Dental Claims Cleanup®, LLC
National Dental Billing Services

1810 Erie Blvd. Syracuse, NY 13210


HIPAA Compliance in a dental office

Posted on October 15, 2015 at 8:40 AM

Rid Your Practice of Old Operating Systems (Windows XP and Server 2003):

Since April 2004, Windows XP has been left unpatched by Microsoft. You may notice on newer operating systems that updates are periodically installed when you restart or shut down - these come out every 2 weeks to patch security flaws that allow hackers to access your system remotely. If your office is even running one XP or Server 2003 computer, hackers have had almost 2 years to find holes in the system and those will never be patched (unless you are the US Navy and you pay Microsoft $30 million to extend it!). Even if the rest of your office is Windows 7-10, and Server 2008-2012, if hackers get access to one older computer, they are inside your network and the battle is lost.

Email Hosting, Email Encryption & Business Associates Agreement Best Practices:

While it is not mandated that your practice have email encryption if using a personally hosted email server, it is required if you use a public provider like Gmail, Yahoo, MSN/Hotmail, etc. Hackers can fairly easily get patient information that is sitting on the public providers’ servers. Also, using a public provider would only be HIPAA compliant if you signed a Business Associates Agreement (BAA) with Google, Yahoo or Microsoft. The problem is that none of these providers will not sign a BAA and take on the liability. Also, companies like Google automatically scan your email and generate ad traffic off your patients’ info, which is also a privacy violation. The best practice is to encrypt all emails – and better yet – it doesn’t break the bank at around $10-$15 per month.

Best Practices – Firewall Edition:

Using a firewall (i.e. Sonicwall) in between your modem and switch is mandatory for HIPAA. A proper firewall monitors all internet based activity in and out of the office. Even if you have a firewall, many offices fail to update their devices after the initial installation. Much like XP and Server

Categories: dental insurance

Post a Comment


Oops, you forgot something.


The words you entered did not match the given text. Please try again.


window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-91773103-1');