I Need a Hero

By Dr. John Paul, FDA Editor

I was wearing a long face and being generally disgruntled by all the goings on in this great country when I walked into the room with one of my favorite patients and longtime advisors, Ima Mae Gruntbuns, a great American. Not being one to let me rest on my laurels or rain on any parade she is enjoying, she questioned my lack of enthusiasm for being alive one more day. I complained that people just seem to being sliding back into the slime. Folks I know and like are being nasty to one another. Others think they can run amok, spouting hate and destroying things that don’t belong to them. When one side behaves badly, the other side tries to top them and then the “news” tells you about the worst of us every hour on the hour in gory detail with plenty of video from every angle.

Mrs. Gruntbuns pulled me up short. She said, “Son, you are looking in the wrong place for inspiration. Just because you get elected or you are famous or someone points a camera your way, doesn’t make you a leader or a hero. All those pictures on your Marvel comics scrub top are fiction.”

That was a little disheartening because my wife thinks I look like Thor now that I wear a beard, but Mrs. Gruntbuns wasn’t slowing down.

“Turn off the TV and put down the phone. Last April when no one knew who had or who might die from the coronavirus, who opened his office and removed that fish bone stuck between Mr. Gruntbuns’ teeth?” she continued.

I replied, “Well, I did Mrs. Gruntbuns, but he’s a friend and I was just doing what I know how to do with the tools I have on hand …”

“Yes, Doc — but you did it. You came in and got him out of pain. He carries that bone around in his wallet and he’s still telling people about it.

“Who grabs people’s tongues with a piece of cotton, pulls it out past their nose and stares at that hangy-down thing and whatever else is in the back of our mouths to make sure we don’t have cancer, or at least catch it early so we can cure it?”

“Well, we dentists do, Mrs. Gruntbuns, but it’s just what we were taught to do in school and it’s the right thing to do,” I responded.

She went on. “Have you counted up the lives you’ve saved, the suffering you prevented? There is a hero or two in every dental office. Every once in a while, an ‘Atta-girl/boy’ and a pat on the back goes a long way, but you don’t need the satellite truck and the pretty newsreader to verify what you do. Just keep doing it for all of us regular folks who may not be famous either but deserve your best effort every day.”

It’s hard to argue with someone who is so right.


Reprinted from Today’s FDA, Jan/Feb 2021. Visit floridadental.org/publications to view Today’s FDA archives.

Your Technological Legacy to Your Children and Grandchildren

By Larry Darnell, FDA Director of Information Systems

You might imagine since I am knowledgeable about technology that at least one of my three daughters might share that gift. Sadly, that is not so. It’s not because I didn’t try to make it so. I consistently provided them with above average technology (usually my hand-me-downs, but still). Often referred to as Techno Dad, I was available to answer any and all questions about technology they had. Once again, few questions arose. Perhaps technological ability skips a generation because two of my three granddaughters have picked up technology and have done things with it that I could never have dreamed about when I was 4 or 7 years old.

Every year before school starts, many law enforcement agencies put out a list of 15 or so apps you should be concerned about that your kids might be using. Google it, it’s easy to find that list. I bet you may recognize five of those. The other 10 you’ve probably never heard of at all. The list probably scares you into checking their devices just to see.

The real question is, how much are you paying attention to what your children and grandchildren are doing with the advanced technology they have at their disposal literally from birth? Do they have limits about when, where and how often they can use the technology? I’m no medical doctor, but I hear reputable people talk about the addictive effects this technology has on children. I see it with my own eyes, and I can’t help but wonder what that will mean for them as they grow older. We’ve had the opioid crisis and I’m afraid a techno crisis is coming soon.

I’m convinced I bought my teenage daughters smartphones so they could text me from their rooms 10 feet away. I know technology is not evil unto itself. It’s a tool. But like any tool, it can be misused, so you need to keep tabs on when, how and for what purpose it’s being used. I heard Simon Sinek in a video recently say, “They are children, you can take it away.” Talk about starting World War III. So, as parents or grandparents, what are we to do? Here are three things to consider.

First, set limits when the phone can be used.

There are technological solutions to this (setting up systems that permit use during certain time frames, etc.) or there is the Sinek method and just take the phone away. However, allowing children unfettered access to technology is not the best idea even if it seems to make your life easier now.

Secondly, determine where those devices can be used.

At the dinner table? Never. School? Limited usage. In their rooms overnight? NO. Teach your children and grandchildren proper use etiquette, but realize you’ll have to adhere to that, too. No “do as I say not as I do” with this stuff.

Lastly, see what they are doing on their devices.

The best way I could do that was have all the devices funneled through one account. If my kids or grandkids wanted some app, they had to ask me to get it for them. Did I track their website usage? You bet I did. I knew when and where they went on the web. I know all the bad stuff out there. I know the horror stories of people trying to get to our kids through technology. Occasionally, I physically inspect all their devices. I pay for it, so I can have access at any time. They knew this when I entrusted them with it. I’m the parent and I have the responsibility to do my best to protect them.

Our children are too precious to imagine that Google, Facebook, Snapchat or whatever is next will look out for their best interests. That’s our job, and it’s time we start doing it.


Reprinted from Today’s FDA, Jan/Feb 2021. Visit floridadental.org/publications to view Today’s FDA archives.

12 Tips to Engage with Your Patients and Respond to Reviews Online

From your social media platforms to your online reviews, it’s important to keep a pulse on what your patients are saying and engage in positive dialogue. Proactively engaging with patients on your online platforms helps you keep your practice top of mind, highlight services and products, and get feedback from your patients. The following are best practices for engaging on your online platforms:

1. Check your social media platforms at least once a day and aim to respond to messages and questions within 12 hours. This shows your audiences that they are valued and ensures you are handling any issues quickly.

2. “Like” and respond to positive comments — even a simple “Thank you!” or “You’re welcome!” The commenter will appreciate it, and it keeps positive comments at the top of the thread.

3. Ensure that all posts and responses are on-brand, professional and respectful.

4. Hide or remove comments with inappropriate language, threats, HIPAA compromises (such as photos where individuals’ faces are shared without consent) or negative mentions of a specific doctor. Consider including these community guidelines in your “About” section.

Now, you might be wondering what to do when a patient or follower shares a negative review, comment or complaint. You may be tempted to delete the post, respond tersely or even fire back. But remember that the rest of the online community is “watching” your actions. It’s critical to show professionalism and respect and to take the time to think through the question and best response. While you can’t control every comment or review, your response may help prevent further negative feedback. The following are tips to keep in mind for negative reviews:

5. Identify sensitive questions or comments and determine the best course of response. This could include patient complaints and questions on cost, billing or office policies. A good practice is to take the conversation in private via direct message.

6. Decide whether it is worth it to respond on a case-by-case basis. In some cases, it may be best not to respond, depending on the content of the review, the volume of reviews for your practice, etc.

7. If you respond, do so in broad “all patient” terms and office policies versus getting into a direct dispute.

8. Do not get into an online debate over the incident that prompted the negative review. Doing so can look defensive or confrontational.

9. Invite the negative reviewer to contact you directly to discuss the issue further.

10. Make sure that any response represents you as a compassionate, concerned and understanding professional.

11. Consider this example response: “Our office strives to provide the best service to all patients. We would like to learn more about what happened and hope you will contact us as soon as possible.”

12. Negative reviews should not be removed, unless they include profanities or statements of hate, reference a specific provider or violate any privacy policies.

Consumers don’t expect businesses to have 100%, five-star reviews. Engaging with positive online comments and reviews, while thoughtfully handling any negative feedback, will help your practice strengthen your relationships, reputation and service to your patients.


Reprinted from Today’s FDA, Sept/Oct 2020. Visit floridadental.org/publications to view Today’s FDA archives.

My EHR System Makes Me HIPAA Compliant, Right?

By Abyde

Let’s face it, in today’s digital age, it’s tough to find a medical practice that doesn’t use an electronic health records (EHR) system. Even if you were late to the game and just recently made the switch, the use of EHRs in doctors’ offices nearly doubled between 2009 and 2017, to almost 86% of providers. One of the biggest qualifications for any EHR system is that it meets all HIPAA-compliance requirements to protect the sensitive patient data held within it.

But is that where HIPAA compliance begins and ends? 

A common misconception many providers have, however, is that implementing a HIPAA-compliant EHR ensures their practice is in compliance with all standards — instead, it’s just one piece of the much larger puzzle.

Make no mistake, having a HIPAA-compliant EHR is essential. There are several safeguards that should be implemented to protect your EHR’s electronic data, such as: 

  • Having the proper technical safeguards in place to secure your online databases.
  • Having access controls such as unique logins for your EHR system limiting access to authorized individuals.
  • Encrypting all stored information within your EHR.
  • Having access logs to your EHR system in case of any breaches or audits.

While these safeguards are key, there are other HIPAA requirements that go beyond the security of your EHR software and impact your practice’s operations, physical accessibility and all technology used within the organization — including IT networks and other applications not included in your EHR software. That’s why the Security Risk Analysis’ three sections — administrative, physical and technical safeguards — are so essential to ensure every aspect of your business’ risk is assessed.

  1. First, let’s look at HIPAA-compliant operations and administrative safeguards. Much of HIPAA law applies to having the proper policies and procedures in place. This means documenting things like how your practice releases protected health information (PHI), how you complete required annual HIPAA training, how you review employee access to PHI, how you’ll apply sanctions to workforce members if violating privacy laws, and more. Most of these will address how the “business” side of your practice operates. What’s more, your policies must reflect your actual practice operations — they can’t simply be templates downloaded off the internet to meet HIPAA requirements. Administrative safeguards also should include having all contracts in place to protect your PHI, such as Business Associate Agreements with all required vendors — including your EHR provider. 
  2. Second, your physical safeguards encompass both obvious and not so obvious ways to protect your practice from harm. This means determining if you have locks on your doors (we hope this one is covered) but also how often access codes are changed, when your last fire marshal inspection was, if you use privacy screens to prevent seeing PHI on computers in use, and if your PHI is physically separated from patients to prevent unauthorized access — just to name a few. Physical security is key to showing your practice’s efforts to prevent loss or theft of PHI and goes well beyond your EHR system.
  3. Lastly, beyond your EHR, your practice has likely implemented several different technology systems and applications. These technologies carry the same risks as your EHR and need technical safeguards to ensure the privacy of PHI they store or access. From your office Wi-Fi to your cloud storage solution or server, each system must have controls to prevent unauthorized access to your PHI. In fact, the more technology you rely on, the more accessible PHI is to the wrong people. It’s not just data at rest either — sending emails containing PHI requires encryption, as does instant messaging or text messaging when it includes PHI. All these systems are gateways to your practice’s data and are essential to protect just like your EHR solution.

Even non-HIPAA experts can conclude that having a HIPAA-compliant EHR system is a no-brainer. But missing all, or even just some, of the other pieces to the puzzle puts your practice and your patients at high risk. In fact, within Abyde’s Security Risk Analysis, only 10% of the questions pertain to your EHR system. Whether with Abyde, internally, or with another vendor, it’s essential to review the other 90% of your necessary safeguards before getting slammed with a HIPAA violation. 


Abyde is an FDA Crown Savings Endorsed Partner and the Abyde software solution is the easiest way for any sized dental practice to implement and sustain comprehensive HIPAA compliance programs. FDA members save 20% on Abyde services that help their practices meet government-mandated HIPAA standards that protect patient health information by identifying and correcting key security safeguards. Visit fdaservices.com/abyde or call 800.594.0883.

This article was originally posted on Abyde’s blog on July 16, 2020. Reprinted with permission.