By Mario Catalano, DDS, MAGD & Marc Leffler, DDS, Esq. for MedPro Group


Technology has become ubiquitous in almost every aspect of modern living, including how we provide and receive healthcare. Today’s communication capabilities, including various forms of social media and electronic communication, have generally proven positive for healthcare providers; however, certain risks associated with technology must be recognized and avoided.

Texting offers a perfect example of a convenient, but risky technology. Although texting is acceptable in some circumstances, healthcare providers should take certain precautions. This interesting case from the Midwest illustrates how seemingly simple text communications can lead to missteps in care, a poor patient outcome, and liability exposure.

Case Discussion

Dr. M, a recent dental school graduate, joined a large dental group practice and began treating patients assigned to her by senior management. Like most people her age, Dr. M was comfortable with texting as a primary mode of communication, and she incorporated texting into her practice to communicate with her patients.

A 28-year-old male presented to the practice as a new patient, and he was assigned to Dr. M. He complained of pain in the area of the lower left jaw. Oral examination showed pericoronitis overlying a soft tissue impacted tooth. Dr. M prescribed an antibiotic and an antimicrobial mouth rinse, and she scheduled the patient to return in 2 weeks for an extraction.

The following day, Dr. M sent a text message to the patient asking how he was feeling, and he responded that he was improving. Once this texting relationship was established, a personal friendship quickly developed, including socializing outside of the practice.

The patient completed his antibiotic prescription as instructed. When he returned to the practice for the extraction, the tissues overlying the tooth were much less inflamed (although not completely normal), and the site was no longer painful.

Following a proper informed consent process, Dr. M began to extract the tooth. It took longer than she anticipated; the patient’s mouth had to be kept open with a bite block for nearly 50 minutes while Dr. M raised a full thickness flap and removed buccal bone with a bur to gain purchase point access. Postextraction, Dr. M asked the patient to continue with the rinse; however, she did not want to overload him with antibiotics (which had given him bowel distress), so she did not order a second round of antibiotics.

The evening of the surgery, Dr. M sent the patient a text — “How’s it going?” — that included an emoji of praying hands. The patient responded with a laugh emoji, followed a minute later by a sad face emoji and “lots of pain, hard to swallow, can’t open too wide.” Dr. M asked the patient to take a photo of his face and mouth and text it to her. Although the picture did not demonstrate excessive external swelling, it also did not show the intraoral extraction site or the submandibular region. The image was simply a typical frontal face selfie. Dr. M responded with a thumbs up emoji and “Don’t worry, just what I expected.”

The following morning, the patient texted “Wow, this is much worse than I figured. I think I have a fever. No work today for me!” and a thumbs down emoji. Dr. M responded only with a heart emoji and “Hang in there.” Dr. M’s text messages of that following evening and the next morning went unanswered.

The following day, Dr. M received a text from the patient stating “In hospital for surgery on my face to drain infection. Big scar. Ugh!!!” She texted back “OMG, so sorry to hear! You need some company!” and included a smiley face emoji. The patient never again spoke to Dr. M; he ignored her multiple texts and let calls from the office go into voicemail.

The next communication regarding the patient came from his attorney, who requested a complete copy of his dental record, including all text and email messages. Shortly thereafter, Dr. M was served with legal papers alleging malpractice by failing to properly treat postextraction complications — including a life-threatening infection — which resulted in permanent facial scarring. Through his attorney, the patient also filed a complaint with the state board of dentistry.

A defense expert was retained, but he had significant concerns about the technical dentistry; he also had concerns regarding the text communications. Ultimately, the case settled with a payment that compensated the patient for his medical costs, his pain and suffering, and the permanent scarring.

The state board of dentistry concluded that Dr. M had acted unprofessionally, both in relying on texting when the patient’s condition required direct contact, and in allowing her relationship with the patient to become unacceptably personal. She was fined and was required to take continuing education coursework on recordkeeping and HIPAA; this discipline was publicly posted on the board’s website.

Risk Management Considerations

Theodore Passineau, JD, HRM, RPLU, CPHRM, FASHRM
Several missteps — both clinical and nonclinical — can be identified in this case. In terms of clinical issues, the defense expert opined that it may have been wise to delay the extraction a little longer, given that the overlying tissues were less inflamed but still not normal. This was especially true in light of the fact that the patient had experienced considerable improvement and was no longer in discomfort.

The expert also felt that once the extraction had been performed, it would have been appropriate to “cover” the patient with another round of antibiotics. Finally, he felt that, at a minimum, Dr. M should have seen the patient in person once he complained about trismus and difficulty swallowing (clearly the texted selfie was inadequate).

Texting is a convenient method of communication, but it definitely has its limitations. While email can be encrypted fairly easily so that it affords an acceptable level of privacy, the same is not necessarily true with texting. (For more information, see MedPro’s article “Ensuring HIPAA Compliance in Text Messaging“).

HIPAA requires a significant level of security regarding the communication of protected health information; however, patients can waive this requirement if they wish to communicate by less secure means (such as nonencrypted email or texting). When this is the case, the less secure communication should occur only after the execution of an agreement between the patient and dentist. The agreement should explain the limited confidentiality of such communication and memorialize the patient’s agreement with this waiver of privacy. (See the Sample Agreement to Use a Nonsecure Communication Medium at the end of this case study.)

As noted above, when the patient’s attorney requested a complete copy of the patient’s dental record, copies of all texts and emails regarding the treatment also were requested. Dentists should expect that such communication will not be protected from the legal discovery process, and they will be required to produce emails, text messages, and other electronic communications related to patients’ care and treatment.

The final issue in this case was the development of a personal relationship between Dr. M and the patient. Generally, boards of medicine and dentistry view such relationships as a violation of professional ethics. Either the personal or the professional relationship should not continue in the presence of the other.

Summary Suggestions

The following suggestions may be beneficial to dentists who are treating or following up with patients remotely:

  • If the patient’s progress takes an unexpected turn at any point, request that the patient return to the office for an in-person assessment.
  • If a patient desires to use unencrypted means of communication, refrain from doing so until the patient has waived their privacy rights in writing.
  • At all times, make sure your communication with the patient is appropriate and professional. In the end, you do not know who may end up reading what you have written.
  • Refrain from maintaining close personal relationships with active patients. Such relationships are almost universally viewed as unethical.


While we all desire to make the provision of dental care as easy and convenient as possible, patient safety and quality of care should not be compromised in the process. When providing care or following up with patients remotely, be sensitive to situations that might indicate a developing problem. In-person care and face-to-face communication are essential when a situation has the potential to deteriorate. Finally, having a friendly rapport with patients is great, but dentists also should maintain professional boundaries at all times for the protection of everyone.

Sample Agreement to Use a Nonsecure Communication Medium

I, ____________________ (name of patient), as a matter of convenience, wish to use email and/or texting as a method of communication with ____________________ (name of provider/practice). In that regard, I am aware of the following:

The email and/or text messages will not be encrypted (secured); therefore, they do not meet the standards of the Health Insurance Portability and Accountability Act (HIPAA) regarding patient privacy. Nevertheless, I wish to utilize email and/or texting to communicate with ____________________ (provider/practice).

Emailing and texting carry an increased risk of protected health information (PHI) being directed to, or intercepted by, someone other than the intended party. I understand and accept that risk.

Emailing and texting are nonsynchronous methods of communication, which means the messages I send may not be read for hours or even days after they are sent. I will not use email or text messages to communicate information that is urgent or emergent.

I understand that the content of email and text messages might be stored in my patient record and might thereafter be read by anyone who has access to my record.

  • I understand that either party to this agreement may terminate it at any time by providing written notice to the other party.

I understand and acknowledge the above information, and wish to commence email and/or text communication with ____________________ (name of provider/practice).

Signature__________________________ Date____________________
(Patient/Parent/Legal Guardian)

As the nation’s leading dental malpractice insurance carrier, MedPro Group has unparalleled success in defending malpractice claims and providing patient safety & risk solutions. MedPro is the nation’s highest-rated malpractice carrier, rated A++ by A.M. Best. The Berkshire Hathaway business has been defending dentists’ assets and reputations since 1899 and will continue to for years to come.

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and may differ among companies. ©2021 MedPro Group Inc. All rights reserved.