In case you missed it: This is a Dentalcompare article from June. Today, Sept 23, is the day you are supposed to be in compliance with updated HIPAA rules. This article is not about the new rules but it is related.
In 2009 the HITECH act was passed. This law significantly strengthened many aspects of HIPAA’s security rules, with mandatory financial penalties for violations. In addition, state and federal laws require you to notify patients in the event of a data breach.
The fines and penalties are intended to be punitive, and they are. Fines are levied per file compromised and range from $100 to $50,000 for each violation. It adds up fast. At $300 per record you could be liable for $750,000 if your 2,500 patient records were compromised. What is even more frightening is that you will most likely have to pay personally, out of pocket.
HIPAA compliance is all about filling out the right forms documenting the correct way and signing the approved forms. Never the less as dental professionals we do have a moral and legal obligation to protect patient confidentiality.
If you fail to keep records confidential, if your laptop is lost or stolen you may have a big expensive problem on your hands. There are four steps you should take to protect yourself.