GuardWell Compliance

North Dakota Healthcare Compliance Requirements

State-specific breach notification rules, medical records retention periods, PDMP requirements, and mandatory reporting obligations for medical practices operating in North Dakota.

Expedient notification10-year retentionND PMP

Breach Notification Rules

Notification deadline

Most expedient time possible

Notification must be made in the most expedient time possible and without unreasonable delay. AG must be notified if 250+ North Dakota residents affected.

AG notification threshold

250+ affected individuals

Notify: AG

Harm analysis required

Yes — breach presumed unless risk assessment shows low probability of compromise

Penalty range

Up to $5,000 per violation

Comparable to federal HIPAA
View statute

Medical Records Retention

Record typeRetention periodMeasured from
General medical10 yearsDischarge

PDMP Requirements — ND PMP

Check required

All controlled substances

Check frequency

Every prescription

Delegation allowed

Yes — authorized staff can check on provider's behalf

Penalty range

Licensing board discipline; civil penalties up to $1,000 per violation

Exemptions

Hospice patients, cancer treatment, ≤3 day supply in ER, inpatient hospital or long-term care administration

Register for ND PMP

Mandatory Reporting Obligations

Mandated reporters

Physicians, nurses, dentists, psychologists, social workers, and all healthcare professionals

Report to

Department of Human Services, Child Protective Services, or local law enforcement

Timeline

Immediately / as soon as possible

Penalty for failure

Class B misdemeanor

Immunity provision

Good faith reporters immune from civil and criminal liability under NDCC 50-25.1-10

Mandated reporters

Physicians, nurses, and all healthcare professionals

Report to

Department of Human Services, Adult Protective Services

Timeline

Immediately / as soon as possible

Penalty for failure

Class B misdemeanor

Immunity provision

Good faith reporters immune from civil and criminal liability

Mandated reporters

Healthcare providers treating injuries from suspected criminal acts or domestic violence

Report to

Local law enforcement

Timeline

Immediately / as soon as possible

Immunity provision

Good faith reporters immune from civil liability

Mandated reporters

Physicians, laboratories, and healthcare facility administrators

Report to

North Dakota Department of Health, Division of Disease Control

Timeline

Within 24 hours

Penalty for failure

Class B misdemeanor

Immunity provision

Good faith reporters immune from civil liability

Mandated reporters

All healthcare providers treating gunshot wounds

Report to

Local law enforcement

Timeline

Immediately / as soon as possible

Penalty for failure

Class B misdemeanor

Immunity provision

Good faith reporters immune from civil and criminal liability

Guides & Articles

HIPAA

HIPAA Compliance Checklist for Small Medical Practices in 2026

OSHA

OSHA Requirements for Medical Offices: A Complete Guide

HIPAA

HIPAA Breach Notification: Rules, Timelines, and Penalties

Training

How to Build a Healthcare Compliance Training Program

Stay compliant in North Dakota

GuardWell tracks North Dakota-specific breach deadlines, PDMP requirements, retention periods, and mandatory reporting obligations automatically.

Free compliance scoreSee a demo

View all state compliance guides HIPAA Compliance OSHA Compliance DEA Compliance

GuardWell

Healthcare Compliance Assistant

Hi! I'm GuardWell's sales assistant.

I can answer questions about our healthcare compliance platform, pricing, and features. How can I help?

Powered by GuardWell AI