DreamHost is not a HIPAA compliant hosting provider. (Indeed, it’s unclear that it’s even possible for any shared hosting provider to be compliant, let alone to provide hands-on support to customers hosting health data.) As such, it should not be necessary to perform any scans for this purpose.
PCI scans are acceptable. Note that we recommend that customers contact us in advance of any scans being run, as it’s possible that some aggressive scans may trigger automatic IP blocks against the scan provider.