To meet HIPAA audit control requirements, dental practices must, “Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.”
By requiring each employee to use unique login credentials to access systems, data access patterns for each employee can be established. Since audit controls require data access to be tracked, they enable the quick detection and response to unauthorized ePHI access.
To meet HIPAA transmission security requirements, dental practices must, “Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.”
- Integrity Controls: prevents unauthorized alteration or destruction of ePHI.
- Encryption: prevents unauthorized access to ePHI by encoding text so that it can only be read by users with a decryption key.