In general, the Health Insurance Portability and Accountability Act (HIPAA) applies to health care providers who submit claims electronically - either directly, or through a billing service or clearinghouse. Passed in 1996, this federal law assured portability of health insurance coverage, mandated a fraud and abuse control program, created Medical Savings Accounts (MSA), and provided for simplification of administrative procedures.

HIPAA addresses three areas under administrative simplification provisions. Transaction and code sets establishes the ADA dental claim form and the most current version of the CDT codes as the industry standard for claims processing. Unique National Identifiers sets standard identifier numbers for providers (NPI), employers (EIN) and health plans (PLANID). Privacy Rules insures a patient´s protected health information (PHI) is properly maintained by health care providers.

Remember: HIPAA does not apply to a practice that does not submit any information electronically to a health plan.

Summary of HIPAA Privacy Rules

Effective April 14, 2003, dentists must have:

  • Obtained specific authorization from the patient before they can use or disclose Protected Health Information in most non-routine circumstances, such as releasing information to a patient´s employer or for marketing purposes.
  • Provided patients with written notice of their privacy practice and patients rights.
  • Designated a staff member as a privacy officer.
  • Given patients access to their records and allow them request changes to correct errors.

Summary of HIPAA Security Rules

Effective April 2005, requirements for dentists who transmit protected health information electronically, include:

  • appointment of a security officer;
  • administrative safeguards, such as security policies and procedures;
  • physical safeguards, such as locking doors when no one is in the office;
  • technical safeguards, password protections on patient records.
Additional information available to logged in members

Illinois Patient Records and Privacy Laws

For a number of years, Illinois has had various laws that describe how patient records must be maintained and when they can be released. Click here for information in the Illinois Dental Practice Act and Illinois Compiled Statutes.