Compliance Corner: With This Contract, I Thee Enter Into Business With

Posted on April 18, 2016 by jmichaeldunn

Aspida Ad Oct2015

In cooperation with my friends at Aspida, here’s the next article in the Compliance Corner series.  Each quarter, we’ll feature a new article about HIPAA compliance, regulatory news, keeping patient data private & secure, and other topics to help keep dental practices and their patients safe. In this article, Laura Miller, Compliance Manager at Aspida, provides important information on Business Associate Agreements.  Enjoy!

Think about any entity, or individual, you allow access to your patient information (Protected Health Information or PHI) in order to facilitate their job. This could be anyone from an IT company, your practice management system, even your collections agency. Wouldn’t it be nice to know these companies are taking precautions to safeguard your patient PHI? This is exactly what a Business Associate Agreement (BAA) is!

We’re going to delve into the ins and outs of BAAs and who exactly you need them with. There are several standards in the Federal Register to address what these are and why they’re needed.

Administrative Safeguards – § 164.308(b)(1) Business Associate Contracts and other Arrangements – A covered entity, in accordance with §164.308 may permit a business associate to create, receive, maintain, or transmit electronic protected health information on the covered entity’s behalf only if the covered entity obtains satisfactory assurances, in accordance with §164.314(a) that the business associate will appropriately safeguard the information.

Implementation Specifications – § 164.314 (a)(2)(i) Business Associates Contracts – The contract between a covered entity and a business associate must provide that the business associate will implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information that it creates, receives, maintains, or transmits on behalf of the covered entity as required by this subpart.

With the HIPAA Omnibus rule, Business Associates are more responsible and accountable than ever before to protect your data. It’s integral to have a contract in place to ensure your Business Associate is responsible in obtaining, maintaining and protecting your patient’s electronic protected health information (ePHI).

Below is a great start* on whom you should have a BAA with:

Absolutely                                                                    Not Necessary                                           IT Service Provider                                                         Another Covered Entity  (Doctor or         Vendor Support (i.e. Schein, Patterson, Etc.)             Specialist you’re referring to)
Appointment Reminder Company                               Cleaning Crew
Document Shredding Company                                    Consultants not interacting with PHI
Email Provider                                                                  Insurance Companies
Collections Agency                                                           Dental Labs
*Not to be considered a complete list

Some larger companies may provide their own to you. This is normal, but beware of loopholes! You will want to ensure a couple of things:

  • The BAA is updated with the latest amendments (including the Final Omnibus Rule in 2013).
  • Subcontractor Clause: Best to confirm your BAAs are taking responsibility to execute a BAA with their own subcontractors.
  • Liability/assumption of financial responsibility in the event they cause a breach due to their mishandling of PHI.

Covered entities and business associates may be in violation of HIPAA if there is no required BAA in place! For more info, and sample BAA templates, check out www.hhs.gov/hipaa.

About the Author:
Laura Miller is Compliance Manager of Aspida, which has quickly established itself as an industry leader in providing compliance security products and services for healthcare providers.  Their first product to market, Aspida Mail, offers medical practices affordable Encrypted Email without compromising security.
Miller has over 8 years of experience in the healthcare industry including 3 years with a primary focus on HIPAA Compliance procedures.

Thank you for reading!  And as a special Thank You, Aspida is offering readers of this site an exclusive discount on your first three months of Aspida Mail – get the first three months for $3 with Promo Code “DUNN”. 

Posted in Business of Dentistry, Dental Technology, Guest Contributors, Products | Tagged , , , , , , | 1 Comment

The Dental Insiders Episode 16: Rohit Joshi on Start-Up Leadership

Posted on April 17, 2016 by jmichaeldunn

The Dental Insiders, hosted by Matthew Petchel and Michael Dunn, is a podcast for dentists, dental team members and industry professionals. We share stories and lessons from clinicians and industry visionaries with the goal of providing an entertaining and informative look at the industry we share. Episode 16 presents part 1 of our interview with Rohit Joshi.

Rohit Joshi is CEO of Brightsquid. In this episode, he shares his insights and experiences on entrepreneurship, leadership, and growing a start-up enterprise. Enjoy!

Audio

Video:

Posted in Business of Dentistry, Dental Technology, Digital Dentistry, Guest Contributors, Products, The Dental Insiders Podcast | Tagged | 1 Comment

Hu-Friedy Announces Compliance & Efficiency Consultations at AAO 2016

Posted on April 14, 2016 by jmichaeldunn

Hu-Friedy, a global leader in the manufacturing of dental instruments and products, has announced a new on-booth, value added program for orthodontic practices attending the AAO meeting in Orlando.  Orthodontic practices will have the opportunity to gain valuable information on improving productivity and efficiency from Hu-Friedy’s Infection Prevention and Infection Control Compliance educator, Jessica Wilson.

Jessica will be attending the AAO where she will meet with clinicians during one-on-one consultations from Saturday, April 30 – Monday, May 2.  Consultations are by appointment.  Full details on the program as well as a link to book a consultation are in the release below.

Hu-Friedy AAO 2016

How can you increase compliance and efficiency in your orthodontic practice?  Find out at the AAO when you schedule a personalized consultation with Jessica Wilson.

Jessica Wilson is an international speaker, trainer and educator focused on Infection Prevention and Infection Control Compliance.  Jessica helps practices address three critical factors for increasing practice profitability through creating an efficient process for sterilization, instrument processing, inventory management and team communication.

Jessica is a graduate of the University of Rhode Island and has a Master’s Degree Dental Public Health from A.T. Still University in Mesa, AZ.  She is a Chair member and volunteer consultant for the Organization for Safety, Asepsis and Prevention (OSAP), a member of the American Dental Assistants Association (ADAA) Education Council and Awards council, and a chair member of the National Speakers Association Georgia chapter.

30 minutes at the Hu-Friedy booth with Jessica will provide Orthodontic practices with solutions that will help to:

  • Improve productivity through optimizing workflow and organization
  • Increase compliance through safer protocols
  • Reduce costs through time savings, improved instrument integrity and more

Click here to schedule your one on one meeting with Jessica. Hurry as there is limited space available.

Posted in Business of Dentistry, Dental, How to ..., Marketing, News, Products | Tagged , , , , , , , | Leave a comment