HIPPA Rule Changes. How do they affect your practice?

July 22nd, 2013

Earlier this year, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the final rule that implements a number of provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act which were part of the American Recovery and Reinvestment Act (ARRA) of 2009, which strengthen the privacy and security protections for health information which were originally established under the Health Insurance Portability and Accountability Act (HIPAA) of 1996 (

The final Omnibus Rule becomes effective on March 26, 2013. Covered entities and Business Associates of all sizes will have 180 days beyond the effective date of the final rule to come into compliance with most of the final rule’s provisions,including the modifications to the Breach Notification Rule and the
changes to the HIPAA Privacy Rule under Genetic Information Nondiscrimination Act (GINA).  The deadline as you can guess
from the picture is September 22nd, 2013;  180 days from the rule effective date.

WOW!!!  That is truly a mouthful of information all in a single sentence…..

What does that mean to your practice?

Do you understand that provisions apply to you?

Do you know what you and your practice should be doing about it?

Medicus Solutions is compiling information for our clients to educate you on what you need to be doing and to help you manage risk within your practice.  Over the next eight (8) weeks to the compliance date, we will be sending out an email weekly with items to address.

Additionally we are rolling out two (2) new programs to our healthcare clients; Medi-HIPAA-Pack1 and Medi-HIPAA-Pack2.  We will be sending more details about these two packages out to clients over the next couple of weeks.  A sneak preview of Medi-HIPAA-Pack1 is that it will be included at no additional charge to all clients who are on a full Medicus Practice++ Support agreement and will assist with meeting requirements for many of the mandatory items.  If you are not a current Medicus Practice++ Support Customer, please click here to contact us today

 risk  What can we do in the mean time?

Ensure you have a current HIPAA BAA in place with vendors who may come in contact with ePHI and that you complete your required due diligence in ensuring they are meeting the requirements.

Stay tuned for more details in the upcoming weeks!