HIPAA Risk Assessment What is your HIPAA compliance score? You will receive a copy of your results and score via email. "*" indicates required fields Name of Practice PhoneContact Person First Last Email Do you have documentation of staff annual HIPAA training?* No Don't Know Yes Training of new hires before granting computer access to information?* Yes Don't Know No Does your team understand what the “minimum necessary” Protected Health Information (PHI) is to carry out their job functions?* Don't Know Yes No Is that delineated, or at least addressed, in their job description?* Don't Know No Yes Have you updated your HIPAA Business Associate Agreements to include the HITECH Act provisions?* Don't Know No Yes Have your privacy AND security policies been updated to include provisions of the HITECH Act and the Final Omnibus Rule?* Yes No Don't Know Are your Business Associates and their subcontractors aware of their legal resonsibility under the law?* Yes No Don't Know Did you update your Notice of Privacy Practices to include the 2013 Final Omnibus changes?* Yes Don't Know No Was it re-distributed to your patients? The guidelines require that you do so when there are substantive changes.* Yes Don't Know No Do you conduct the required Security & Risk Assessments to identity potential risks and vulnerabilities to PHI on an annual basis or more frequently if there are changes?* Yes Don't Know No Do you have the required written risk management, incident response and contingency plans? Do you have documentation that those plans have been updated annually or more frequently as needed?* Don't Know No Yes Do you validate media destruction or sanitization when destroying PHI such as old hard drives, flash drives, memory on copy machines or paper records, etc.?* No Don't Know Yes Have you appointed a Security Officer as well as a Privacy Officer and have job descriptions for both?* Don't Know No Yes Do you email PHI to patients or referring dentists/physicians?* No Yes Don't Know Are those emails encrypted or do you have patient permission to send PHI in an unencrypted format?* Don't Know Yes No Would you like someone from our office to call regarding your assessment?* Yes Don't Know No PhoneThis field is for validation purposes and should be left unchanged.