If a security breach occurs in a dental practice, the practice owner must take the necessary steps in order to comply with federal law, in order to avoid a potential increase in liability exposure.
Rules Requiring Patient Notification of a Security Breach
The U.S. Department of Health and Human Services (HHS) has issued strict regulatory guidelines that dental practice owners must follow in the event of a security breach. The Federal Trade Commission (FTC) has also issued breach notification regulatory requirements that dental practice owners must comply with, in the event of a security breach.
Breach Notification Requirements
Depending on the type of security breach and the extent of the breach, a dental practice owner must notify affected patients, the Secretary of HHS and the FTC [if applicable], and, in certain circumstances, the media.
If you are not familiar with the 2009 American Recovery and Reinvestment Act and the 2009 HITECH Act, your dental practice is probably not in HIPAA compliance. In fact, statistically, 85% of all dental practices are not in HIPAA Compliance.
Dental practices that have experienced a breach of patient protected health care information can significantly limit their legal exposure by complying with simple regulatory guidelines.