Learn more about the Florida Dental Association here.

Beyond the Bite

The Official Blog of the Florida Dental Association

Tag: dental records

Altering Dental Records Can Result in Significant Penalties

by 1 Comment

By Jon M. Pellett, JD, Managing Attorney – Administrative Defense, Medical Investigation Defense Unit, The Doctors Company

The Florida Board of Dentistry (BOD) takes a dim view of those who alter dental records. If a licensee is found to have altered a dental record, the BOD has a full range of penalties available to address the violation, including loss of the dental license and significant monetary penalties.

The Florida Department of Health (DOH) is the agency charged with investigating and prosecuting violations of the Dental Practice Act, including the issue of whether dental records have been altered in violation of the requirements of the BOD. The DOH has a wide range of statutory violations to choose from when presented with altered dental records.

Under the BOD’s Rule 64B5-13.005(3), if the DOH believes the alteration of the dental record was intentional and constituted fraud or making a false or fraudulent representation, it will seek a minimum mandatory fine not to exceed $10,000 for each count or separate offense, in addition to any other penalties outlined in the Board’s disciplinary guidelines.

Typical charges for altering the dental record include the following possible violations and subsequent penalties:

TDC table

Most professional licensing boards view altered records as evidence of a fundamental character flaw in the licensee and they will seek the higher range of penalties including suspension and loss of the license. The BOD is no different.  

Although permittable, if you need to make a late entry in the dental record, to avoid any allegation that you are seeking to alter the dental record, you should follow the BOD’s rule on record keeping. Rule 64B5-17.002(2) states: “Record Alterations: Any additions, corrections, modifications, annotations or alterations (hereinafter ‘change’) to the original dental record entry must be clearly noted as such and must include the date when the change was made, must be initialed by the person making the change, and must have an explanation for the change. An original entry to the record cannot be partially or wholly removed. Rather, to represent the deletion of a record entry, the entry must be struck through where it will remain legible. A change made on the same date of the original entry must also include the time of change.”

This requirement is applicable to handwritten records and electronic records. If you have any doubts before you make alterations or changes to a dental record, consult with an attorney.

 

Reprinted with permission. ©2018 The Doctors Company. For more patient safety articles and practice tips, visit www.thedoctors.com/patientsafety.

The guidelines suggested here are not rules, do not constitute legal advice, and do not ensure a successful outcome. The ultimate decision regarding the appropriateness of any treatment must be made by each health care provider in light of all circumstances prevailing in the individual situation and in accordance with the laws of the jurisdiction in which the care is rendered.

 

 

Why Electronic Documentation Can be Such a Pain

by Leave a comment

By Juanita Benedict, DPT, CEAS II

I get it. I understand why electronic medical records are necessary. Documenting in this format is supposed to decrease medical errors and improve coordination of health care. I even prefer electronic documentation in most circumstances. Honestly, who wants to sit and hand write 30 detailed notes at the end of the day? It’s a great concept, except … don’t we already spend too much time in front of a screen? Even before the implementation of the electronic record requirements, a study from the Council for Research Excellence in 2009 reported in the New York Times claimed that the average American spends more than eight hours per day in front of a screen! With more of our personal and business interactions being performed in front of the computer or mobile device, how much has that time increased almost seven years later?

Despite the benefits of electronic documenting for overall improved coordination of health and documentation compliance, the fact is that extended screen time is simply not healthy. Here are three reasons why:

1. More prolonged sitting. After sitting all or most of the day, the last thing your body needs is more sitting. However, it is unlikely that you have equipped your office with one of those cool treadmill desks. Sedentary activities promote cardiovascular disease, increase the risk of obesity and consequential health problems associated with it, decrease aerobic capacity and much more. Of course, there is a higher incidence of musculoskeletal pain in those who are more sedentary because the body is simply getting weaker.

2. More poor posturing. Proper posturing is just as important while using a computer as it is when working on patients to decrease risk of developing musculoskeletal dysfunction. Just as proper sitting postures often are lacking when delivering dental care, computer operating postures often leave much to be desired. If you are already experiencing neck/shoulder/back/wrist pain, your computer positioning may be a contributing factor that you have not considered. This is another area where those pesky muscle imbalances wreak havoc.

3. More visual stress. Eye strain is a problem for dental professionals. According to the American Optometric Association, extended time on computers can lead to a collection of symptoms that has been named “computer vision syndrome.” Symptoms include headaches, blurred vision, and even neck and shoulder pain. Since eye strain is already common in dentistry due to the demands of accommodation and such, adding more activities that promote poor eye health is not ideal.

As it becomes more necessary to increase your screen time at work, it becomes even more necessary to change your lifestyle habits. Here are just a few tips on how to counteract some of the consequences of extended computer use:

Unplug: Spend time away from computers, phones, tablets and TV screens! You may be amazed at how difficult this may be at first. However, after a while, this will seem like a refreshing oasis of time. Reconnect with those things you once loved.

Move: Any way you want. Dance. Walk. Swim. Bike. Go to the gym. Play with your kids. Help a neighbor move. Clean the house! It doesn’t matter what you do — just get going. This act alone has tremendous emotional and physical health benefits.

Eat well: With an increase of sedentary activities, there is a decrease in calories burned and increase in fat deposited throughout the body. If you are not training to run a marathon, make sure you are not eating as though you are. Stick to a healthy diet with a lot of fiber and water. Peristalsis tends to slow as we become more sedentary as well, which can lead to bloating and other very uncomfortable things!

Educate yourself: Knowing your risk factors for developing pain and compromising your health is necessary so that you can learn how to overcome them. Use quality and reputable resources to make changes in your daily practice. OSHA has provided a free guide to setting up a proper workstation environment to improve posturing. Other resources provide information on how to assess your computer stations and help you to configure a station that makes long hours of documentation, business transactions, emailing, and even reading blogs more comfortable and safe for you.

It appears electronic documentation is here to stay. So, it is of utmost importance that you learn how to protect your health from the devastating consequences that will result from hours of screen time.

As always: Be healthy and practice safely!


Juanita Benedict is a physical therapist in Florida who works specifically with dental professionals to reduce their pain while practicing as well as extend their careers. For more information, go to www.healthydentistrysolutions.com or contact her at 407.801.3324.

 

Be Cybersecure: Protect Patient Records, Avoid Fines and Safeguard Your Reputation

by 1 Comment

By David McHale, Senior Vice President and Chief Legal Officer, The Doctors Company

Cybercrime costs the U.S. economy billions of dollars each year and causes organizations to devote substantial time and resources to keeping their information secure. This is even more important for health care organizations, the most frequently attacked form of business.1 Cybercriminals target health care for two main reasons: health care organizations fail to upgrade their cybersecurity as quickly as other businesses, and criminals find personal patient information particularly valuable to exploit.

Recent cyberattacks on large health insurance companies further demonstrate cybersecurity risks. On Jan. 29, 2015, Anthem, the second largest health insurer in the United States, announced it was the victim of a sophisticated cyberattack that it believed happened over several weeks starting in December 2014.2 Reported as one of the largest attacks to date, the Anthem breach exposed the information of up to 80 million current and former members, including names, birth dates, Social Security numbers, health care IDs and addresses.3 That same day, Premera Blue Cross discovered it also was a victim of a cyberattack, with an initial attack taking place in May 2014. Cybercriminals gained unauthorized access to the information of up to 11 million Premera customers dating back to 2002, ranging from birth dates and Social Security numbers to addresses and bank account information — the second largest breach, after Anthem, in the health care industry.4

The repercussions of security breaches can be daunting. A business that suffers a breach of more than 500 records of unencrypted personal health information (PHI) must report the breach to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). This is the federal body with the power to enforce the Health Insurance Portability and Accountability Act (HIPAA) and issue fines. To date, the OCR has levied more than $25 million in fines, with the largest single fine totaling $4.8 million.5 In 2014, U.S. health care data breaches cost companies an average of $314 per record — the highest of any industry.6

A health care organization’s brand and reputation also are at stake. The OCR maintains a searchable database (informally known as a “wall of shame”) that publicly lists all entities that were fined for breaches that meet the 500-record requirement.7

To help safeguard your systems, know the most common ways a breach occurs. The theft of unencrypted electronic devices or physical records is the most common method, accounting for 29 percent of breaches across all industries in the United States.2 Also common are hacking (23 percent) and public distribution of personal records (20 percent). A breach in the latter category led to the largest OCR fine to date when two affiliated hospitals accidentally made patient records public on the Internet.5

If you think you may not be fully compliant with HIPAA privacy and security rules, consider taking the following steps:

  • Identify all areas of potential vulnerability. Develop secure office processes, such as:
    • sign-in sheets that ask for only minimal information.
    • procedures for the handling and destruction of paper records.
    • policies detailing which devices are allowed to contain PHI and under what circumstances those devices may leave the office.
  • Encrypt all devices that contain PHI (laptops, desktops, thumb drives and centralized storage devices). Make sure that thumb drives are encrypted and that the encryption code is not inscribed on or included with the thumb drive. Encryption is the best way to prevent a breach.
  • Train your staff on how to protect PHI. This includes not only making sure policies and procedures are HIPAA-compliant, but also instructing staff not to openly discuss patient PHI.
  • Audit and test your physical and electronic security policies and procedures regularly, including what steps to take in case of a breach. The OCR audits entities that have had a breach, as well as those that have not. The OCR will check if you have procedures in place in case of a breach. Taking the proper steps in the event of a breach may help you avoid a fine.
  • Insure. Make sure that your practice has insurance to assist with certain costs in case of a breach.

 

References

1Visser S, Osinoff G, Hardin B, et al. Information security & data breach report—March 2014 update. Navigant. March 31, 2014. http://www.navigant.com/~/media/WWW/Site/Insights/Disputes%20Investigations/Data%20Breach%20Annual%202013_Final%20Version_March%202014%20issue%202.ashx. Accessed June 17, 2014.

2How to Access & Sign Up for Identity Theft Repair & Credit Monitoring Services. Anthem, Inc. February 13, 2015. https://www.anthemfacts.com. Accessed March 19, 2015.

3McCann E. Hackers swipe Anthem data in massive cyberattack. Healthcare IT News. February 5, 2015. http://www.healthcareitnews.com/news/hackers-swipe-anthem-data-huge-breach-attack. Accessed March 19, 2015.

4Miliard M. Premera Blue Cross hack exposes 11M. Healthcare IT News. March 18, 2015. http://www.healthcareitnews.com/news/premera-blue-cross-hack-exposes-data-11m. Accessed March 19, 2015.

5McCann E. Hospitals fined $4.8M for HIPAA violation. Government Health IT. May 9, 2014. http://www.govhealthit.com/news/hospitals-fined-48m-hipaa-violation. Accessed June 24, 2014.

6Ponemon Institute LLC. 2014 cost of data breach study: United States. May 2014. Study sponsored by IBM. http://www.accudatasystems.com/assets/2014-cost-of-a-data-breach-study.pdf. Accessed March 20, 2015.

7Breaches affecting 500 or more individuals. U.S. Department of Health & Human Services. http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html. Accessed June 23, 2014.


David McHale is The Doctors Company’s Chief Legal Officer. He holds a law degree from the University of the Pacific’s McGeorge School of Law and an MBA from the University of Illinois. He is a Certified HIPAA Compliance Officer (AIHC) and a regular presenter before insurance trade organizations and the National Association of Insurance Commissioners (NAIC).

Contributed by The Doctors Company. For more patient safety articles and practice tips, visit www.thedoctors.com/patientsafety.

The guidelines suggested here are not rules, do not constitute legal advice, and do not ensure a successful outcome. The ultimate decision regarding the appropriateness of any treatment must be made by each health care provider in light of all circumstances prevailing in the individual situation and in accordance with the laws of the jurisdiction in which the care is rendered.

 

5 Things Every Florida Dentist Should Know About Records

by Leave a comment


By Graham Nicol, Esq., Health Care Risk Manager, Board Certified Specialist (Health Law)

1. Records are evidence (exculpatory or damaging).

2. They must be kept a minimum of four years post-treatment, but preferably at least seven years (statute of repose for medical malpractice).

3. They should contain an entry every time an examination, treatment or dispensing of drugs occurs.

4. They document the doctor who is primarily responsible for all dental treatment regardless of who actually did it.

5. If you get in trouble with the Florida Board of Dentistry, a count for “failure to keep adequate records” will be alleged.


This blog is for informational purposes only and is not intended to be a substitute for professional legal advice. If you have a specific concern or need legal advice regarding your dental practice, you should contact a qualified attorney.