Review Your HIPAA Security Risk Assessment

Apr 30, 2026
With an announcement expected this May about significant changes to the HIPAA Security Rule, it’s a good time for WSDA members to take stock of their offices’ HIPAA and overall compliance practices. We suggest dentists start by reviewing what our team consistently finds to be one of the most common HIPAA compliance gaps — the Security Risk Assessment (SRA).

With an announcement expected this May about significant changes to the HIPAA Security Rule, it’s a good time for WSDA members to take stock of their offices’ HIPAA and overall compliance practices. We suggest dentists start by reviewing what our team consistently finds to be one of the most common HIPAA compliance gaps — the Security Risk Assessment (SRA).

Please read below and share this information with anyone in your office who manages HIPAA compliance.

What is the SRA Requirement?

HIPAA requires covered entities to conduct a periodic risk assessment of their electronic protected health information (45 CFR §164.308(a)(1)). Offices may unintentionally fall behind not by skipping the SRA requirement entirely, but by treating it as a one-time activity rather than an ongoing process.

A proper SRA should reflect how your practice actually operates today:

  • The technology you use
  • How data moves through your office
  • Who has access
  • Where the gaps are

If your last SRA didn’t address these items — or if it has been more than 12 months — it is time to revisit it.

How WSDA Can Help

Contact Our Team

WSDA’s expert regulatory and compliance staff can talk with you or your team to:

  • Answer HIPAA and other compliance questions.
  • Help review whether your office’s SRA meets current and future HIPAA requirements.
  • Provide advice on how to address any compliance gaps that leave you at risk.

Email info@wsda.org or meet with our team in person:

  • April 30-May 1 at INDC in Spokane
  • May 28-30 at PNDC 2026 in Seattle

Use WSDA's Compliance Service

Go a step further and make the switch to ComplyBetter, WSDA’s online service for HIPAA, OSHA/WISHA and infection control compliance.

ComplyBetter

ComplyBetter offers all the tools you need to update your SRA and more — online, on-demand, and at a competitive WSDA member price with no hidden charges or extra update fees (even better, ComplyBetter comes with a price lock guarantee through 2028!).

Our team is here to provide a proactive, member-focused compliance experience that has you confident and prepared if an inspector ever walks through your door.

Learn more at complybetter.com.