Imagine this: You have too many inactive patient records, so you hire a storage facility to store these charts. You also decide to put old equipment in there as well, computers, printers — basically anything that you don’t want cluttering your office.
One day you get a call saying the storage facility was broken in to.
Once you take an inventory of what was stolen or accessed you determine that you need to notify your patients that their identities may be compromised.
You contact your insurance company who says they will help you, but you quickly realize they only cover basic notification and maybe some credit monitoring for the affected patients. You’re now stuck with an enormous bill and a daunting task ahead.
This is why we do what we do. Having been through investigations with dental practices, we know the process and all of the ‘gotchas’ and can help you avoid costly mistakes. We know that often times the insurance carrier will deny the claim if the storage facility isn’t listed as a location in the policy. We know that HIPAA specialized attorneys should submit the reports and notifications to state attorney general and OCR. We know that you will be required do all the things we do and get compliant in order to close the investigation. That’s why we have the programs we do and offer the solutions we do. Don’t get caught in a ‘gotcha’.