Privacy Information You NEED to Know | Dental Products Report
1. 5/6/14, 11:12 AMPrivacy Information You NEED to Know | Dental Products Report
Page 1 of 4http://www.dentalproductsreport.com/lab/article/most-important-privacy-information-you-need-know
TweetTweet 4 0 2
The most important privacy information you need to know
Make sure your lab meets privacy guidelines in all areas, including a common offender.
Dental Lab Products
2013-09
Thu, 2013-12-12 08:01 | MBA and by Daniel Allemeier
This article originally appeared in the September 2013 issue of Dental Lab Products. For more great insights into leading
products and manufacturers, click here: http://bit.ly/18S8j4i
1LikeLike
2. 5/6/14, 11:12 AMPrivacy Information You NEED to Know | Dental Products Report
Page 2 of 4http://www.dentalproductsreport.com/lab/article/most-important-privacy-information-you-need-know
As a dental laboratory, you seldom, if ever, are privy to patient telephone numbers, mailing or email addresses, birth dates, Social
Security numbers, medical records or data directly identifying individuals’ relatives, employers or household members as part of your
dealings with the dental office.
But what you do share in today’s digital age are the patient’s name, photos showing the patient’s full face, and perhaps even
insurance numbers where you bill the patient’s plan directly for services rendered. All of these are private aspects and should be
carefully protected under your patient confidentiality procedures. There is the real issue of protecting the confidentiality of any doctor-
patient information, whether on a legal or moral basis. This is irrespective of whether HIPAA (or other regulations like the Health
Information Technology for Economic and Clinical Health Act (HITECH) & HITECH Safe Harbor in the USA or the Personal
Information Protection and Electronic Documents Act (PIPEDA) in Canada) apply directly.
Some aspects might be considered common sense—such as not including the patient’s name on case shipping labels going back
and forth between practice and lab; and ensuring unauthorized individuals cannot view patient information on a computer monitor or
have access to the patient record room. Others are perhaps more complex in today’s digital age. Let’s look at one example of how
information is shared routinely every day, yet is perhaps more vulnerable than we all realize: email.
More than 50 years ago, dental collaboration meant all parties met in the same room to exchange information. As that information
was shared verbally and through hard copy files, patient information was safeguarded. Over time, as new technology was introduced,
like telephone, fax and the Internet, the exchange of information became less secure. The Internet has revolutionized dental
communication as it offers a visual medium that enables collaboration across great distances. With digital high resolution imaging,
collaboration was, for the first time since in-person meetings, available immediately to all collaborators. Yet, while that collaboration
has enabled improvements in results, it often meant risking patient data by sending it through unsecure means like email or online
storage sites.
Take a look around your laboratory. How many times each day are photos, impression files, etc. emailed back and forth with the
patient’s name (and other details) shared as identifiers of that particular case? It won’t take long before you realize the extent of the
information flow—and the potential liabilities that flow with it. Many popular tools like Outlook, Gmail, Dropbox, and other options that
are commonly used for patient information sharing are NOT compliant with patient privacy laws.
Today, you should be ready to ensure, and document, that you are compliant with regulations. Consider the following:
• Access: Who has access? How can you ensure it is limited to only those who need it and should see it?
• Transmission: Is every transmission of patient information secure? To be compliant, data must be secure and encrypted during
the sending and storage of the data.
• Storage: Can you prove your patients’ data is stored securely?
• Auditability: Can you track each individual who was able to read, write and delete all patient information?
• Disposal: Can you ensure sensitive data is disposed of safely when needed? Typical email systems hold and control the disposal
of your private information. To be compliant, you must have procedures in place to address the final disposal of data.
Are you liable if this patient information is compromised? The answer to that question is beyond the scope of this article. What is
clear is: Why take the chance? There are proven solutions available. At core3dcentres®, we have installed Secure-Mail, a feature of
Brightsquid Dental Link, to protect the confidentiality of the information we share with our clients.
Secure-Mail is a HIPAA-compliant messaging system designed to enable dentists, specialists and labs to easily and safely share
private patient information. Secure-Mail works just like the email tools you are used to, with an important distinction—all your
communications will meet compliance standards. And, you can securely send multiple high-resolution photos with every message
(attach 500MB to every message).
When protecting the privacy of patient information, the choice is yours. Unfortunately, the long-term ramifications of not doing so
properly may not be.
For more information on Secure-Mail, and to have your Patient Information Privacy questions answered by people that have
an in-depth understanding and experience with the issue and its resolution, call Brightsquid at 800-238-6503 or visit
brightsquid.com. Photo credit: Photo: alengo / Getty Images
TAGS: Brightsquid confidentiality core3dcenters daniel allemeier email hipaa HITECH HITECH Safe Harbor in print PIPEDA privacy
SafeLink September 2013
Related Articles