The HIPAA Privacy Rule for Dentists

The HIPAA Privacy Rule requires dentists to implement appropriate safeguards to protect the privacy of individually identifiable health information and places conditions on the uses and disclosures of Protected Health Information (PHI). The permissible “minimum necessary” uses and disclosures of PHI not only apply to electronic communications, but also to oral and written communications.

The HIPAA Privacy Rule also requires dentists to provide each new patient with a Notice of Privacy Practices. The Notice must explain how the dentist can use of disclose PHI within the HIPAA laws for dentists, explain when the patient´s authorization is required before a disclosure, and explain their rights in respect of patient access to medical information.

To ensure the HIPAA laws for dentists are applied, dentists are required to appoint a HIPAA Privacy Officer or designate the role to an existing member of the workforce. In larger organizations – for example, Dental Service Organizations or Organized Health Care Arrangements – it may be necessary to establish a HIPAA compliance team to implement the HIPAA Privacy and Security Rule standards.