By Jeff Smelser, and independent Blogging Outreach Specialist for Dentists
When a patient walks into your practice, there is a relationship of trust that must be in place. Not only trust in how you address their teeth, but also, they trust you to be proper stewards of their sensitive patient data.
When a patient looks for new dentist, they are looking for someone knowledgeable that can not only provide complete treatment for your family, but also one who meets security and HIPAA ruoles. In this article we will let dentist learn more about dental service in relation to computer security and HIPAA rule.
What does a Dental Practice Need to Do to Be Secure?
The technology behind health care delivery is rapidly changes, as dentists try to maintain a maximum technology-rich climate. As a result, dental offices have become vulnerable to cyber security threats. The growing volume and sophistication of cyber-attacks suggest that dental practice will have to grow to address these threats.
Many dentists believe that cyber criminals are not a threat to their small dental office, but the truth of matter is that many dental office lack the hardware, configuration, or IT personnel that is necessary, thus making dental practices an easy target. In fact, many hackers specifically target small business and dentists because they know that small business don’t have sophisticated security devices, nor do they enforce employee security policies.
The most common cause of data beaches in any health care organization ate theft, hacking, unauthorized access and loss of records. Health Insurance Portability and Accountability (HIPAA) requires dentists to preserve the seclusion of patient’s health evidence and take security procedures to protect this information from abuse by staff. If dentist violates HIPAA, they may face penalties, as well as the lawsuits filed by discontented patients whose health information was compromised. It’s crucial for a dentist to take measures to ensure that their exercise is in compliance with HIPAA’s strict security policies.
Ensuring that all computers are placed in areas where PC monitors not visible to patients is important for maintaining privacy. Additionally, each computer must be protected with encrypted passwords in case they are stolen or otherwise breached. As part of regular training, staff must be informed of any and all aspects of HIPAA complaint security practices.
A Few HIPAA Rules
The breach notification rule is a big one. If a breach occurs which involves more than 500 records, whether SSN or only name and birthdates are compromised, the media must be alerted to the breach and patients must be informed. This reality ends up hurting the dental practice more than just the fines incurred – it hurts your brand, and is tough to recover from.
Technical requirements cover how patient data should be communicated electronically. For example, email communication between dentists must be encrypted, with audit trails showing that the message was received by the proper recipient. Another technical requirement is the presence of strong antivirus with alert systems in place to show when a breach has occurred.
The administrative HIPAA rules for begin with designating a HIPAA Privacy Officer within your practice. This person should conduct a proper Risk Assessment, which outlines all of the possible risks to data.
Obtaining a consultation from a trusted HIPAA expert is a must for any dental practice getting their feet wet with data security.
A Note on Patient Trust
Many times, your patients don’t have the knowledge to understand the measures you take to protect their data. You’re not advertising that you’ve encrypted your emails, or that you are abiding by the specific laws required by HIPAA. They are trusting you to be the experts – take it seriously, and abide by your patients best interest to avoid a costly breach that would result in loss of patient trust, and most importantly, loss in patients due to a damaged brand.
About the Author
Jeff Smelser is an independent Blogger Outreach Specialist, whose work can be found all over the web. He has worked for a Dental service in Herndon, as well as other various dental practices to give information regarding HIPAA and dental practices.
dmi Networking is a provider of HIPAA compliant dental IT in the SF Bay Area and beyond