Why Is HIPAA Important?
Roses are red,
Violets are blue,
Protecting your data
Is our commitment to you.
As Valentine’s Day approaches and lovers all over the world prepare to celebrate their love, dedication, and respect for one another, we are reminded that all institutions – be they holidays, marriages, or Acts of law – are designed with purpose and intent.
Valentine’s Day dates back to the year 496 as a dedicated day to commemorate romantic love, friendship, and devotion. HIPAA, the Health Insurance Portability and Accountability Act, was signed into law just 24 years ago, but it, too, has a clearly-defined purpose and intent – one that, at its heart, is also about protection, faithfulness, and relationship commitments.
For dental practitioners, the relationships in question are those with their patients. The commitment is not a romantic one (and certainly not monogamous) though nonetheless centers around something equally as intimate – private and personal health and medical data.
The Rising Tide of Dental Practice Data Breaches
Even a small dental practice can be sitting on a large database of patient healthcare and payment data – and that database is an attractive target for cybercriminals.
There has been a surge of data breaches in the healthcare industry recently. In August 2019, for instance, it was reported that hundreds of dental practice offices across the US had their computers infected with HIPAA. In October, two dental organizations in Illinois and Georgia reported breaches, leaving the data of some 2,610 patients exposed.
These incidents are all part of a trend that’s getting worse, not better, according to data gathered by PreciseSecurity.com. It shows that the US has experienced a steady increase in the number of data breaches within the healthcare sector, including dental practices, since 2017. 40 million Americans were affected by breaches in 2019 alone – the highest number recorded since 2015 and representing a huge 65% increase from 14 million in 2018.
Fulfilling Your Eternal HIPAA Vows
Under HIPAA, it is the responsibility of all dentists to protect the PHI of their patients – and that responsibility is a long-term commitment.
The HIPAA Privacy Rule (2003) has a number of distinct purposes. Among them are the mandates to protect the privacy of patients and health plan members and to ensure the security of electronic records. Crucially, as the HIPAA Journal points out, within the Privacy Rule is the stipulation that appropriate administrative, technical and physical safeguards must be implemented to “protect the privacy of Protected Health Information for whatever period such information is maintained”.
As such, though the Privacy Rule does not specify precisely how long medical records should be retained, what it does indicate is that as long as any PHI is kept by a practice on any patient – such as in an electronic database – that information must be adequately protected to HIPAA-compliant standards throughout and should be retrievable even in the event of a breach or other disaster.
In other words, HIPAA compliance should be viewed as a potential lifetime commitment to each patient – and this means that it is every dental practitioner’s responsibility to implement a secure backup, archiving and recovery solution to comply with HIPAA standards.
Indeed, data backup is not optional under HIPAA. As the legislation states, all medical and dental practices must “Establish and implement procedures to create and maintain retrievable exact copies of electronic Protected Health Information” (CFR 164.308(7)(ii)(A)). In addition, a disaster recovery plan is also required to “restore any loss of data” (CFR 164.308(7)(ii)(B)) in the event of a breach, system outage, or damage to computers/servers where PHI is stored. Practitioners must also “Implement policies and procedures to prevent, detect, contain and correct security violations” (CFR 164.308 (1) (i)) and “Implement procedures for periodic testing and revision of contingency plans” (CFR 164.308(7)(ii)(D)).
Put simply, backing up your data isn’t good enough. It needs to be backed up with a HIPAA-compliant provider to ensure data integrity for the lifetime of your patient.
Solidify Your Commitment to Your Patients with Central Data Storage
Data risks include everything from natural disasters, fire and vandalism that may cause physical damage, to systems that contain patient information, to the growing threat of cyber-attackers holding medical records for ransom. Your patients put their trust in you to protect their PHI from all such events and the Health Insurance Portability and Accountability Act mandates that you honor this commitment.
That’s why you should consider Central Data Storage the Cupid of patient-dentist relationships. We offer a fully-supported, encrypted, cloud-based and HIPAA-compliant data backup and recovery solution for dental practitioners. With unlimited storage capacity and military-grade encryption both in transit and at rest in our secure data center, your data will never fall into the wrong hands and will be fully protected and retrievable.
Want to learn more about the benefits of our fully-supported cloud backup and recovery solution? We want to hear from you! Just call 1-888-907-1227 or email firstname.lastname@example.org.