Purpose:
Referral forms can encourage both patient referrals and doctor referrals to your dental practice by making it easy to submit information online.



HIPAA Considerations to Be Aware Of

Referral forms can raise HIPAA compliance concerns, depending on who is submitting the form and where the information is sent.

When a Patient Fills Out Their Own Information

If a patient is submitting their own information, they are voluntarily choosing to send their personal details over the internet. Because the individual is sharing their own data, the compliance risk is generally lower.

When Someone Submits Information About Another Person

If a patient refers a friend, or a doctor submits information about a patient, the form may include protected health information about someone else. If that form is delivered to an unsecured email inbox, it may not be HIPAA compliant.


Important Disclosure on Email & Liability

  • Referral forms typically send submissions via email

  • Email hosting and email security are not services we provide

  • We are not an IT company and do not manage or secure email systems

  • Because of this, we cannot be held liable for HIPAA compliance related to email transmission or storage

If referral form submissions are sent to an unsecured inbox, the practice may be operating outside of compliance.


Best Practice Recommendation

  • Limit the information collected to the minimum necessary

  • Avoid requesting sensitive medical details

  • Consult your IT or HIPAA compliance provider if secure transmission is required

We’re happy to build and place the referral form, but compliance responsibility ultimately rests with the practice.