Everyday advances are being made in health care because of Information Technology (IT). Consequently, concerns about personal security have also increased.
DPid realized that for patients, dentists, and dental laboratory technicians to benefit from an open line of communication using advancements in IT, a series of personal security policies, procedures, and safeguards needed to be set in place:
DPid Code and Identification Number
Each patient is randomly assigned a unique DPid Code associated with a five digit alpha/numeric identification number linking the patient to his or her personal data. Data Matrix 2D Codes are used in place of commonly used QR Codes and other 2D codes because of their higher level of security and sizing capability. Because of these qualities, Data Matrix Codes are used exclusively by the Aerospace Industry and the U.S. Department of Defense.
Nicole Pontius in Barcode Labels, CAMCODE, Data Matrix Codes vs. QR Codes, January 23, 2012
http://www.camcode.com/asset-tags/barcodes-data-matrix-vs-qr-codes/
Data Storage
Both the patient’s Tier 1 and optional Tier 2 data are encrypted and stored on, U.S. based, secure servers in a controlled environment. Servers are firewall protected, monitored 24/7, and are backed-up daily to an off-site location.
Data Access
Tier 1 data access is available only to the patient, dental practice, dental laboratory, and DPid Administration, each with their own level of security and clearances. Optional Tier 2 data is available only to the patient, except in the case of Pertinent Health Information. Which is also made available to the dental practice and/or dental laboratory.
Pertinent Health Information
Pertinent Health Information refers ONLY to dental health information that impacts the well-being of the patient, for example, information that might be relevant to the manufacturing materials used or the procedure for inserting a dental prosthetic or appliance. It is NOT intended to contain Personal Health Records (PHR) that have no impact on the work being done by the dentist or dental laboratory technician.
Secured Sockets Layer (SSL)
All sensitive information sent across the internet between the web browser and the data storage servers is encrypted with an SSL certificate.
Privacy Policy
Any personal information collected requires the patient’s knowledge and consent as outlined in DPid’s Privacy Policy.
HIPAA Notice of Privacy Practices
DPid is required by law to maintain the privacy of Protected Health Information as outlined in the HIPAA Notice of Privacy Practices.
Emergency Situations
In an emergency situation, a DPid associate will follow strict procedures in assisting Emergency First Responders while maintaining patient privacy and security.