What is HIPAA and why do you need it?
The Health Insurance Portability and Accountability Act, otherwise known as HIPAA, is the one of the most important pieces of legislation that your practice is required to enforce. HIPAA is a regulatory program that mandates your employees to follow a set of rules that help to safeguard your patient’s data.
The main goals of implementing this legislation are easy to understand from a security perspective:
- Limit the exposure and collection of patient data to a “need to know” basis.
- Penalizing those not in compliance with regulations.
Preventative Tips and Strategies
When you start to think about just how much personal information you have about your patients (social security number, address, phone number, email) you start to realize that all those factors are liable to unnecessary exposure, whether through a left-behind desk note or non-password protected computer.
In fact, password protection is one of the easiest ways to ensure HIPAA compliance, and there are a number of ways to accomplish this without much effort:
- Refrain from using consecutive digits or easy to guess patterns of letters or words, like “1234” or “ABCD”. Try to create a password to be remembered, not guessed.
- Don’t email, text, or write down the password. If you have trouble remembering, use a password keeper app on your phone or desktop that offers an additional layer of protection between sensitive information.
- Try not to share the password unless absolutely necessary. Your employees or supervisor should only distribute it to those required to have it.
On top of implanting these methods of protection, there are some other options you can consider that are helpful in minimizing risk:
- Ensure that the screens of all your workstations are pointed away from public areas, whether that’s a hallway or your waiting room.
- Keep all sensitive, private documents and paperwork with you or your employees at all times; don’t leave them unattended or loose on a desk.
- Keep office doors closed, especially if you have personal spaces with workstations.
The Importance of Compliance
Compliance to HIPAA is not optional, and is required for all dental practices that utilize any form of electronic billing communication for their patient’s ledgers and accounting. Luckily, HIPAA allows a self-monitoring and risk assessment system for compliance, which means that you or a trusted employee can perform these duties within your practice.
HIPAA covers a myriad of demographics within the medical and dental industry, including but not limited to: students, non-patient care employees, billing companies, and everyone working in capacity with a healthcare facility or office. This means that everyone needs to be informed of regulatory requirements for effective data protection. By utilizing these tips and strategies, your practice will be better equipped to minimize private information exposure to third parties.
eAssist and HIPAA
At eAssist, we pride ourselves in transparency and peace of mind within our dental billing services, and this is represented in our strict adherence to all HIPAA policies. This means that every action we take is protected over our secure Virtual Private Network (VPN) which allows us access to your patient’s data without having to store it on any hardware. This means that there’s no paper trail, literally and metaphorically, and everything is kept safe at your office location, with only our network able to access it.
You can rest easy knowing that your private data is safe with us, but it is your responsibility to create an environment where your office employees are following correct procedure and implementing security measures to further safeguard patient information.
See the details of HIPAA compliance and rules for dentists from the HIPAA Journal at these links: