DMA Tech Solutions
Pennsylvania Dental IT

Dental IT Support For Pennsylvania Practices

Pennsylvania rewrote its breach notification law twice in recent years, and most of what circulates about it is wrong. We support PA dental practices with safeguards, backups, and retention that match what the code actually says.

Why Practices Choose DMA:
Aligned to 49 Pa. Code § 33.209(b)
HIPAA technical safeguards & encryption
Dexis, Dentrix, Eaglesoft & Open Dental
Serving Pennsylvania practices since 1987
Serving Pennsylvania Since 1987

Dental IT Built Around Pennsylvania Practices

Pennsylvania has amended its breach notification law twice recently — Act 151 of 2022 took effect in May 2023, and Act 33 of 2024 followed in September 2024. The result is that a lot of the guidance aimed at PA practices is describing a version of the law that no longer exists, or describing rules that were never aimed at private practices in the first place.

The most common error is the seven-business-day deadline, which gets quoted at dental offices constantly. It applies to state agencies, counties, municipalities, and public schools. It does not apply to your practice. Below is what actually governs a Pennsylvania dental practice, with citations you can check.

Pennsylvania At A Glance

Licensing BoardPennsylvania State Board of Dentistry, Bureau of Professional and Occupational Affairs
State AssociationPennsylvania Dental Association (organized 1868)
Our Office4336 Brecksville Rd, Ste A, Richfield, OH 44286
Direct Line(440) 397-3000
What Actually Applies In Pennsylvania

The Pennsylvania Rules That Shape Your IT

Much of what circulates about these rules is wrong or out of date. Here is what the statutes and codes actually say, with citations you can check yourself.

Pennsylvania requires 5 years from the last dental entry

The Pennsylvania Code is direct: "A patient dental record shall be retained by a dentist for a minimum of 5 years from the date of the last dental entry." The same section requires that copies be furnished within 30 days of a written request — and explicitly regardless of any unpaid balance, so records cannot be withheld over a bill. Five years is the shortest requirement across the three states we serve, which matters if you operate a group spanning state lines: a single retention policy has to satisfy the strictest state, not the nearest one.

49 Pa. Code § 33.209(b)

The 7-business-day deadline is not yours

Pennsylvania’s breach law does contain a seven-business-day notification deadline, and it is probably the single most misquoted rule in PA practice-compliance content. It applies to State agencies, and to counties, public schools and municipalities. A private dental practice is subject to neither provision. Your deadline is "without unreasonable delay" — no fixed day count — and if you comply with your primary functional federal regulator’s requirements, HIPAA deemed compliance applies.

Breach of Personal Information Notification Act, Act 94 of 2005, 73 P.S. §§ 2301–2329

Act 33 of 2024 narrowed what counts as medical information

The 2024 amendment lowered the credit reporting agency threshold from 1,000 residents to 500, added Attorney General notice for breaches affecting more than 500 residents, and requires 12 months of credit monitoring when Social Security numbers, bank accounts, or driver’s license numbers are exposed. It also narrowed the definition of "medical information" to information held by a State agency or State agency contractor — meaning a private practice’s clinical records now fall outside PA’s "personal information" definition. Your clinical data is governed by HIPAA here, not by the state statute. The administrative data you hold — payroll, payment cards, staff records — is a different question worth raising with counsel.

Act 33 of 2024 (S.B. 824), effective Sept. 26, 2024; Act 151 of 2022, effective May 2, 2023

Regulatory summaries are provided for general information and were verified against primary sources at the time of writing. They are not legal advice — confirm your practice's obligations with your own counsel.

Pennsylvania FAQs

Common Questions From Pennsylvania Practices

Ready To Fix Dental IT In Pennsylvania?

Get a clear read on your network, imaging, backups, and HIPAA safeguards from engineers who work on dental practices and nothing else.

Schedule Your Free IT Assessment