5 HIPAA/HITECH violations your dental practice is making – Colorado Springs Gazette

Pssst I think we need to talk.Your dental practice does it have a HIPAA/HITECHcompliance plan? No? Youre not the only practice without one, trust us. If your business doesnt have a plan, however, its nearly impossible to ensure youre not violating HIPAA/HITECH andviolations can cost thousands, if not millions, of dollars. Here are five violations your dental practice is probably guilty of along with proper fixescourtesy of the IT experts at Frontier IT in Colorado Springs.

Problem:Open wifiSolution:Secure itAs blogger and HIPAA risk assessor Amy Woodnotes on DentistryIQ, I know more about 90% of the offices I walk into by accessing their wifi before I even speak with the doctor. Using a free app, Wood can see all devices, cell phones of patients and staff, office computers, printers, tablets, laptops, and the server of practices with open wifi, she writes. If I can do that with a free app, a thief or even a bored 14-year-old with a laptop can siphon patient information and an office would never know about it, Wood adds. A simpleTwitter search for hacked dentist wifiserves as a great example of the importance of this.

Problem:Unencrypted electronic personal health information (ePHI)Solution:Encrypt itAs Dr. Lorne Lavine explains in anarticle on the Modern Dental Network, many businesses dont encrypt their ePHI because they dont understand the need for encryption. HIPAA has defined encryption as an addressable concern, meaning, if its reasonable and appropriate, you must do it, Lavine writes. The problem is encrypting your data is both reasonable and appropriate. As Lavine points out, there went your get-out-of-jail-free card! The good news: Encrypting your data can be as simple as storing it on a self-encrypting drive or downloading a free program (though its undoubtedly better to consult with an MSP, or managed service provider, to ensure that your data encryption plan is foolproof and hackerproof).

Problem:Discussing patients in earshot of other patientsSolution:Just dontWere going to go out on a limb and assume that this is the most pervasive HIPAA violation because, lets face it, who doesnt love a good bit of juicy gossip? But just how sure are you that a patient isnt in earshot? Bottom line: It simply isnt worth the risk.

Problem:Storing patient records on a non-HIPAA-compliant file-sharing serviceSolution:Get Autotask WorkplaceFree online file-sharing services make accessing documents from anywhere, at any time, a breeze such a breeze, in fact, that it might be tempting to upload patient files for easy team access. Danger, Will Robinson! This is a flagrant HIPAA violation. A couple years back, St. Elizabeths Medical Center, a Massachusetts-based hospital, was fined more than $200,000 for uploading the ePHI of nearly 500 patients to such a service without first assessing the risks associated with the use of the service,according to DataPrivacyMonitor.com. Happily, there exist convenient, affordable HIPAA and HITECH-compliant file-sharing services likeAutotask Workplacethat allow employees to easily create, manage, organize and collaborate on files without risking hefty fines.

Problem:No back-up of medical filesSolution:Datto Backupify HIPAA/HITECH requires that your patients files are backed up and recoverable in case of disaster, whether thats a fire at your medical facility, a disgruntled employees revenge or a ransomware attack. With HIPAA-compliant solutions like Datto Backupify, theres no need to worry that your files are gone forever. Whats more, Backupify encrypts your data and even backs up your Office 365 calendar and contacts three times a day.

Just how HIPAA/HITECH compliant is your practice?Perhaps youre now beginning to question many procedures and practices at your clinic.

Whats a busy dentist or dental office manager to do?

Contact an MSP, or managed service provider.

MSPs specialize in working with small- to mid-sized businesses that dont have their own IT departments. An MSP cantailor an affordable service planto your dental practice, offering you only what you need likeserver and network monitoringordisaster recovery planning, according to the experts at Frontier IT.

Perhaps even better, partnering with an MSP can provide you with peace of mind that your patients valuable data is secure and your business is safe from potentially devastating fines.

Interested? Have questions? Lets chat.Give the experts at Frontier IT a ring today.

Read the original article at Frontier IT's website.

Read the original:

5 HIPAA/HITECH violations your dental practice is making - Colorado Springs Gazette