Our Commitment
MyDentalPMS is a HIPAA Business Associate committed to protecting Protected Health Information (PHI) with enterprise-grade security measures. We understand that patient trust is built on a foundation of unwavering security practices, and we take this responsibility seriously every single day.
As a covered dental practice management platform, we maintain comprehensive HIPAA compliance across all technical, administrative, and physical safeguards. Every patient record, clinical note, radiograph, and billing detail is protected with the same level of security that healthcare systems worldwide rely on.
Technical Safeguards
Our infrastructure employs industry-leading encryption and access controls to ensure data cannot be compromised even if physical security is breached:
AES-256 Encryption at Rest
Military-grade 256-bit AES encryption protects all stored patient data, ensuring it remains unreadable without proper decryption keys.
TLS 1.2+ Encryption in Transit
All data transmitted between users and servers is encrypted using TLS 1.2 or higher, preventing interception over networks.
Multi-Factor Authentication (MFA)
Required for all user accounts, MFA prevents unauthorized access even if passwords are compromised through phishing or data breaches.
Role-Based Access Control (RBAC)
Staff access is strictly limited to only the patient records and functions needed for their specific job roles, minimizing exposure.
Automatic Session Timeout (15 min)
Inactive sessions automatically terminate after 15 minutes, preventing unauthorized access from unattended workstations.
Immutable Audit Logging
All access to patient data is logged and archived in tamper-proof format for compliance audits and breach investigations.
Administrative Safeguards
Beyond technology, we maintain rigorous organizational practices to ensure HIPAA compliance:
Designated Privacy & Security Officers oversee all compliance activities, policy development, and incident response procedures.
Annual Security Risk Assessments identify vulnerabilities and ensure controls remain effective against emerging threats.
Employee HIPAA Training & Certification ensures all staff understand their privacy obligations and security responsibilities.
Documented Policies & Procedures provide clear guidance on data handling, access controls, incident reporting, and breach response.
Business Associate Agreement
MyDentalPMS executes a comprehensive Business Associate Agreement (BAA) with every client dental practice. Our BAA includes:
- Detailed safeguards for PHI protection
- Sub-processor liability and oversight
- Breach notification requirements and timelines
- Audit and compliance verification rights
- Data deletion and return procedures
- Incident response protocols and obligations
Ready to discuss your practice's compliance requirements?
Breach Notification
In the unlikely event of a breach, MyDentalPMS is committed to transparent, immediate communication:
Our incident response team investigates all potential breaches, documents findings, and works with your practice to fulfill all regulatory notification obligations.
2026 Compliance Updates
MyDentalPMS stays ahead of evolving regulatory requirements:
- February 2026 NPP Updates: We've implemented all required changes to Notice of Privacy Practices, including enhanced transparency about AI and automation use.
- Upcoming MFA Mandate: CMS and other regulatory bodies are moving toward requiring MFA for all healthcare staff—we're already there.
- Mandatory Encryption Rules: New encryption mandates for cloud-based health data are already built into our infrastructure.
Get Started Today
Your patients deserve a practice management system that takes security as seriously as they do. MyDentalPMS provides the compliance foundation your practice needs to focus on patient care.
For specific compliance questions or to request additional documentation: