HIPAA data compliance requirements extend to partner entities.

Data management tools for dentists must meet online data backup standards

Stephen Perkins

Dentists are beginning to embrace cloud computing in the weeks before new Health Insurance Portability and Accountability Act requirements for online data backup take effect, but they and other healthcare providers must make sure that they have certain safeguards in place as they make the transition to cloud backup services.

The law was updated in 2009 and now requires that all healthcare providers move their patient records to offsite data storage for increased data protection and to make it easier to transfer the protected health information of their patients. The data storage shift must be completed by Sept. 23, or healthcare providers may face fines that could total $1.5 million in some cases.

Some companies have begun marketing online data management tools for dentists that are intended to help them navigate the world of cloud data backup. Evident offers data management software designed to help dentists with their billing and scheduling. For it to be used, the software requires that the dental office be in compliance with HIPAA and that data security and integration systems be in place.

"We choose Evident for the simplicity of cloud-based software that is secure," Josh Olson, vice president of Ceratek Dental Labs, said in a press release. "For being a small lab we are constantly on the go, whether it was taking a shade, picking up a case, or even just meeting a client, we needed a way that we could tap into our system from anywhere. There has been a few times that I have had to pull up cases on my iPhone to show what's going on with a particular case while I am out of the office."

Compliance issues remain complex
Compliance with the law requires more than successfully accessing and managing data online. Dentists and other medical professionals must remain alert to security threats and make sure that their online backup provider complies with HIPAA rules, Rich Steeves wrote for Inside Counsel.

The revised law requires that cloud providers and their associates inform the U.S. Department of Health and Human Services of instances of data breaches, unless a risk assessment finds that there is little chance of the information being exposed. They also must conduct a risk analysis to find any potential gaps in their security, update user agreements  to reflect that everyone involved is aligned with the new policies and use encryption on all protected health information as a way of providing an additional layer of security.

Categories: Cloud Backup, Data Compliance, Data Management, Data Protection, Online Backup