Skip to content
Off the Cusp

Off the Cusp

Dental industry news, trends and information from Patterson Dental.

Menu
  • Home
  • Categories
    • Business of Dentistry
      • Dental Practice Marketing
      • Practice Finance
      • Practice Growth
    • Dental Industry News
      • Industry Events
    • Dental Practice Management
      • Human Resources
    • Dental Practice Safety
      • Infection Control
    • Future of Dentistry
      • Dental Equipment
      • Dental Technology
      • CAD/CAM
  • About
    • Off The Cusp Privacy Policy
    • Off The Cusp Terms of Use
  • pattersondental.com
  • Home
  • Dental Technology
  • Are Automatic Patient Communication Solutions HIPAA-compliant?
Dental Practice Management Dental Practice Marketing Dental Technology

Are Automatic Patient Communication Solutions HIPAA-compliant?

Alex NozdrinAlex Nozdrin Alex NozdrinJuly 22, 2013September 5, 2013
communication

Share

Facebook
Twitter
Pinterest
LinkedIn
Email
Read Time:4 Minute, 38 Second

Personal privacy is no longer personal – it’s even in the news these days. Every day seems to bring reports of some celebrity cell phone hack or coverage concerning a business that decided to toss sensitive files in a dumpster instead of shred them as required. It’s enough to make any reasonable person concerned, and if you’re in the health profession with the civil and criminal liabilities of HIPAA hanging over your head, your concern is certainly more threatening than Dorothy’s imagined nemesis along the yellow brick road.

While concern is advisable, it can be stifling if it prevents you from adopting more streamlined approaches to patient communication. Yes, HIPAA guidelines can be confusing, but they’re not impossible to understand, and they’re there for everyone’s benefit. After all, every one of us is a patient to some health care practitioner out there, and we all want to maintain our personal privacy. With that in mind, we wanted to share a few questions (and answers) that come up frequently when a dental practice considers implementing a marketing and patient communication solution like RevenueWell to grow their business.

Is it legal for a dental practice to share patient data with an outside company like RevenueWell?

Yes. There are actually two separate sets of regulations that govern this. First is HIPAA (the Health Insurance Portability and Accountability Act of 1996), which establishes your practice as a “Covered Entity” and regulates how you use and disclose Protected Health Information (PHI). PHI is any information concerning health status, health care or payment for health care that can be used to identify an individual. Second is the HITECH Act (Health Information Technology for Economic and Clinical Health Act of 2009), which stipulates that you can safely share information with your “Business Associates” (e.g. RevenueWell or another company that helps you carry out health care functions) so long as the Business Associate is compliant with HIPAA privacy and security rules.

Does HIPAA permit health care providers to use email for patient communications?

Yes. According to 45 C.F.R § 164.530(c), the Privacy Rule allows health care providers to communicate with their patients electronically (including email), so long as reasonable safeguards are in place to limit unintentional disclosure. Because RevenueWell or a similar solution will use patient contact information directly from your practice management software, it is your responsibility to ensure that you have each patient’s correct email address on file. It may be a good idea to double-check this information as you’re checking patients in, and limiting instances where patients share email accounts among multiple adult family members.

Are there any special considerations around a patient communication solution sending automatic postcards and letters to patients?

No. Healthcare providers are allowed to mail correspondence, including that which contains Protected Health Information to patients’ home or other specified mailing addresses. Whether such mailing happens directly from the office or via a Business Associate does not make a difference. RevenueWell will always use covered envelope letters for any correspondence that contains health-related or payment-related information (like your treatment plan follow-up letters or expiring benefits reminders), and will send postcards for recalls and appointment reminders just like you probably did before you implemented the system. As always, the office needs to take the necessary precautions to ensure that the patient’s mailing address is listed correctly in the practice management software.

Are automatic phone calls and answering machine messages HIPAA-compliant?

Yes. The HIPAA Privacy Rule allows health care providers to communicate with patients regarding their health care — including communicating via phone, mail or in any other manner.

According to 45 C.F.R § 164.510(b)(3), a covered entity may leave a message on an answering machine, with a family member, or with another person who answers the phone when the patient is not home, so long as a reasonable precaution is taken to limit the amount of information disclosed in such a non-personal interaction. For example, RevenueWell’s phone calls (and answering machine messages) do not contain any treatment-specific information and hence comply with this requirement. Our solution is also configured to look for a patient’s personal mobile phone number first in order to place the call, making it more likely that only the intended person will receive the communication.

I know that a patient communication service will store my patients’ data in “the cloud.” How secure is that?

In the case of RevenueWell, very. First off, RevenueWell only synchronizes information that it needs to effectively communicate with your patients. This means no Social Security Numbers, Driver’s License numbers or the like. Once data is extracted from your practice management software, it traverses over an encrypted Internet connection to our secure, HIPAA, HITECH and PCI-compliant hosting facility, where all data operations are performed. With regular HIPAA audits and HIPAA compliance experts on staff, RevenueWell’s “cloud” is one of the safest, most closely managed environments your data may ever touch. Finally, your own access to your RevenueWell dashboard is safeguarded using SSL and 128-bit encryption so you can safely log in from your office, home or mobile device.

Keeping ahead of the curve with regard to technology, and staying on the right side of the law, doesn’t have to be a mind-numbing experience. Following a few simple guidelines, and choosing the right patient communication service, can allow you to operate without fear of what’s around the next turn in your own yellow brick road to a more successful practice.

Alex NozdrinAlex Nozdrin

About Post Author

Alex Nozdrin

Alex is one of the founders of <a href="http://patterson.revenuewell.com/" />RevenueWell</a>, the maker of automated practice marketing and patient communications software that cuts overhead costs, increases production and helps practices acquire new patients. Alex is passionate about marketing, online technologies and ways that they can be applied to help dental practitioners succeed in the Internet age.
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
Tagged communication, Health Insurance Portability and Accountability Act, healthcare, healthcare professionals, HIPAA, HIPAA compliance, HIPAA guidelines, HITECH, patient communication solutions, patient communication vendors, patient communications, PHI, Protected Health Information, RevenueWell

Post navigation

Previous

Previous post:

Washing Cars for Grins

Next

Next post:

6 Steps to Win Over a New Patient by the First Phone Call

Subscribe

* indicates required

Recent posts

  • 5 Proven Ways To Keep Patients Engaged, Returning And Referring
  • 3 Steps to Consider When Selling A Multilocation Practice
  • 3 Reasons To Explore Tech-Savvy Cavity Prep
  • 3 Ways A Complimentary Eaglesoft Wellness Check Can Help Advance Your Practice!
  • How to Detect and Prevent Microleakage in Dental Restorations

Search Off the Cusp

Close
Menu
  • Home
  • Categories
    • Business of Dentistry
      • Dental Practice Marketing
      • Practice Finance
      • Practice Growth
    • Dental Industry News
      • Industry Events
    • Dental Practice Management
      • Human Resources
    • Dental Practice Safety
      • Infection Control
    • Future of Dentistry
      • Dental Equipment
      • Dental Technology
      • CAD/CAM
  • About
    • Off The Cusp Privacy Policy
    • Off The Cusp Terms of Use
  • pattersondental.com

Related Post

5 Proven Ways To Keep Patients Engaged, Returning And Referring

March 15, 2023March 16, 2023

3 Reasons To Explore Tech-Savvy Cavity Prep

March 8, 2023March 9, 2023

Single-Visit Dentistry: There’s No Time To Waste

February 22, 2023February 22, 2023

Starting Out On The Next Level

February 17, 2023February 17, 2023

The Key To Confident Diagnoses And Improved Case Acceptance

February 9, 2023February 9, 2023

3D-Printed Splint Against Noctural Bruxism

February 8, 2023February 8, 2023
Copyright Patterson Dental. All rights reserved.