Dentists and Compliance: An Overview of HIPAA Dental Patient Rules

Dentists and Compliance: An Overview of HIPAA Dental Patient Rules

More than 500 dental offices were crippled by widely-publicized ransomware attacks in 2019. The attacks, in August and in November, created havoc for dentists and their patients. 

Between cyber attacks, increases in teledentistry, and other industry trends, dentists are finding themselves worrying about HIPAA compliance more than ever before. But what do HIPAA dental rules look like? How can a practice know if it is compliant?

Here's what you need to know. 

HIPAA and Dental Offices

Nearly all types and sizes of dental practices are covered by HIPAA law. This means that dental practices are legally required to:

  • Read and familiarize themselves with dental HIPAA laws
  • Set up a HIPAA compliance team
  • Complete regular HIPAA risk assessments
  • Identify any deficiencies and assign someone to correct them
  • Develop and put in place HIPAA-compliant policies and procedures
  • Provide ongoing training for practice staff on HIPAA requirements

Dental practices are also legally required to consider HIPAA concerns when partnering with other businesses.

Dentists must choose partner businesses that understand and are compliant with HIPAA regulations. All dental practices and their partner agencies must implement safeguards to protect patient information:

  • Administratively
  • Technically
  • Physically

Personal Health Information

What information does dental HIPAA policy protect? HIPAA applies to all personally identifiable health information (PHI). For  dental offices, this includes patients':

  • Names and addresses
  • Contact information
  • Social Security numbers
  • Payment information
  • Insurance information
  • Medical records 
  • Other health information

Protecting this information means:

  • Taking steps to ensure it cannot be hacked
  • Sharing it only with authorized parties
  • Not publicly acknowledging or discussing patients' care or conditions in any forum

While these rules may seem simple at face value, implementing them can be surprisingly tricky.

HIPAA and Marketing

Marketing may be the best example of an area where dentists run into unexpected trouble. 

This is true even when dental office HIPAA policy documents exist. Often these documents are not clear enough on what to do or avoid doing when interacting with the public.

This confusion can be exacerbated by patients themselves. Patients may reveal some of their own information in public forums, for instance. This can create pitfalls for dental representatives.

Even simple statements like "we're glad you had a good visit!" can violate HIPAA law by confirming that the reviewer is a patient of the practice. Similarly, practices can inadvertently reveal forbidden information about patients' conditions or health history when attempting to respond to false or unfair negative reviews. Often, well-designed compliance training is the only solution to preventing this type of innocent mistake. 


Teledentistry is another prime example of situations where dental HIPAA training is critical. Meeting with patients remotely is rapidly becoming both more common and more necessary.

Yet telehealth carries unique privacy challenges that many practices are unprepared to handle well. For example:

  • Third-party providers are involved to make the technical aspect possible
  • Appointments may be in real-time with other individuals present on the patient's end
  • Appointments may be conducted via an ongoing relay of information, which creates opportunities for other, unauthorized parties to access patient information

Providers and staff are often unclear on what regulatory requirements apply and how to make sure they are implemented and enforced. They may fail to include telehealth business partners in their HIPAA reviews and miss opportunities to prevent violations.

HIPAA courses for business associates of dental offices can offer vital information and protections for everyone involved. 

HIPAA Dental Office Training

All covered dental offices must provide training for their staff on HIPAA dental law, policies, and procedures.

While this sounds simple on the surface, the reality is more complicated. Many providers find themselves overwhelmed with questions such as:

  • Who should do this training?
  • How do I know if a trainer is equipped and appropriate to train my staff?
  • How can I facilitate training for my staff and business partners without breaking the bank?
  • How can I track and prove this training to protect myself and my business?
  • What can I do if I don't have the time, experiences, or resources to handle this myself?

All of these concerns are real and valid. Many factors can conspire to make training ineffective. Inconsistent training that you can't track or prove is also useless in protecting your practice. 

But what can you do?

Professional and Affordable Dental HIPAA Training

For most dental practices, the best answer is to outsource HIPAA dental office training to a qualified third-party. Not just any third-party will do, however. That's why so many offices are turning to the experts at HIPAA Exams. 

HIPAA Exams' Dental Office Bundle includes all the training that your staff needs, including: 

  • Compliance, Ethics, and Fraud for Health Care Professionals
  • Bloodborne Pathogens Training
  • Sexual Harassment Training
  • HIPAA for Dental Offices

Each course:

  • Can be done online from anywhere at your staff's convenience
  • Is concise and to the point so no time is wasted
  • Can be retaken as needed to refresh or clarify key information
  • Is digitally trackable for monitoring and compliance purposes
  • Includes a comprehension test to ensure staff understanding
  • Includes a printable certification of completion to make record-keeping and documentation easy
  • Provides continuing education (CEU) credits

HIPAA Exams provides corresponding courses for your business partners with all of the same great features. Our courses make bringing everyone up to speed, tracking your progress, and documenting your work painless and easy. We handle the heavy lifting so that you can focus on your practice with confidence and peace of mind. 

Our courses are also one of the most affordable options around for HIPAA training and compliance. Our group pricing means that you get the best possible prices on each course and our online format allows your staff and partners can take courses from the comfort of your office or their own homes. There's no need to spend huge chunks of money on conference space, catering, and other extraneous expenses. 

Dental HIPAA Training

Get your staff and business partners the HIPAA dental training they need. Grab our dental bundle or check out our complete course list and simplify HIPAA compliance at your practice today.