"What value does a dental Xray have? Why would someone want to steal this? Do patients care what information is with their dentist?". These were a few of the questions we were throwing around as I sat with my attorneys at their downtown office while eDossea was still in it's initial planning phase. I wanted to be prepared if any of my clients were to ask, and it could also cure my own curiosity. It helped having a lawyer sitting in who was already working with healthcare providers on issues revolving around HIPAA's HITECH Regulations.
A lot of it boiled down to a common denominator, which is the confidential information that the patient leaves with their dental provider. Once it is on file, it becomes the responsibility of the practice to protect and safeguard this information. This is more clearly defined in HIPAA's push towards proper encryption being placed on electronic Protected Health Information (ePHI). Within the context of hosting ePHI, is the acknowledgement that use of standard email and unsecure networks does not meet these goals.
Back to the dental Xrays, how is it suddenly important to protect them? To answer that, we must realize that no office would be able to share these files efficiently without Patient Identifiable Information (PII). PII can include, and is not limited to, any of the following: Name, Address, SS#, D.O.B., Phone Number, Patient Number, Photographs and other factors that can link details of the record to a specific person. All this comes into play with more news that Medical Identity Theft is growing at a rate higher than ever before.
The Ponemon Institute shared the average cost to resolve a Medical Identity Theft case in 2011 to be $20,663. Within a case investigation, you can expect that the dentist will be questioned on what steps they take to protect ePHI. Even if it is determined that the breach did not occur from their office, the worst thing the practice can do is sacrifice their reputation by showing that they were not enabling safeguards while transferring patient records. Depending on the circumstance, it could put the livelihood of the entire practice at stake.
Patients are becoming more aware of the dangers faced by having their identifiable information with others including their insurance carriers, banks and doctors. Many are also protective of their medical history, as they fear an invasion of privacy and even lost employment opportunities. The question on what value a dental Xray has becomes less significant, because the established relationship between any doctor and their patient, while ensuring them their information is being handled safely becomes invaluable.
-Shawn Harrington
on twitter: @eDossea
Comments
Posted by Linda Harvey on 07/10/2012
Shawn, Identity theft has been the #1 consumer complaint to the FTC for over 10 years. Increasing data breaches coupled with other factors such as the economy contribute to the rise of medical identity theft. We are closely following the data breaches reported to the DHHS. As reported in the Ponemon Institute's Second Annual Benchmark study, a number of breaches are inadvertently caused by staff. Over the past year, we have been helping clients reduce the opportunity for identity theft to occur in their practice. We now offer identity theft awareness training and a voluntary identity theft protection employee benefit. Doctors and teams love it!Post Comment
Your comment will appear if approved by an administrator. Please do not submit multiple times.