Skip to main content
Toggle Menu of ADA WebSites
ADA Websites
Toggle Search Area
Toggle Menu
e-mail Print Share

ADA offers tips on preparing for possible HIPAA audit

August 08, 2016

By Kelly Soderlund

The ADA Center for Professional Success has tips to help dental practices who may be faced with an audit from the federal government to determine whether they are complying with the Health Insurance Portability and Accountability Act Privacy, Security and Breach Notification Rules.

The U.S. Department of Health and Human Services Office for Civil Rights has sent emails to selected covered entities that will be included in phase two of its Health Insurance Portability and Accountability Act audit program. The emails are from OCR suggests monitoring spam folders for messages from this address.

The audits will examine selected covered entities' compliance with HIPAA's Privacy, Security, and Breach Notification Rules, with a focus on the Notice of Privacy Practices, patients' right of access, the timeliness and content of breach notification, and the security risk analysis and risk management processes.

The Center for Professional Success offers nine tips to help dental practices be prepared for the possibility of an audit. The tips include:

  • Watch for an email from the Office for Civil Rights.
  • Practice filling out the Office for Civil Rights' pre-audit screening questionnaire.
  • Review your HIPAA compliance documents and update as appropriate.
  • List your business associates and make sure you have a compliant agreement with each.
  • Review the government's HIPAA audit protocol.
  • Make sure your HIPAA security risk analysis really is a HIPAA security risk analysis.
  • Read about the audit program on the Office for Civil Rights website.
  • Do a mock audit.
  • Work hard, but don't panic.
The tips are available at

For more information on the audits, visit