top of page

Free HIPAA IT Risk Assessment for Dental & Medical Practices

Most practices we speak with have at least three significant IT or compliance gaps they don't know about. This assessment identifies exactly where your practice is exposed — and what to do about it. Complimentary, no obligation, no sales pressure.

HIPAA Assessment Main Image.png

Here's What's Included

A Skyline Technology advisor will review your responses and deliver a written summary covering:

Your current security posture across devices, network, and email

HIPAA compliance gaps and what's required to close them

Backup and disaster recovery vulnerabilities

Access control and authentication weaknesses

Prioritized recommendations with clear next steps

Turnaround: You'll receive your written summary within one business day of submitting the form.

Request Your Assessment

Fill out the form below and we'll be in touch within one business day to schedule your assessment or send you the evaluation form directly. Takes about 5 minutes to complete.

SECTION 1 — Access & Authentication

Do all staff use unique usernames and passwords (no shared logins)?
Yes
No
Unsure
Is multi-factor authentication (MFA) enabled for email and remote access?
Yes
No
Unsure
Are terminated employees removed from all systems within 24 hours?
Yes
No
Unsure
Do you have a formal process for granting and revoking system access?
Yes
No
Unsure
Are privileged/admin accounts limited to only those who require them?
Yes
No
Unsure

SECTION 2 — Device & Endpoint Security

Are all computers protected by antivirus/endpoint detection software?
Yes
No
Unsure
Are operating systems and software updated and patched regularly?
Yes
No
Unsure
Are mobile devices (phones, tablets) enrolled in a device management system?
Yes
No
Unsure
Is encryption enabled on all laptops and portable devices?
Yes
No
Unsure
Are workstations set to automatically lock after a period of inactivity?
Yes
No
Unsure

SECTION 3 — Data Protection & Backup

Is patient data (ePHI) backed up daily to a secure, offsite or cloud location?
Yes
No
Unsure
Have you tested your backup restoration process in the past 12 months?
Yes
No
Unsure
Is your backup encrypted and access-controlled?
Yes
No
Unsure
Do you have a documented disaster recovery plan in place?
Yes
No
Unsure
Is patient data stored on encrypted servers or cloud platforms?
Yes
No
Unsure

SECTION 4 — Network & Email Security

Is your office Wi-Fi network segregated from your clinical systems?
Yes
No
Unsure
Do you have a next-generation firewall actively monitored?
Yes
No
Unsure
Is email filtered for phishing, malware, and spam?
Yes
No
Unsure
Do you have DNS filtering to block malicious websites?
Yes
No
Unsure
Are remote access connections secured via VPN or zero-trust tools?
Yes
No
Unsure

SECTION 5 — HIPAA Compliance & Training

Has your practice completed a formal HIPAA Risk Analysis in the past 12 months?
Yes
No
Unsure
Do you have signed Business Associate Agreements (BAAs) with all vendors?
Yes
No
Unsure
Are staff trained on HIPAA and cybersecurity awareness annually?
Yes
No
Unsure
Do you have a documented Incident Response Plan for a breach?
Yes
No
Unsure
Are you able to produce HIPAA compliance documentation if audited?
Yes
No
Unsure

SECTION 6 — Vendor & Third-Party Risk

Do you know which third-party vendors have access to patient data?
Yes
No
Unsure
Are vendor access permissions reviewed and documented?
Yes
No
Unsure
Does your IT provider carry cyber liability insurance?
Yes
No
Unsure
Do you carry your own cyber liability insurance policy?
Yes
No
Unsure
Has your practice ever experienced a data breach or ransomware attack?
Yes
No
Unsure

Your information is never shared or sold. By submitting this form you agree to be contacted by Skyline Technology regarding your assessment request.

Why Practices Trust Skyline Technology

We exclusively serve dental and medical practices across Palm Beach Gardens, Jupiter, Stuart, and Port St. Lucie. Every assessment is conducted by a local advisor who understands your software, your compliance environment, and your operational reality — not a remote call center reading from a checklist.

bottom of page