HIPAA/HITECH Rule now requires that security become the focus for all covered entities. Private practices that use any form of technology are considered "covered entities" Security is not an area to ignore, but it does not have to be cost prohibitive. The fines and penalties for a dental practice could be devastating. It is not "if" you will have a breach, but "when" you will have a breach. The goal of the regulation is to minimize the size and implication of that breach. And the financial impact that it will have on your practice.