Similar to a second opinion or a financial audit, with HIPAA sensitivity and Identity theft these day, any practice that stores patient data on a computer should have their computer technology infrastructure audited to HIPAA standards.

Not having your practice audited to HIPAA standards is like not having malpractice insurance, like driving without a seat belt...it just does not make sense.

There is no reason to operate your practice, not knowing where your practice stand in relation to the HIPAA Regulations.