Among the key changes doctors must make for the Sept. 23 deadline are new agreements with business associates that handle patient information and privacy notices to share with patients and increased security measures for patient data.
Physicians can turn to the AMA’s free toolkit for initial guidance in meeting the new requirements. The toolkit offers practical resources physicians can begin using in their practices:
- A physician primer provides an easy-to-understand breakdown of the revised rules to help physicians review and update their existing HIPAA policies and procedures.
- A template business associate agreement and a notice of privacy practices are ready for adoption in the practice.
- A HIPAA security resource explains how to encrypt patient data.
The U.S. Department of Health and Human Services issued the 563-page HIPAA omnibus rule in January, revising and extending required safeguards for protected health information and expanding individual rights of patients. The updated law also tightens requirements on physicians when patient information is breached. As a result, physician practices could face more legal scrutiny and higher fines in the event of an information breach.