The HIPAA Privacy Rule

The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.  The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections.

HIPAA standard requires covered entities to: “Allow access only to those persons or software programs that have been granted access right.”(Section 164.312(a)(2)(1)). Furthermore, covered entities must: “Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.” (Section 164.312(e)(1)). These provisions also require that backups be encrypted to control access to the data, and that the encryption occurs before any data has been transmitted from a computer to its backup location. Allthough does not collect this information we still deploy teqniues to protect backup files with 256 bit AES encryption (adopted as an encryption standard by the U.S. government) before they ever leave our database and servers. Backup files are protected during transmission with a 256 bit SSL encryption layer. (Section 164.312(e)(I)) All access to backed-up data requires unique user authentication, and no passwords are stored in clear text.

*All dental care providers that are verified and listed on are required to be HIPAA compliant and are if the verfied icon is attached to their listing.

For further information please contact us at [email protected]