In cooperation with my friends at Aspida, we’re launching a new column to the site, the Compliance Corner. Each quarter, we’ll feature a new article about HIPAA compliance, regulatory news, keeping patient data private & secure, and other topics to help keep dental practices and their patients safe. Here’s the first article from Laura Miller, Compliance Manager at Aspida. It’s a primer on the basic tenets of HIPAA and why compliance is important for dental practices and their team members. Enjoy!
HIPAA. This simple five letter acronym has the power to elicit almost the exact same reaction from any healthcare provider… UGHHH! Hospitals, dental offices, and any other health care providers that manage private health information today must adhere to strict policies for ensuring their data is secure at all times.
HIPAA is not new – it’s been around since 1996! Contrary to what you commonly see, it’s NOT spelled with two P’s (HIPPA). And it’s actually not all bad.
Still with me?
The Health Insurance Portability and Accountability Act (HIPAA) was created to protect your patients and their Protected Health Information (PHI) by way of applying processes into a service related practice.
Bottom Line: Healthcare providers need to apply certain procedures, or safeguards, within the practice to ensure their patients’ data are not vulnerable to snooping eyes (and hands!). HIPAA defines these safeguards by three separate categories: Administrative, Physical & Technical.
Below you will find HIPAA’s definition of these safeguards and our interpretation.
• Administrative procedures are defined as, “administrative actions, and policies and procedures to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.”
Aspida Breakdown: People & Process. Examples: What can you say and Who can you say it to? This covers your Notice of Privacy Practices – are they up to date? Is your staff trained on HIPAA? Is it documented?
• Physical Safeguards are the “physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion.”
Aspida Breakdown: What is going to stop someone from physically stealing your patient data. Examples: Are there locks on your perimeter doors? Is your server located in a locked closet? Is your server housed off premise (hosted in the cloud)?
• Technical security mechanisms and services are the “technology and the policy and procedures for its use that protect electronic protected health information and control access to it.”
Aspida Breakdown: This is your (computer) network infrastructure. Examples: Do employees have unique logins to access your network? If you employ remote access, have you verified a secure connection? If you have WiFi, is it password protected? Do you email ePHI securely (encrypted)?
By familiarizing yourself and your team about HIPAA, you’ve taken the first steps to protection. The next step would be to figure out what procedures work best for your practice and come up with a plan for implementation. Luckily, there are companies that specialize in assisting dental offices with implementing such protocols. And don’t forget, documentation of all policies and procedures is key!
About the Author:
Laura Miller is Compliance Manager of Aspida, which has quickly established itself as an industry leader in providing compliance security products and services for healthcare providers. Their first product to market, Aspida Mail, offers medical practices affordable Encrypted Email without compromising security.
Miller has over 8 years of experience in the healthcare industry including 3 years with a primary focus on HIPAA Compliance procedures.
Thank you for reading! And as a special Thank You, Aspida is offering readers of this site an exclusive discount on your first three months of Aspida Mail – get the first three months for $3 with Promo Code “DUNN”. Click the button to the right to take advantage of this offer.