Oberman Law Firm

What to Consider When Performing a Cyber Security Assessment

A cyber security assessment of your dental practice is much more than a review of your practice software. It’s vital to analyze both technical and non-technical components of your practice on each of the three pillars of cyber security: people, policies, and technology. These sorts of assessments similar to pentesting (or a penetration test) are important, as they check the security of any computer. With confidential data stored, this is something that has to be kept safe and away from unwanted visitors.
Here are some important things to consider.
Read more

Dental Records: Documentation and Maintenance

Patient dental records are critical in documenting a patient’s care and treatment. The information contained in patient charts should be maintained in an organized, standardized fashion with clear, complete entries. Dental records must be maintained on a concurrent basis immediately after care is provided, results are obtained and reviewed, or communication with the patient is done either in person or via telephone.

Continue reading

Preventing Embezzlement

There are many opportunities for employee embezzlement to occur in a business or practice. There are, however, certain steps you can take to help prevent employee embezzlement. You must be diligent.

  • Make smart hiring decisions
  • Screen all potential employees
  • Conduct background checks on all employees
  • Educate yourself on how employees embezzle
  • Protect your signature and identity
  • Learn how to use your computer system
  • Check your day sheets, audit changes, preview daily reports and question all adjustments
  • Make sure to verify all credit card charges
  • Be visible, vary your schedule, practice what you preach

A business or practice owner must take the necessary steps to prevent embezzlement. Review your policies and procedures, and begin implementing the specific preventative safeguards.

Communicate With Your Clients

In every dental office, clear, active, and professional communication is a key principle for patient safety and risk management.

The need to effectively communicate with patients cannot be over emphasized. Communication with patients and families is important to ensure that they understand the findings of an examination and recommendations for treatment. Explanations of findings and recommendations should be provided in a manner that is easily understood by every patient; visual aids can be used if appropriate.

Studies have shown that effective communication with patients can reduce the risk of a Board complaint, claim or even lawsuit.

Need for HIPAA Business Associate Agreements

Avoid violating HIPAA’s Privacy and Security Rules by executing a Business Associate Agreement (“BAA”) prior to turning over protected patient information to a third party vendor.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended under the 2013 Final Rule, requires privacy regulations governing individually identifiable health information. These privacy rules establish a set of national standards for the protection of certain personal health information.

The Privacy Rules address the use and disclosure of patients’ information, otherwise known as protected health information, by organizations subject to the Privacy Rule. A major goal of the Privacy Rule is to assure that individuals’ personal health care information is properly protected while allowing the flow of health information needed to provide and promote high quality health care, and to protect the public’s health and well-being.
A major area of vulnerability for many dental practices lies in relations with third-party vendors who have access to patient personal health information. Under HIPAA, third-party vendors may be responsible for securing and guarding personal health information in the same way that dental practices are required to secure such information.
The Rules require that the covered entities include certain protections regarding patient information in a Business Associate Agreement. Dental practices should draft a Business Associate Agreement, which imposes specified written safeguards on the individually identifiable health information used or disclosed by third party vendors.

Embezzling Warning Signs

Statistically, at least 40% of all (if not more), dental practices will be the victim of employee embezzlement. Employee embezzlement has an enormous financial and operational impact on a dental practice. However, there are many signs that employee embezzlement may be taking place. Here are some of the most common warning signs of employee embezzlement:

• An employee is having financial difficulty
• An employee’s changes in personality
• An employee with new found wealth
• An employee is always first to arrive and last to leave
• An employee who is very controlling
• An employee who is taking work home
• An employee who is resistant to change
• An employee is constantly working overtime without sufficient reason
• An employee who never takes vacation/sick/personal days
• An increase in past due accounts or a decrease in collections
• Co-worker complaints about a specific staff member
• Inconsistent financial records

Employee embezzlement can be very difficult to discover. Therefore, it is important to look for several warning signs regarding an employee’s behavior.

1 3 4 5 6 7