Compliance Made Convenient

By Rohit Joshi

Confidentiality is at the heart of patient trust. No practitioner needs to be convinced to keep patient information private and all patient data tightly held. Yet, as electronic transmission is replacing traditional methods of information exchange, new regulations are setting standards for electronic information security that extend doctor/patient confidentiality into the electronic world.

As of September 23, 2013, dental practices are expected to be in compliance with the HIPAA Omnibus Rules. The Department of Health and Human Services (HHS) calls the HIPAA Final Rule (Omnibus) the "most sweeping changes to the Privacy and Security Rules since they were first implemented." Under the new rules there are also new fines for practices that violate the law, with a maximum penalty of $1.5 million per violation for noncompliance of the rules if negligence is found.

Email is not compliant

A significant and recurring violation occurs through using email to transmit protected health information (PHI). Almost without exception, Outlook, Apple Mail, Gmail, etc., are not compliant with HIPAA or HITECH regulations. Further, online storage services (e.g., Dropbox, Skydrive) also fail to comply with HIPAA standards.

Why? Even if your computer is secure, your message passes through dozens of unknown servers en route to its destination. These "middleman" servers make up the backbone of the Internet and email systems. Apart from the security issue, privacy legislation also requires the ability to audit systems for a detailed log of who was able to view PHI, complete with times and dates. Email typically will not have these systems in place.

Email is not convenient

Besides lacking security safeguards, email systems do not meet the needs of dental professionals to transmit files between practices and laboratories. High-resolution digital images, 3-D STL files, and CBCT scans are difficult or impossible to email because most provider servers limit attachment sizes to less than 20MB. This means dental professionals and labs may need to send/receive multiple emails per patient file, if they can be sent at all. While systems that enable large-file storage such as Dropbox provide an alternative for transmitting large files, the data are stored unsecured in an unorganized manner. That is, there is usually little referential information included with the files, making long-term storage, retrieval, and management very difficult.

Compliance made convenient

Sending PHI to referral partners and patients securely and in compliance can be convenient by enabling the transmission of larger files through a single system. Secure-Mail™, a new technology that simplifies the communication process, enables dentists, specialists, and labs to share private patient information easily and safely.

Exclusively available through Brightsquid Dental Link, Secure-Mail™ works like email with an important distinction -- all communication meets compliance standards. You can easily send protected health information to colleagues and directly to your patients in a trusted and compliant manner. Simply compose, attach, and send.

In addition to ensuring compliant communication, Secure-Mail™ is convenient, enabling users to attach up to 500MB per message. A single message could contain entire patient files. You can also view and manipulate attachments (3-D STL, PNG, JPEG, etc.) within the Brightsquid Dental Link Image Studio. Secure-Mail™ works with your existing email address, directly sending you secure notifications when you receive a new message. A link in your traditional email directs you to the Secure-Mail™ message.

Brightsquid Dental Link already has more than 3,000 users in 11 countries using Secure-Mail™ to safely share PHI. Secure-Mail™ meets or exceeds privacy regulations defined in HIPAA, HITECH, and PIPEDA as the service was designed specifically to address the necessary safeguards and requirements.

Rohit Joshi is CEO of Brightsquid Dental Ltd. For the past 20 years, he has held senior executive positions with life science and technology companies in the USA and Canada, with a focus on using technology for effective communication. Rohit has earned a bachelor's degree in molecular biology, a master's degree in medical science (surgery/orthopedics) and a bachelor's degree in law, all from the University of Calgary. You may contact him by email at [email protected].