Healthcare

HIPAA Compliance for a Growing Dental Practice

A 3-location dental practice needed to establish a HIPAA compliance program from scratch before an insurance audit deadline.

The Challenge

The practice had grown from a single office to three locations in two years but had never conducted a formal Security Risk Assessment. An insurance carrier notified them that proof of HIPAA compliance was required for renewal. They had no written policies, no staff training records, and no documentation of how patient data was protected across their EHR system, email, and cloud backups.

Services Used

HIPAA Compliance ConsultingHIPAA Security Risk AssessmentHealthcare Staff Training

Our Approach

  1. 1

    Conducted a full HIPAA Security Risk Assessment across all three locations, inventorying every system that stores or transmits ePHI.

  2. 2

    Identified 23 gaps including unencrypted email containing patient data, shared login credentials on workstations, and no Business Associate Agreements with two cloud vendors.

  3. 3

    Developed a complete policy and procedure manual covering the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

  4. 4

    Drafted and executed Business Associate Agreements with all third-party vendors handling patient data.

  5. 5

    Delivered 90-minute HIPAA training sessions to all 28 staff members across the three offices, with role-specific modules for front desk, clinical, and administrative staff.

  6. 6

    Produced an audit-ready compliance package including the SRA report, policies, BAAs, and training certificates.

Results

23

Compliance Gaps Closed

28

Staff Trained

Passed

Insurance Audit

5 weeks

Time to Complete

We went from having zero documentation to passing our insurance audit with a complete compliance package. The staff training was practical and our team actually understood why it matters — not just another checkbox exercise.

Healthcare Client

HIPAAhealthcarecompliancerisk assessmentstaff training
Start Your Project