HIPAA Un-Riddled!
What happened to the day when you unlocked the office, turned on the suction, picked up a handpiece and straight-up—practiced dentistry?
Electronic Communication (E/C) has taken the innocence of practicing dentistry right out of our hands! While it provides instant information and keeps us “in-the-know”, the double edge to E/C now obligates us, and healthcare practitioners, to insulate and protect our patient “Protected Health Information” to the Max! Read on— you’ll be glad you did…
What Does This Mean to Your Dental Office?
By now you know that you must protect your Patient’s “PHI” (Protected Health Information) to very strict HIPAA Privacy & Security Standards. This applies especially to your facilities paper communication, electronic communication (computers) and internet activities. Since 2010, The Us Department of Health and Human Service (www.hhs.gov) has required “hi-tech policies” be observed within all healthcare settings in the USA. But every year, as technology and identity theft evolves, you must keep up with the curve!
To ensure that your facility standards can stand up to a HIPAA Audit (and yes, they are visiting dental offices in full force) and that you are implementing all of the current HIPAA Privacy & Security Standards for Conversations, Texts, Copies, Emails & Faxes. Yes, all of those daily office function has specific HIPAA Privacy & Security Standards. To understand “how you must behave”, its best to establish a comprehensive HIPAA Program within your office that your review continually and update at least annually.
What-to-Do:
You can take the long road or the short-road to successful HIPAA compliance. The following are “short-road /best practices” and provide the least time-consuming remedies for implementing compliant HIPAA protocols:
Conversations: HIPAA has protocols for “regulatory language”. This means you should refrain from using the patients “full name” and avoid using the patients “the last name” in spoken conversation. If you want to be more respectful to elderly patients or Doctors who may frequent your office, make sure you have permission a permission statement on your HIPAA Patient Acknowledgement Form that allows the patient to give your team permission to call them by their SurName.
Texts: Texting is definitely convenient, but under HIPAA Regulations, you cannot text Patient Protected Health Information (PHI). A “patient name” is considered PHI. When texting either do not text a patient’s full name— or download a HIPAA compliant text APP to all cell phones.
Copies: Copy Machines need to be located in a low traffic area, under Management Control & specific logs even need to be kept for specific types of copying. Be sure you have written protocols for “filing or shredding” paper documents. Make sure that all employees are aware of these protocols and follow them to current HIPAA law. Paper documents containing PHI that is not going to be securely filed, need to be shredded ASAP. This protocol needs to be I written format within your HIPAA manual.
Emails: It is not required that you have an Out-Going Email Encryption Service, but it will sure be a lot less complicated! If you do not sign-up for an Out-Going Email Encryption Service, you will have to create a written procedure for: testing emails, logging the test, sending an announcement that you are not sending your emails with encryption, getting permission—only then can you send an email. (Wow! That’s exhausting! Get the Out-Going Email Encryption Service. It’s only $15 / month in most instances.)
Faxes: Practice owners are now responsible for where facsimiles end up on the other end! To be HIPAA compliant either: retire your fax machine, do not fax out or convert your faxes to email encryption.
HIPAA Standards are constantly evolving. Make sure your office completes a comprehensive update in 2019. If you find yourself a bit overwhelmed with all of this, don’t stay confused. Call our team for guidance should you need clarification on the aforementioned protocols. It’s our pleasure to help!
Created by Jill Obrochta RDH BS
Call us for a copy of our: 2019 HIPAA FACILITY COMPLIANCE CHECKLIST or
ASK TO GET COACHED by JILL: 941-587-2864