Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Does a Dentist Need a PIA?

does a dentist need a pia

Sharing is caring!

0 shares
  • Share
  • Tweet
  • LinkedIn
  • Email
Have you ever said…

“If only I had someone to ask!”

Each month, we discuss your questions about practice management, human resources issues, clinic management best practices, procedures, resources, practical privacy tips, and more in Practice Management Success membership.

 

In this Q&A, we're talking about: Does a Dentist Need a PIA?

If you are a member of Practice Management Success, login and join me now on the webinar. The replay will be available in your membership area.

I’ve had a dental practice for 10 years. Do I need a PIA?

 

In Alberta, the Health Information Act (HIA) was proclaimed in 2001.

Dentists and dental hygienists were named as a designated health professional under the HIA in March 2011.

A custodian as defined by the HIA is defined

1) as a member of a Regulated Health Profession

2) the Health Profession is named in the HIA as a custodian

3) the individual is acting as a custodian

There is a ‘grandfathering’ period when custodians who were already in practice at the time are not required to submit a privacy impact assessment (PIA). The dental practice, of course, must meet all of their dental college requirements including appropriate privacy and security policies, procedures, and reasonable safeguards to protect the privacy, confidentiality, and security of personal health information.

If  (when) you have had any changes to your practice, you need to complete a PIA. For example, since 2011, have you had any changes to:

  • administrative practice, for example, changes to billing practices, third party contractors, moving to a new location, etc.
  • information system, for example, computer network changes, remote backup, or practice management or EMR software
  • practices relating to the collection, use, disclosure of personal (health) information
  • new or changes to your current information flow (for example new projects, stakeholders, Netcare)
  • legislation (i.e. research)
  • any new risks to the privacy of health information
  • custodians, for example custodians (including dentists and dental hygienists) leaving or joining your practice

The PIA is a process that assists custodians to review the impact that an implementation of a new administrative practice, information system, or change to existing practices or systems relating to the collection, use and disclosure of individually identifying health information, may have on individual privacy.

A PIA describes the information flows in the project, identifies the legal authorities that allow for the flow of information, assesses potential impacts on and risks to privacy and identifies mitigation strategies to minimize the risks.

The process is designed to ensure that the custodian evaluates the new practice or proposed change to ensure technical compliance with the HIA as well as assessing the broader privacy implications for individuals.

Often, the Privacy Officer of the dental practice completes the Privacy Impact Assessment.  However, the custodian or CEO is responsible for the Privacy Impact Assessment.

Privacy principles and legal authority determine compliance obligations.

If you don't have a PIA already for your dental practice, and you were in practice prior to 2011, you probably will need a PIA soon. If you opened your practice after 2011, or are just planning your practice now, you need a PIA.

For more information about PIA's, pop over to our resource page here:

Tell me more about PIA's

Want more content like this?

Get Your Practice Management Success membership
dental, dental hygienist, dentist, healthcare, PIA, Privacy Impact Assessment

Privacy Policy

Copyright 2023 Information Managers Ltd.

0 shares
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}