What is HIPAA & How Does it Affect My Dental Practice?

Author avatar

The Connect the Doc Team

We are sharing and consuming more data faster than anytime before. Data is part of just about everything we do even in a dental practice. Patients’ health records include more data points, and we have more than a few ways to ask patients for their information. These developments have necessitated the need for privacy laws that regulate the way we collect, share and distribute protected healthcare information (PHI). 

Different countries have laws, legislation, and rules that govern the collection, use, and disclosure of protected healthcare information. And these regulations apply to dentists, dental practices, and dental patients. 

This article discusses one critical legislation that regulates the flow of information in the US dental industry. 

What is HIPAA?

HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act. This United States federal statute was signed into law in August 1996 and stipulates how protected healthcare information is managed and shared by healthcare industries, amongst other things.

Understanding this law can help dentists develop key administrative and operations policies in their practice that ensure patients’ protected health information is collected, used, shared, stored, and managed in a secure manner. This applies to all patients’ information shared via email communication on your website, social media platforms, and dental review sites. 

It is the responsibility of every dentist in the United States to familiarize themself with this law and understand how to comply with it. Failure to comply with this regulation can lead to fines,  upwards of 1.5 million dollars. More importantly, by complying with HIPAA, you will be taking steps to protect your patients’ data and win their confidence and trust. 

What is Considered PHI? 

PHI is an acronym that stands for protected health information. As a dentist, you’ve likely heard this term used in healthcare settings. But it can be challenging to know exactly what it means in the context of HIPAA. 

Under HIPAA, protected health information refers to any identifiable health information collected, used, disclosed, maintained, managed, stored, or transmitted by a healthcare professional or entity. This includes all health information collected or shared via forms or forums, physically or electronically. It also refers to information shared verbally. 

Examples of PHI include names, dates (excluding years), phone numbers, location-specific data, social security numbers, FAX numbers, email addresses, medical records, account numbers, face photographs, IP addresses, biometric identifiers, website addresses, license plates, etc. 

As you can tell, there are several identifiers included that make up PHI. So, it’s best to ensure all information you collect about your patients is kept secure and managed properly. 

Tips to Comply with HIPAA

  1. Get Familiar with the Rules 

If you haven’t already done so, now’s the time to familiarize yourself with HIPAA rules and regulations. Make sure your dental team members are also aware of the rules and understand their importance. 

  1. Use Secure Means of Communications

How secure is your data storage? With so many data breaches occurring nowadays, you need to have cybersecurity tools and measures in place to protect your practice’s and patient’s data. You can learn more about cybersecurity for dentists here

  1. Do Not Disclose Patient Information Online

HIPAA also regulates electronic messages, so be mindful of how you share information online. This includes email communication, website copy, and even when you’re replying to patients’ reviews online. 

  1. Get a Compliance Manager

You can choose to work with a compliance agency that audits your practice’s policies and tools for storing and sharing data. Alternatively, you can assign compliance tasks to one of your team members who will be responsible for overseeing the storage and disclosure of patients’ information. 


HIPAA was created to safeguard patients’ information, but it can also protect you and your practice from unwanted fines, lawsuits, and patient attrition. Start taking the right steps today to comply with this regulation. 

To learn how you can respond to online reviews while maintaining your HIPAA compliance, read our recent article


Disclaimer: The individuals who maintain this blog work at Connect the Doc. The information, comments, and links posted on this blog do not constitute legal advice. No client relationship has been or will be formed by any communication(s) to, from, or with the blog and/or the blogger. For legal advice, contact an attorney actively practicing in your jurisdiction. Do not send any confidential or privileged information to the blogger; neither Connect the Doc nor the blogger will assume any liability or responsibility for it. If you send any information, documents or materials to the blog, you permit the blogger to include them on or in the blog. No information, documents, or materials you send to the blog will be considered confidential or privileged by Connect the Doc. Also, no such information, documents, or materials will be returned to you. All decisions relating to the content belong to the blogger.