Northcutt Dental-Fairhope (Ala.) agreed to take corrective action and pay $62,500 to settle potential HIPAA Privacy Rule violations after disclosing patients' protected health information to a campaign manager and a third-party marketing company hired to assist with a state Senate election campaign, according to a March 28 HHS press release.
Northcutt Dental owner David Northcutt, DMD, ran for state senator for District 32 in Alabama under the Republican Party in 2017, according to the resolution agreement.
Dr. Northcutt shared an Excel sheet with the names and addresses of 3,657 patients of Northcutt Dental to his campaign manager, who then mailed letters to the patients announcing Dr. Northcutt's run for state Senate. Though the letters contained the campaign's letterhead, it addressed recipients as "Dear Valued Patient," according to the resolution agreement.
Northcutt Dental sent an email communication to patients about Dr. Northcutt's campaign using third-party marketing company Solutionreach on April 30, 2018. These emails had headers showing the email as coming from "Northcutt Dental" and the message was signed "Sincerely, Northcutt Dental," according to the resolution agreement.
The practice agreed to take corrective action and pay the $62,500 resolution amount, according to the HHS press release. The agreement is not an admission of liability from the practice.