HIPAA Rules Affect Dental Office Privacy Regulations
The HIPAA rules of privacy and security regarding protected health information (PHI) are extremely important to understand and implement in a dental office. HIPAA was developed to protect access to patient healthcare records and prevent theft and fraud of personal information. HIPAA was also developed to limit access to PHI within any healthcare setting and secure the PHI when transmitted electronically. Of importance to dental offices that do not transmit patient information electronically, is the fact that HIPAA rules set a general standard for patient privacy rights and data protection that have created a set of standard "best practices" that should be met by all healthcare facilities, even those that still maintain "paper" chart records.
HIPAA Compliance Includes Annual Staff Training
The HIPAA standards include mandatory yearly training of staff in patient privacy and data security. This is particularly important as HIPAA violations often include the lack of documentation of staff training. Many practices now have patient data migrated to laptops, smartphones and tablets which demand specific data breach protections such as encryption and secure passwords. Practices should also verify that they have mandated Business Associate Agreements in place if they outsource tasks that allow outside entities access to PHI.
For an expanded review of PHI security regulations see our CE course on Understanding HIPAA Basics