You will be interested to know that, “the Office of Civil Rights, the Health and Human Services agency charged with HIPAA Privacy Rule enforcement provisions, said OCR agrees … that dental laboratories are health care providers, so no Business Associate Agreement is required to share protected health information for treatment purposes” (ADA News, “ADA, NADL, OCR agree on status of labs,” May 5, 2003, Page 6). Even so, the lab does not receive patients’ telephone numbers, addresses, birth dates, social security numbers, medical records or data directly identifying individuals= relatives, employers or household members (“Protected Health Information”). Names that clients provide are only used by the lab to help clients identify their cases and you can use an in-office coding system to identify cases if you wish.
Examples of transactions that are covered by the HIPAA regulations can be found in the ADA News (see the March 17, 2003 issue, “Final HIPAA electronic health care transaction standards announced,”Page 15). Additionally, you can call the ADA’s HIPAA Hotline at 312-440-2899, ext. 3, for a recorded message explaining that dental laboratories are not business associates and what transactions are covered. Although a business associate agreement is not required between you and the lab, we remain committed to safeguarding the confidentiality of our clients, and you can rest assured that no privileged doctor-patient confidential information will ever be disclosed without your authorization.
We appreciate the opportunity to participate in the treatment of your patients. Thank you for using our lab’s dental laboratory services,
1 See 67 Federal Register 53252
2 See 65 Federal Register 82568
3 See Privacy Rule 164.502 (e)(1)