blog

Did I Encrypt That Email?

Posted August 13, 2018 by Natalie L.

We’ve all become accustomed to dashing off a quick email as we run to lunch or into a meeting. But, we all know there are hackers online, both here and internationally, who are watching and waiting for the opportunity to snatch your patients’ private information. This is a very dangerous problem for practices who don’t take security seriously. The fines for a HIPAA violation are quite steep. In fact, the average fine is currently $100-$50,000 per violation, with a cap on those charges currently set at a shocking $1.5 million.

Sometimes, we might think to ourselves, it’s okay if I send this just once; I’ve done it before and nothing bad ever happened. But, if you consider the loss of your patients’ trust because they no longer want your office handling their private data, the loss is much greater than the  violation alone. We’ve all probably witnessed instances in the dental community where negative reviews have spread like wildfire on social media, damaging a practice’s reputation and standing in the local community.

Dental-Software_SecureEmailWhy encrypt? When sending a standard email message, the text of the email is stored on an unprotected server for years. Anyone who gains access to those servers will be able to see the data you have sent. This is a serious risk when you consider all the emails sent with someone’s full name and address in them. Maybe they contained a social security number, x-rays, or even details of treatment.

There is a simple way to make sure that your patient’s personal data is protected all the way to its destination. SecureMail encrypts these emails, as well as encrypting any reply message that the recipient sends back to you! A quick-send button can be added to your Outlook email application making it no more time or effort to send securely than what you’re doing now. And, there’s another advantage. You may have had difficulty with large email file sizes containing x-rays, intraoral pictures, or periodontal charting. Sending them with SecureMail bypasses any limits set by your current service, and encrypts and protects all information attached.

Sending just one unprotected email to a colleague, patient, or lab is a risk your practice shouldn’t be taking. Just one email can be the difference between exposing trusted information or knowing you’ve done what you can to protect it.

Posted in: Dental Software, Dental Technology, Electronic Dental Records, Leave a comment/ No Comments »
Tagged : ,,,,

HIPAA: Keep your data and practice protected

Posted January 12, 2017 by Alexa S.

We get it, HIPAA isn’t the most exciting topic out there. However, it is a topic that needs to be a priority to every dental practice. A lack of attention to HIPAA details could cost you. HIPAA (Health Insurance Portability and Accountability Act) was established in 1996 as a way to promote and standardize information stored and exchanged, as well as create a guideline for transaction, security, and privacy standards. A common buzzword associated with HIPAA is PHI (Protected Health Information) which is individually identifiable health information that is held or transmitted by a covered entity or its business associate. There are 3 primary categories in HIPAA that we should first take a look at.

The HIPAA Privacy Rule establishes standards to protect individuals’ medical records and other personal health information. The HIPAA Security Rule deals with electronic Protected Health Information (ePHI). The HIPAA Breach Notification Rule requires covered entities to notify affected individuals, HHS, and in some cases, the media of a breach of unsecured PHI.

Now that we have reviewed the nuts and bolts of HIPAA, what do you think the most common HIPAA violation is? Negligence. Negligence can in the form of either intentional or unintentional. More often than not in a dental office, unintentional negligence is the most common. Human error is the number one offender for unintentional negligence. It cHIPAAan be as simple as an employee who forgets to log out of the computer when leaving, or other violations such as improper data disposal or a lost backup device. A first step in minimizing the unintentional acts is with proper staff training. HIPAA education and processes should be ongoing in your practice. Every team member should participate in HIPAA training and should understand the do’s and don’ts that surround patient data.

So, what are you doing to keep your office HIPAA compliant? For starters, do you feel that you are keeping up with your computer security? The modern practice relies on technology for successful and seamless daily operation, and not having a safe and secure technology system could lead to costly downtime and even violation fines. One way to make sure your practice is doing all that it can to back up data is with XLBackup. This offsite backup storage uses HIPAA compliant encryption technology system that stores your data in multiple data centers. For added security and peace of mind, this solution is consistent with NIST publication 800-11 and follows Federal Information Processing Standards (FIPS) 140-2. Using XLBackup is an easy way to make sure your information is automatically backed up to a secure location, and the more automation surrounding your data, the better.

Another area to consider when making sure you are staying HIPAA compliant is an encrypted email service. XLDent offers SecureMail which is a HIPAA compliant email service that will secure sensitive patient email and file attachments from accidental exposure and data theft. SecureMail ensures compliance, guards your reputation, builds customer trust, and reduces business process costs.

There are many tips you can find surrounding HIPAA compliance and best practices. Here are a few you can start implementing today.

  1. Make sure your team is trained in HIPAA compliance.
  2. Regulate who has access to sensitive information.
  3. Keep an inventory of your office computers and devices.
  4. Wipe down tablet and touchscreen devices to ensure clear entries and to prevent easy guessing for entry to systems.
  5. Do not share passwords.
  6. Keep anti-virus scanning software up to date.

For more information about offsite backup, email security and other services to keep your data safe visit www.xldent.com.

Posted in: Dental Practice Management Software, Dental Technology, Electronic Dental Records, Leave a comment/ No Comments »
Tagged : ,,,,