- Healthcare providers supposedly know how HIPAA guidelines come into play when using smartphones or other mHealth devices, but do dentists?
Lee Culp doesn’t think so.
“We think we know what it is,” the chief technology officer of a North Carolina-based dental lab says. “But it’s complex.”
Enacted in 1996, the federal Health Insurance Portability and Accountability Act is designed to protect a consumer’s personal health information as that data is collected, stored and used by providers. Those federal guidelines have come under increasing scrutiny with the advent of mHealth technology, which makes it much easier for providers to collect and use data. Conversely, it has also become much easier to breach those guidelines.
A perfect example of this is dentistry. Where once the dentist operated in a closed environment in his or her office, today’s dentists are digital technicians, communicating with orthodontists, endodontists, periodontists, dental laboratories, even local health systems and urgent care clinics where providers might need a real-time consult. No longer are they sticking dental X-rays into a manila envelope and mailing them, or handing them off to a courier or the patient.
“Basically we do everything on computers now,” says Culp.
“To a large extent, HIPAA compliance is uncharted territory in dentistry,” says Arnold Rosen, DDS, MBA, a longtime telemedicine innovator whose newest company, Awrel, recently launched what it calls the first-ever HIPAA-compliant mHealth platform for dentists. “They’ve often thought of themselves as being under the radar when it comes to HIPAA, while hospitals, clinics and physician practices [face the spotlight], but that’s not true any more.”
As evidence, Rosen points to the $4.8 million fine levied against a New York academic medical center in 2014 after the medical records of 6,800 patients were accidentally made available on Google. A short while after that, former Health and Human Services executive and privacy attorney Adam Greene warned that “it wouldn’t be surprising for us to start seeing some really surprising settlement agreements” as a result of “potential record-breaking” HIPAA penalties.
Rosen sees that as a wake-up call for the dentist industry, which is responsible for more the 200 million digital transactions a year. But it should also grab the attention of other healthcare specialists - like physical therapists and orthopedic practices - who might not be paying attention to HIPAA when they go online or pull out that smartphone to talk to a patient or colleague.
“Communications is very important in dentistry,” says Rosen, “but [the industry] has gone beyond just texting each other. They’re sharing digital information, plugging into EMRs and practice management platforms.”
Not to mention the growth of a mobile-savvy patient population.
“Patient expectations are as high as they’ve ever been,” Culp says. “Everything is so much more time-sensitive, which adds to the stress and … the financial burden for missed appointments. You need to be able to communicate” quickly and in a secure fashion.