• linkedin
  • Increase Font
  • Sharebar

    8 ways to keep your practice HIPAA compliant

    Keeping your patients' data safe should be a top priority.

    You do everything you can to protect your patients’ oral health, but are you protecting their privacy as well? HIPAA rules and regulations are critically important to every business that has access to medical information.

    A practice that fails to protect their patients’ health information could end up facing severe penalties and fines, which can have far-reaching effects for years to come. Having to defend yourself against a regulatory violation is an extremely time-consuming process, not to mention embarrassing and a bad mark against your practice.

    It makes much more sense to take a preventive approach and put proper protections in place to provide your patients with peace of mind and keep your practice in compliance.

    HIPAA Matters

    HIPAA lawIn order help patients know and understand their privacy rights, it’s required by law that you have patients acknowledge that they have received and read HIPAA information from your practice. More often than not, patients barely skim this information or breeze by posted HIPAA signs without so much as a second look.

    However, this doesn’t mean HIPAA doesn’t matter to patients.

    If your practice were to compromise a patient’s medical information in any way, they would be highly upset and probably pursue any and all legal remedies. That’s why it’s critical to do everything possible to avoid any HIPAA violation. Follow these tips for protecting your patients’ privacy:

    Related article: What you need to know about HIPAA compliance and patch management

    1. Know what is meant by protected health information

    Some practices think that protecting patient privacy is limited to masking basic information such as names and Social Security numbers. In reality, it applies to any information that is personal or unique to a patient. This could include patient phone numbers, emails, addresses, etc. According to HIPAA rules, contact information is equal to medical information and must be guarded and protected.

    2. Put a business associate agreement in place 

    This is a simple agreement that requires any outside entity (e.g., an outside billing company) to keep all patient information confidential.

    3. Watch your passwords 

    Some passwords must be shared for the efficient use and access of common office software and systems. For greater security, your rule of thumb should be that the fewer number of people with access to confidential patient information the better. This decreases the likelihood that anything will accidentally or deliberately leak from the practice.

    Related article: How to evaluate HIPAA compliance in your dental practice

    4. Review email use 

    It is important to evaluate how you're communicating with patients. Practices often email detailed information to patients that should not be read or received by others. To avoid a HIPAA violation, make absolutely sure that these emails are encrypted.

    There are also rules that apply to the types of devices (e.g., computers, smartphones, tablets, etc.) that are used to send information. Frequently, staff or doctors will use their personal devices to send information to patients, which could be a serious HIPAA violation.

    Click to the next page to read 4 more tips...

    Dr. Lorne Lavine
    Dr. Lorne Lavine, founder and president of Dental Technology Consultants, has more than 30 years invested in the dental and dental ...


    Add Comment
    • No comments available