Keeping Your Dental Website HIPAA Compliant

What does it mean to have a secure website?

As a dentist, you’re well aware of HIPAA, but in the far recesses of your mind, there’s an inkling of fear of what might happen if you don’t have the latest HIPAA compliant solution for your website. What is it exactly that you should be on the lookout for when it comes to covering your HIPAA compliant bases online? When working with your web developer, ask about the following factors.


Ideally, your website is more than just another pretty face that lists your services and contact information. If it is, in fact, a virtual coffeehouse of sorts, offering a place for potential and current patients to connect with you, HIPAA compliance is a must. All vehicles of engagement, such as emails, online forms, and even appointment bookings, require a secure solution for every variety of communication. It’s a non-option.



For optimal protection, an SSL (Secure Sockets Layer) Certificate is necessary, and it’s easy for your developer to line up. It ensures you use https. If your website has not switched from http to https, it is not fully encrypted. In other words, your patients’ information is there for the taking as it transfers between the server and the browser. Not protected is not okay.



Third party vendors that supply you with online forms should be signing a contract that protects your patients by complying with security and privacy regulations. The HIPAA rules generally require that covered entities and business associates enter into contracts with their business associates to ensure that the business associates will appropriately safeguard protected health information.



When it comes to payment forms, it’s important to remember that being PCI compliant doesn’t necessarily mean HIPAA compliant and vice versa. A payment exception under HIPAA only allows dentists to disclose PHI to third parties for the purposes of collecting payment. However, health providers are required to provide safeguards that protect PHI and credit card information.



If efficiency and accessibility are components of your practice’s 2020 vision, online forms are a must. And this can’t happen without HIPAA compliancy. PBHS TruForm™ is the only HIPAA compliant online patient form platform for dental practices that simplifies the data entry process and takes care of the details for you, saving time and money, and most importantly, protecting PHI.



PBHS SecureMail is an ADA Member Advantage Endorsed encrypted messaging solution for dentists and doctors that ensures all of the above. Fast and simple, this platform integrates secure email with Microsoft Outlook, delivering treatment letters and private communication from your practice management software. It truly is compliance made easy. Check out the details:

  • No software to install, configure, or maintain
  • Secure shared PHI between your practice and patients
  • Organized and accessible radiographs, CT scans, and messages
  • Any device, from any location.
  • Permanently encrypted data



As you collaborate with colleagues, refer patients online, and follow your patients’ care through treatment and post-op online, double-check the security protocols with your web developer. PBHS Collaborator is an option that promises easy and secure patient care management and communication. And it exists in conjunction with PBHS SecureMail.


Whether you’re starting from scratch or you already have a website, make sure it works for you and isn’t a liability. The right technology and platforms will guarantee your website is HIPAA compliant while you focus on what you care about most—your patients. Need to start the process with a secure email account? Easy. Login in and set it up today!


Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,