used Faircom c-tree-ACE which offers a weak level of obfuscation. The algorithm used in this method was called Faircom Standard Encryption, but the name was changed to Data Camouflage to distinguish it from standard encryption algorithms. Faircom describes their Data Camouflage as a supplement to existing security and not a replacement for other security systems. US-CERT notified Schein of this vulnerability on June 10, 2013.

Schein is required by the consent agreement to notify all customers who purchased Dentrix G5 that the software does not offer industry-standard encryption. Schein agreed to provide the FTC with ongoing progress reports on its notification program, and is prohibited from using false advertising to mislead consumers about its products’ data encryption and security capabilities.

The FTC published a description of the consent agreement in the Federal Register. The consent agreement is open for public comment for 30 days. The FTC will then decide whether to make the consent agreement final. The deadline for public comments is February 4.

HCPro.com – HIM-HIPAA Insider