Facebook, Equifax, Target, Panera Bread, Home Depot... the list goes on and on and on. Data breaches and privacy issues dominate headlines more often than political scandals or celebrity gossip. Ironically, with nearly unlimited resources and multimillion-dollar IT budgets, these corporations have proven that no organization can implement an ironclad IT network.
Enterprise-level organizations aren't the only companies in the crosshairs of cyber criminals. The American Medical Association notes that 83% of physicians have experienced a cyberattack of some type. With protected health information commanding top dollar on the black market, regardless of how large or small you may feel your practice might be, it is a matter of when and not if your cybersecurity and HIPAA compliance programs will be called into action. 
That's right. When your practice experiences a data breach, you must provide vital documentation to comply with state and federal laws. The caveat here is that should you decide to wait until a cyber incident occurs, you likely are too late to comply.

The Office for Civil Rights (OCR) requires proper HIPAA compliance programs that also address cybersecurity to be implemented proactively and documented appropriately before, not after, a breach has taken place. OCR has been very forthcoming in recent months highlighting the need for medical businesses of all sizes including dental practices to abide by HIPAA privacy and security rules.
https://www.continualcompliance.com
All Rights Reserved