Dental technology blog

Thursday, 07 February 2013 10:11

If you thought you knew the meaning of HIPAA… well, it’s changed. Featured

Written by 
Rate this item
(0 votes)

HIPAA CybersecurityIn 1996 HIPAA was signed into law by President Clinton. 

You’ve probably implemented the forms and procedures to comply with these regulations and you can now move on to caring for your patients.  Right?  

HIPAA is a living breathing organism that changes and grows. 

If you haven’t kept up with it over the past number of years then it’s time to take a fresh look at this teenager.

Over the years HIPAA has gone through numerous changes. 

Here is an abbreviated recap of some of its milestones.

  • In 1998 the employer ID was created and added to the rules
  • In 2000 specific electronic transaction and code sets were added and then updated last year
  • Security standards were established in 2003
  • The national provider ID was added in 2008

As I said, it is a living breathing organism.  

Recently it had another growth spurt and on January 25th Health and Human Services (HHS) published revisions to the privacy, security and enforcement of breach notification rules into the Federal Register.  These new rules become effective on March 26th of this year. 

Are you ready?  Here are a few highlights of the updated rules.

  • It clarifies an individual’s right to access their PHI (Protected Health Information).  They have the right to ask a provider for a copy of their PHI along with a list of all disclosures the provider has made of this information.  These disclosures would include health plans and other providers in your referral or consulting network.
  • Privacy and security requirements have been extended to the provider’s business associates.
  • The maximum data breach penalties have been raised to $1.5 million per violation.

Let’s dedicate a little more space in this post to talking about data breach, since this is the item that is getting the most attention with the new rules.

A data breach or data exposure is an unauthorized release of a patient’s PHI.  The old rule allowed the provider to assess whether the exposure created a risk of harm to the patient, sometimes called the “harm threshold”.  If there was no risk of harm then the breach did not need to be reported. 

The new rule strengthens this definition.  Its focus is no longer on the risk of harm to the patient but whether there was an unauthorized release of PHI.  Very little “wiggle-room” for a provider confronted with an exposure.

Since reporting a data breach means informing the patients involved, HHS and perhaps your local media it can have a detrimental effect on your dental practice.  This does not even take into account the penalties that can be levied by the federal government.

I am not an attorney and this post is not intended to provide anyone with legal advice.  It is to alert you to the new HIPAA rules and to suggest you consult your legal counsel for a more informed opinion, particularly if you are confronted with a potential breach.  

I’ll leave you with a couple of quotes from Leon Rodriguez the Director of the HHS Office of Civil Rights (the HIPAA enforcement arm).  He says about the new rules,

“…not only greatly enhances a patient’s rights and protections, but also strengthen the ability of my office to vigorously enforce the HIPAA privacy and security protections.”

And again from Mr. Rodriguez,

“We have moved into an area of more assertive enforcement.”

Taking these new rules seriously would be a right click.


Read 20842 times Last modified on Thursday, 07 February 2013 11:26
Login to post comments

Search the blog

Free digital transition e-course

Electronic prescribing with eRx

Integrate electronic prescribing into DAISY and elevate patient safety, prescription security, and efficiency.

eRx empowers dentists with rapid access to each patient’s prescription record and potential contraindications, triggering alerts when drug interactions are found.

Integrated electronic prescribing also simplifies insurance formulary cross-referencing. Fill and refill prescriptions from any location using your mobile device.

eRx handles record-keeping automatically behind the scenes – in real-time.

Get your free DAISY ERx demo today!

DMC’s Redundant Backup Solution is: 

  • Fail-safe. Data is backed up and stored to two separate locations.
  • Automated. Backup automatically protects selected data.
  • Monitored.Data protection and backup is maintained by DMC.

    The secret to a pain free digital radiography upgrade

    When you purchase digital X-ray equipment through DMC, we’ll manage all components of your X-ray imaging upgrade — and remain your first and only support call for life.

    More downtime means less revenue, so our entire digital radiography business is focused on ensuring a seamless transition to the latest digital X-ray imaging equipment.

    When you choose DMC for a complete X-ray systems upgrade, you can count on:

      1. One point of contact
      2. Personalized configuration
      3. Comprehensive training
      4. Minimal office closure
      5. Less stress

        Schedule a personal consultation with a digital radiography specialist today for a cost-effective and worry-free transition to a fully digital practice.


        The new DAISY Mobile web application for dentists is here

        DAISY Mobile lets you access patient and scheduling information directly from your smartphone.

        Get anywhere, anytime access to:

        • Check patient records
        • View and edit appointments
        • Confirm that a caller is a patient
        • Create, edit and view clinical notes
        • Issue electronic prescriptions (enrollment in DAISY eRx required)

        A quick access icon on your smartphone takes you directly to the DAISY mobile dental app — there’s no software to download or install.

        Available to all practices running DAISY, this mobile app for dentists helps you keep patient records confidential by eliminating the need to leave the office with paper reports.

        Own a smartphone? Leverage the power of DAISY’s new mobile dental application today.


        DAISY DVD overview

        Top Dental Software Video Overview

        Contact DMC

          • 10505 S.E. 17th Ave.
          • Milwaukie, OR 97222
          • 800-368-6401
          • Email DMC

           Dental software TwitterDental software facebook fan pageDental software RSS feed