State and federal privacy laws, including the state Confidentiality of Medical Information Act (CMIA), HIPAA Privacy and Security rules, and data breach notification requirements. Also includes information on how to comply with payment card industry data security standards (PCI DSS).
It is important for dentists to conduct a Security Rule risk analysis as required by the Health Insurance Portability and Accountability Act (HIPAA) to protect their patients’ information and minimize liability risk. A recent review of HIPAA enforcement actions reveals that entities were penalized for not having a documented risk analysis or for having an incomplete analysis.
There has been a lot of speculation around the use of Windows XP as it relates to HIPAA violations. Many IT consultants are saying if dentists’ information systems are operating on Windows XP after April 8, 2014, they are in violation of HIPAA. The HIPAA Security Rule does not specifically require the use of operating systems that are manufacturer-supported so continuing to use Windows XP after April 8 is not in itself a HIPAA violation.
Recent Health Information Technology for Economic and Clinical Health (HITECH) amendments to the Health Insurance Portability and Accountability Act (HIPAA) expanded patient rights with regard to their health information and added a breach notification rule for covered entities, such as dentists, to follow.
The combination of a HIPAA deadline and vendor communications about the deadline recently sent many CDA members to the Internet and telephone to find out what assistance they could get from the Practice Support Center. Callers had specific questions on the requirement to securely transmit protected health information to other dental practices.
The Sept. 23 compliance deadline for the omnibus rule/HITECH amendments to the Health Insurance Portability and Accountability Act (HIPAA) is just around the corner. There are a couple educational options for dentists related to this subject.
The U.S. Department of Health and Human Services (HHS) published the long-awaited final omnibus rule under HIPAA (Omnibus Rule) on Jan. 25, 2013. The rule implements the Health Information Technology for Economic and Clinical Health Act (HITECH) and requires that health care providers amend their Notice of Privacy Practices (NPP) and Business Associate Agreements to include new elements. The compliance date for the final rule is Sept. 23, 2013.