What is HIPAA and why do you need it?

The Health Insurance Portability and Accountability Act, otherwise known as HIPAA, is the one of the most important pieces of legislation that your practice is required to enforce. HIPAA is a regulatory program that mandates your employees to follow a set of rules that help to safeguard your patient’s data. The main goals of implementing this legislation are easy to understand from a security perspective:

• Limit the exposure and collection of patient data to a “need to know” basis.
• Penalizing those not in compliance with regulations.

Let’s look at dental billing HIPAA requirements and compliance strategies for your practice.

Preventative Tips and Strategies

When you start to think about just how much personal information you have about your patients (social security number, address, phone number, email, etc) you start to realize that all those factors are potentially liable to unnecessary exposure, whether through a left-behind desk note or non-password protected computer. In fact, password protection is one of the easiest ways to ensure HIPAA compliance, and there are a number of ways to accomplish this without much effort:

• Refrain from using consecutive digits or easy to guess patterns of letters or words, like “1234” or “ABCD”
• Try to create a password to be remembered, not guessed
• Don’t email, text, or write down the password
• If you have trouble remembering, use a password keeper app on your phone or desktop that offers an additional layer of protection for sensitive information
• Try not to share the password unless absolutely necessary. Your employees or supervisor should only distribute it to those required to have it

On top of implanting these methods of protection, there are some other options you can consider that are helpful in minimizing risk:

• Ensure that the screens of all your workstations are pointed away from public areas, whether that’s a hallway or your waiting room
• Organize legacy patient information in a way that prevents clutter
• Keep all sensitive, private documents and paperwork with you or your employees at all times; don’t leave them unattended or loose on a desk
• Consider implementing an in-office “privacy policy” where computers are turned off during long breaks
• Keep office doors closed, especially if you have personal spaces with workstations

As you can see, some of the most important parts of HIPAA compliance don’t require fastidious implementation, but rather a “common sense” approach to how you handle someone’s personal information. Put another way, think about how you would want a friend or family member handle your paperwork versus a stranger.

The Importance of Compliance

Compliance to HIPAA is not optional, and is required for all dental practices that utilize any form of electronic billing communication for their patient’s ledgers and accounting. Luckily, HIPAA allows a self-monitoring and risk assessment system for compliance, which means that you or a trusted employee can perform these duties within your practice.

Examples of dental HIPAA violations

• Working on patient billing records from a personal computer without using a VPN
• Not keeping patient record for legally required time periods
• Losing access to a device with patient information on it
• Accessing patient files for personal use or curiosity
• Selling patient information to marketing agencies or persons

HIPAA covers a myriad of demographics within the medical and dental industry, including but not limited to: students, non-patient care employees, billing companies, and everyone working in capacity with a healthcare facility or office. This means that everyone needs to be informed of regulatory requirements for effective data protection. By utilizing these tips and strategies, your practice will be better equipped to minimize private information exposure to third parties. If you’re having trouble, implement an operating procedure that puts HIPAA compliance at the forefront of each of your daily tasks:

Dental office HIPAA checklist

1. Write out a comprehensive policy for your staff and patients regarding how you store and retrieve their personal information
2. Ensure that your PMS/EHR systems are updated as often as possible
3. Implement a monthly or bimonthly “desk clean out” policy where employees effectively organize or get rid of patient information as needed
4. Conduct in-house audits using tools from hipaajournal.com to create accountability for staff at all levels
5.  Remind employees of the legal repercussions of breaching HIPAA and the importance of ongoing compliance

Staying in compliance doesn’t mean that you need to worry about every aspect of your practice all the time. An effective procedure will change the way you operate on a consistent level, and soon become second nature.

Does billing to dental insurance disrupt HIPAA compliance?

Adhering to dental billing HIPAA means that any covered entity is responsible for compliance. This means that when an insurance claim is submitted, everyone involved must adhere to HIPAA policies. This allows for accountability for all parties when it comes to creating, storing, and retrieving an individual’s personal information.

The eAssist Dental Solutions platform takes the security of your personal information seriously. This means that every action we take is protected over our secure Virtual Private Network (VPN), allowing access to your patient’s data without having to store it on any hardware. There’s no paper trail and everything is kept safe within your office location. You can rest easy knowing that your private data is safe with us,

eAssist and HIPAA

At the eAssist Dental Solutions platform, we pride ourselves in transparency and peace of mind within our dental billing solutions, and this is represented in our adherence to all HIPAA policies. but it is your responsibility to create an environment where your office employees are following correct procedure and implementing security measures to further safeguard patient information. 

See even more details of HIPAA compliance and rules for dentists from the HIPAA Journal at these links:

https://www.hipaajournal.com/hipaa-rules-for-dentists/

https://www.hipaajournal.com/hipaa-compliance-for-dentists/