Observe National Cybersecurity Awareness Month with an eye toward improving your computer, dental website and data security which are parts of HIPAA compliance. There are many aspects of HIPAA compliance to consider for your patient data, patient communications and dental marketing. I have already written several dental blog entries and social media posts about the need to make your dental website secure with an SSL certificate.
Here are some helpful links to HIPAA reference materials created by The Department of Health and Human Services Office for Civil Rights (OCR):
- HIPAA Administrative Simplification Regulation Text 45 CFR Parts 160, 162, and 164 (Unofficial Version, as amended through March 26, 2013)
- HIPAA information for Professionals
Here is just a partial list of HIPAA compliance tasks that you can implement now:
- Provide staff training in HIPAA. Here is a cost effective on-line program created by the American Dental Association.
- Implement Business Associate Agreements.
- Conduct an assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of patient data.
- Implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with § 164.306(a).
- Add a HIPAA Sanction policy to your employment manual. Ensure that all staff members receive the new policy with documentation.
- Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.
- A covered entity that maintains a a dental website that provides information about the covered entity’s customer services or benefits must prominently post its notice on the website.
I encourage you to subscribe to the HIPAA Journal. It is a FREE on-line journal providing valuable information and news about HIPAA for the healthcare professionals. They just published an article entitled: “Why Dental Offices Should be Worried About HIPAA Compliance.”
HIPAA compliance is a process. Keep working toward getting a secure website. If you need help, please call Cutting Edge Practice at 847-370-9131 or reach out to your IT professional.