// breach.compliance / dental
For general and specialty dental practices. The Dental Complete Suite ($499) stacks dental-specific HIPAA documents, a 10-state regulatory reference, and operational compliance tools onto the universal $199 Quick-Start. The Master Bundle ($999) adds hands-on implementation support.
// complete.suite.contents
Ten artifacts: five dental specialty documents, one state regulatory reference table covering ten high-volume states, and four operational compliance tools. Every artifact ships with a paired self-verification report mapping content to primary regulatory sources with honest confidence labels.
// dental specialty
Integrated clinical informed consent for sedation dentistry with four HIPAA-specific authorizations (recording, family-disclosure-during-sedation, emergency disclosure, post-procedure communication preferences). Supports all 6 AAOMS sedation tiers from N2O to general anesthesia.
// dental specialty
Per ยง164.508 authorization framework for dental imaging. Covers x-ray, CBCT, intraoral and full-face photographs, 3D scans, and before/after photos. Four granular non-standard-use authorization scenarios with separate yes/no/de-identified options.
// dental specialty
Operationalizes retention across the entire HIPAA documentation universe. 8-category ร 2-patient-type retention matrix (adult vs minor). Storage security, destruction with NIST SP 800-88 references, practice-transition procedures, and BAA requirements for off-site storage and destruction vendors.
// dental specialty
Attaches to the Imaging Privacy form for practices using cone-beam CT. ALARA principle statement, 8-indication clinical checkbox, pediatric Image Gently protocol, pregnancy defer-or-shield language, ADA / AAOMR / FDA dose comparison table. State radiation safety officer placeholder section.
// dental specialty
State-by-state matrix for the 13 all-party-consent recording states (CA, CT, FL, IL, MD, MA, MI, MT, NV, NH, OR, PA, WA). Federal 18 USC ยง2511 baseline, per-state penalty tiers, patient consent form, pre-recording verbal script, storage and access policy, telehealth cross-state guidance.
// reference
Three-table regulatory digest across 10 high-volume states: sedation permit requirements per modality, recording statute digest, and records retention minimums. Each row presents citation, statute text excerpt, and last-verified date with per-cell fetch-status labels. Not legal advice; reference only.
// operational
Fillable ยง164.308(a)(1)(ii)(A) annual self-assessment. ePHI inventory, 10-threat identification matrix, vulnerability assessment across all five safeguard categories, 3ร3 likelihood-impact risk grid, mitigation plan tracker, sign-off block. Methodology aligned with NIST SP 800-30 Rev. 1.
// operational
Editable 26-slide PowerPoint for the ยง164.530(b)(1) annual training requirement. PHI definitions, TPO disclosures, Minimum Necessary, breach reporting, workstation and device security, social engineering, sanctions, OCR enforcement examples, knowledge check, sign-off slide for the practice's training records.
// operational
Landscape flowchart walking the ยงยง164.402-164.414 assessment in plain decision-tree form. Four-factor low-probability-of-compromise framework, individual / media / HHS notification thresholds, BA notification chain, law enforcement delay. Companion narrative reference and fillable incident-documentation worksheet.
// operational
Four-sheet Excel template for ยง164.502(e) Business Associate Agreement administration. 20-column tracker with dropdown validation and five example vendor rows, BAA-required-vs-conduit-exception guidance, risk tier definitions, common vendor categories needing BAAs. Companion usage guide PDF.
Quick-Start tier ($199): HIPAA-ready foundation for solo dental practices โ NPP, BAA, intake/sanctions/training overlays, audit checklist. Instant PDF download. See pricing tiers below.
// pick.your.tier
Quick-Start is the HIPAA-ready foundation for any solo dental practice. The Complete Suite layers on dental specialty documents, a state reference table, and operational compliance tools. The Master Bundle adds a risk assessment workbook, vendor BAA tracker, decision tree, and a 30-min onboarding call.
// dental.faq
Does this work for an oral surgeon doing general anesthesia, or just general dentists with N2O?
Both. The Sedation Consent & HIPAA Authorization document supports all six AAOMS-recognized sedation modalities (local only, N2O, oral conscious, IV moderate, deep sedation, general anesthesia). General dentists check the modality they actually use; oral surgeons doing GA use the same form. Advanced Suite includes state-board permit number language for jurisdictions that require it on the consent.
Is the Imaging Privacy form just for x-rays, or does it cover the 3D scans we use for Invisalign?
Covers everything: intraoral x-rays, panoramic, CBCT, intraoral photos, full-face/smile photos, 3D intraoral scans for clear aligners, and before/after treatment photos. The ยง164.508 authorization framework lets the patient consent (or decline) granularly per use case โ marketing, before/after publication, professional education, IRB research.
My state requires a longer dental records retention than the federal HIPAA 6-year floor. Does the Records Retention Policy handle that?
The Quick-Start Records Retention Policy uses conservative defaults (7-10 years depending on record category) that meet or exceed federal HIPAA and most state minimums. The Policy includes an alert box explicitly directing the buyer to verify state-specific overlays before adoption. The Advanced Suite version includes the actual state statute citation for the buyer's state pre-filled.
We use Dentrix. Does the Advanced Suite tier include Dentrix-specific instructions?
Yes. The Advanced Suite includes EHR-vendor-specific deployment guides for Dentrix, Eaglesoft, Open Dental, Curve Dental, and Carestream โ covering psychotherapy-notes-equivalent separation for sensitive clinical commentary, sedation consent attachment workflows, and imaging metadata redaction for marketing-use exports.
Real human responds within one business day. We're a templates vendor, not a compliance consultancy โ we're not going to charge you for a discovery call.