The KDA was recently made aware that several of our members have received calls from various companies regarding mandatory HIPAA Risk Assessments. 

Although it is quite unlikely in the state of Kansas that a HIPAA audit will be conducted on any dental office, the American Dental Association (ADA) and U.S. Department of Health and Human Services (HHS) offer some helpful information to make sure healthcare providers are in compliance.

Risk analysis is one of four required implementation specifications that provide instructions to implement the Security Management Process standard. 45 CFR § 164.308(a)(1) requires organizations to “[i]mplement policies and procedures to prevent, detect, contain, and correct security violations.”

According to HHS, “There are numerous methods of performing risk analysis and there is no single method or ‘best practice’ that guarantees compliance with the Security Rule.”

HHS has provided this manual on HIPAA Risk Analysis Requirements.

The ADA has published several HIPAA manuals, and provided other free information for the dental practice:

HIPAA Privacy and Security Video
HIPAA Audit Check List
HIPAA Compliance Kit or HIPAA/OSHA Compliance Kit
HIPAA Breach Notification Rule – Flowchart/Glossary of Terms
Sample Breach Notification Risk Assessment Worksheet
Natural Disasters and HIPAA Breach Notification Rule
Sample HIPAA Risk Assessment Worksheets for Dental Practices

For further questions, please call the KDA office at 785-272-7360 or email kylie@ksdental.org.