• linkedin
  • Increase Font
  • Sharebar

    Imaging in a HIPAA world

    There are now many new rules and regulations regarding the protection and privacy of patient information.


    Disaster recovery

    While backing up your data is obviously critical and has been for decades, new HIPAA regulations make this even more critical. HIPAA requires the backup be “retrievable” (this mostly means offsite), and it must also be “indecipherable, unreadable and unusable”, which you can easily accomplish using the encryption I mentioned above. While I am a huge fan of online backup, for offices that handle images, a two-pronged approach is needed, as downloading multiple gigabytes of data from an online data center could take days or even weeks.

    What I recommend is doing an “image” of the server to a local device. This would be an exact snapshot of the entire server, including settings, programs, etc. This image can be updated as often as every 15 minutes. If the server goes down, you create a virtual copy and can get up and running within minutes. And, if the entire office burns down, you could restore from the online backup. Keep in mind that many of the better online services charge based on the amount of data you have.

    Risky business: HIPAA compliance and the importance of risk analysis assessments

    Sharing information

    While there are some very good online portals for sharing images, the reality is most dentists prefer to use email when communicating with other offices. HIPAA has some very clear criteria when it comes to what it calls “data in motion,” and email certainly qualifies as data in motion.

    For the most part, if you send images to another office, you should use an encrypted email system to meet HIPAA regulations. Yes, you could in theory send just, say, a single bitewing radiograph with no identifying information and then call up the recipient to tell them which patient that X-ray belongs to, but that’s not really practical. Encrypted email systems can be found for less than $50/month, are very easy to use and will protect both the sender and recipient from HIPAA violations.

    While image management has made HIPAA compliance more challenging, there are many established systems available that allow dental practices to meet these rules and regulations.

    Interesting reading: 5 steps to developing your team

    Dr. Lorne Lavine
    Dr. Lorne Lavine, founder and president of Dental Technology Consultants, has more than 30 years invested in the dental and dental ...


    Add Comment
    • No comments available