The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act stress that medical practices handle both their practice and patient data securely while ensuring proper technology usage and integration. Increased levels of enforcement mean serious financial consequences for practices that suffer from data breaches or neglect to protect their patient data properly.
There has been a recent surge in hacker attacks and data breaches. In 2014 alone, we saw a 23% rise from the year before with healthcare being the major focus with 37% of the breaches. More and more patient data are becoming a valuable commodity in the cyber-underworld. Most dental practices lack proper security protection because they don’t think they will ever be the target of such attacks.
Dental offices are also the target of new HIPAA audits. Starting March of 2016, The U.S. Department of Health and Human Services Office for Civil Rights announced its second phase of audits of covered entities. “We want dentists to be aware that this is happening and to take HIPAA compliance seriously,” said Dr. Andrew Brown, chair of the ADA Council on Dental Practice. “There are steep consequences for health care providers that don’t comply with the law and we don’t want to see any dentists having to pay tens of thousands of dollars in a penalty.” READ MORE…
Are you running outdated or unpatched systems? On April 8th of 2014 support for Windows XP ended and in July of 2015 support for Server 2003 ended which can represent major challenges to your dental practice if you are still running either one of these operating systems. On the one hand, your IT system will be vulnerable to security threats. On the other hand, you will no longer be HIPAA and HITECH complaint! Disabling the internet on computers running these systems is not a sufficient workaround since they are still part of a network that will most likely access the internet.
We implement policies and procedures that will keep your data secure while managing your valuable patient data and supporting your practice. We specialize in making networks of any size fully compliant with the law, and we provide the necessary auditing and reporting as mandated by the OCR to ensure your documentation continuously reflects your current state of compliance.