Ensuring Your Dental Practice is HIPAA Compliant

Kiltesh Patel
January 19, 2018 | 3 min read

Ensuring Your Dental Practice is HIPAA CompliantWhen it comes to dental practice software, one of the most important aspects of that software is security. As hackers get more creative about mining sensitive information and the more unsecured devices we add to our daily routines ("smart" anything), the more diligence is needed. Ensuring your dental practice is HIPAA compliant goes beyond software, though, to your office processes, staff training, and more. 

How can you ensure that your staff and practice are protecting your patients and staying HIPAA compliant? Here are a few ideas:


Documentation & training

We've talked before about office processes and protocols. Obviously, we're big fans of making sure that you have everything organized and documented. This not only helps your staff as they are training or if they have questions, you also have a tool to use if something isn't being followed. For example, having documentation protects you as a business owner when you have to make staff decisions. It also can help if you have a HIPAA issue that needs to be addressed.

Your staff need to be well-educated on the dos and don'ts of HIPAA and protecting patients. Someone in your office should be well-versed in HIPAA laws so he or she can conduct training and answer any questions. Anyone who has access to or uses personal health information (PHI) should have some level of training on what is and what is not appropriate when it comes to that sensitive information.

Remember, even if you don't commit the violation yourself, you could be held liable if there is an issue. That's where adequate training, documentation, and procedures come into play. The best time to put that into place is when you start a new dental practice, but even if you aren't brand new, you need to have those in place.

Dependable partners

Anyone you are working with, from marketing groups to insurance, your software provider and more should be sensitive to HIPAA compliance. Even if it doesn't seem like someone who would have access to PHI, you'll want to know you can trust your partners. The best way to do this is to ask and find partners who have worked with other dentists or healthcare providers.

For software, there are multiple layers of security needed. This protects your practice from all kinds of breaches - both ones related to HIPAA and others looking for financial records. In any case, this is all sensitive, practice-critical data that needs to be protected. You must make sure your software provider is doing everything they can to secure your data.

We've talked in the past about how cloud-based software is more secure than those with on-site storage. So, we highly recommend looking for a cloud-based option. The next step is to find one that has been certified HIPAA compliant by an auditor (like tab32). There's no reason to use a software provider that doesn't check those boxes. For your practice, there is too much at stake to cut corners or just hope and pray that your data will be safe. 

Additional resources

The ADA has some options specifically tailored to dental practices. Check that out here. You can also read more on the steps we've taken to be HIPAA compliant here and why we chose to be a cloud-based dental software here. Good luck!


No Comments Yet

Let us know what you think