In case you missed it: Dentalcompare November HIPAA part one.
I have never met a dentist who did not believe that he or she had a professional obligation to keep patient information confidential. Dentists want to “do the right thing” and abide by privacy rules. The new HIPAA omnibus rules that went into effect September 23 are supposed to protect patients, but actual compliance has more to do with process than outcomes…
In general there are five bits of paperwork you should have, two of which might actually protect patients and three of which protect you from investigators. We will designate them as PMP (Protect My Patients) and CYA (Comply Yet Again). The feds aren’t the only ones who can come up with catchy acronyms.
- Notice of Patient Privacy (NPP)
- Business Associate Agreement (BAA)
- Policy and Procedures Manual
Note the previous post. The practice was fined not because any patient data was used by bad guys but because they did not have the proper paper work on hand.
I have developed a full course on HIPAA compliance that follows the series of articles in Dentalcompare. The compliance process is not easy. The ADA has created a guide to help but even with the guide the process is daunting. Most dentist will need to consult with their IT provider to do the assessment and create the paperwork needed to comply. If you need some help contact Pact-One.