1310129244 @ Just_Super | gettyimages
Getty Images 1310129244 62fe9aac5b6f2

How to select a HIPAA-compliant teledentistry solution

Aug. 22, 2022
A HIPAA-compliant teledentistry platform is essential for regulatory compliance and dental risk management. Linda Harvey, MS, RDH, guides you through the process.

Has the digital world taken hold of your practice? Can you remember a time when you didn’t rely upon text messaging to confirm patient appointments or allow patients to schedule their own appointments online 24/7?

Technology is changing workflows and the delivery of care in dental practices faster than we ever imagined. One of the areas beginning to impact dentistry is telehealth—more commonly known as teledentistry—throughout the industry.

Although it now seems a revolutionary concept, telehealth can be traced back to the early 1900s in Europe.1 One of the earliest teledentistry projects was started by the US military in 1994.2

So, in a world of boundless technology options, how do you even begin to research, select, and successfully implement a HIPAA-compliant teledentistry solution in your practice?

Related reading:

The regulatory compliance aspect of teledentistry is an important cornerstone in your search for the ideal teledentistry platform.

Compliance may not be the most exciting part of your practice, yet almost every decision you make is predicated upon laws, rules, and guidelines. Under both state and federal law, you are obligated to maintain the privacy and security of patient information.

As a covered entity under HIPAA laws, your compliance with both the privacy and security rules is not optional. In addition, the majority of all states have some type of consumer privacy protection laws that apply to any business, including dental offices that maintain electronic personally identifiable information (PII).

How to select a platform

When it comes to selecting a teledentistry platform, narrow your search to include only dental-specific solutions. From there, include only established HIPAA-compliant teledentistry platforms that meet the specific regulatory needs of a dental practice versus a business-oriented program that may or may not provide a business associate agreement or be fully HIPAA compliant. Insisting that all teledentistry platforms under consideration be HIPAA compliant ensures two key things:

First, that you are not merely “piecemealing” your televisits, i.e., cobbling together different programs for each component of a bona fide televisit. In this scenario, think data security risk and potential HIPAA breach.

Second, and just as important, is that the vendor is HIPAA compliant and that they understand their legal obligations under the HITECH Act of 2009. HIPAA-compliant vendors must follow the provisions of the security rule just like a dental practice. In other words, they must have security policies, provide team training, and conduct a security risk analysis—among other requirements.

Here are just a few of the questions to ask as you research teledentistry platforms, courtesy of MouthWatch:

Does the platform have end-to-end encryption (E2EE) HIPAA security?

E2EE means the data is encrypted on the sender’s system or device (i.e., the dental practice), and only the intended recipient (e.g., patient) can decrypt it. This function should be performed seamlessly behind the scenes by the teledentistry platform. E2EE prevents the information from being read or tampered with by unauthorized third parties (think HIPAA breach), such as your internet service provider (ISP), application service provider, or cyber hacker as it is relayed between the parties.

Was the platform designed from the beginning as a dental-centric solution?

Many of the programs that the Office of Civil Rights mentioned in its March 2020 Bulletin are general industry platforms that pivoted during the peak of the crisis to meet health-care needs.3 Yet dental practices have unique needs, such as the need to communicate confidentially and share patient information securely with referring or specialist dentists. A dental-centric platform will offer such capabilities and more.

What kind of dental record and documentation capabilities does the platform offer?

The more comprehensive the documentation capabilities, the better, for several reasons. A robust dental platform will support your dento-legal documentation requirements and ensure there are no gaps in your continuity of care. What if a patient (or attorney) requests a copy of their record? Fragmented documentation dilutes your ability to fulfill the request and right under HIPAA and could possibly hinder your defense in a legal case or dental board complaint. The ability to track and ensure a comprehensive patient record, whether in person or through teledentistry, is key.

How does or will the platform integrate with your practice management software?

If a teledentistry solution is an offshoot of a telemedicine platform, it was not specifically developed for dentistry, and as such, may not integrate with your practice management software. Even when teledentistry-specific software does not integrate with your practice management, it should be easy to share data between the two.

You may recall that, during the initial height of the pandemic, the Department of Health and Human Services Office of Civil Rights (OCR) temporarily relaxed its standards related to telehealth options. The OCR recognized that some covered health-care providers may not have been using fully compliant remote communications technologies at that time.

Further, the OCR exercised its enforcement discretion and did not impose penalties for noncompliance with HIPAA requirements. This was the case as long as the provider acted in good faith and also did not use a public facing application such as Facebook Live, Twitch, or TikTok. According to the OCR’s March 17, 2020, Bulletin, only programs that allow solely the intended parties to participate in the communication should be utilized.3

What does the world of technology look like in your practice today? Does it include robotic-assisted implants, creating a personalized electronic patient experience, or use of medical grade air purifiers? Do you see yourself incorporating virtual consultations and case presentations to deliver optimal practice efficiency and patient convenience? If so, perhaps it’s time to consider a HIPAA-compliant teledentistry platform.

Editor's note: This article appeared in the August 2022 print edition of Dental Economics magazine. Dentists in North America are eligible for a complimentary print subscription. Sign up here.

References

  1. Ryu S. History of telemedicine: Evolution, context, and transformation [book review]. Healthc Inform Res. 2010;16(1):65-66. doi:10.4258/hir.2010.16.1.65
  2. Rocca MA, Kudryk VL, Pajak JC, Morris T. The evolution of a teledentistry system within the Department of Defense. Proc AMIA Symp. 1999:921-924.
  3. Notification of enforcement discretion for telehealth remote communications during the COVID-19 nationwide public health emergency. US Department of Health and Human Services Office of Civil Rights. https://public3.pagefreezer.com/content/HHS.gov/31-12-2020T08:51/https://www.hhs.gov/about/news/2020/03/17/ocr-announces-notification-of-enforcement-discretion-for-telehealth-remote-communications-during-the-covid-19.html
About the Author

Linda Harvey, MS, RDH

Linda Harvey, MS, RDH, a nationally recognized dental risk management and regulatory compliance expert, helps dentists and their teams navigate regulatory requirements and mitigate risk. She is the founder and president of the Linda Harvey Group, which specializes in on-site HIPAA and OSHA regulatory and dental risk management coaching for dental practices, and the Dental Compliance Institute (DCI), which provides train-the-trainer education and certification for HIPAA and OSHA regulatory compliance and dental risk management.

Sponsored Recommendations

Office Managers: A Glowing Review

Office managers are the heart of every practice, valued for their compassion, dedication, and exceptional skill. This year’s Spa Day giveaway highlighted their impact—from problem...

Care Beyond the Chair: A Trusted Provider for All Patients

Just as no treatment plan is exactly the same, neither are any two patients’ financial situations. Financial barriers can stand in the way of a patient receiving the care they...

Success in the Cloud: Benefits for Multilocation Practices

One practice, multiple locations. It sounds pretty simple, but we know it requires an intentional, multilayered strategy to be successful. Discover how implementing cloud-based...

4 Ways to Increase Case Acceptance & Practice Efficiencies

Cost limitations can be a big barrier to patients’ acceptance of dental care treatments. Click to learn more about Patterson CarePay+, a single, comprehensive financing option...