When the HIPAA Security Rule arrived in 2005, it required a lot of detailed policies and procedures to protect electronic Protected Health Information (ePHI,) and many HIPAA Covered Entities failed to respond. They got away with it for a long time, but can’t any more.

The HIPAA Omnibus Final Rule released in January, 2013, made significant changes to the Privacy Rule including limitations on the use of patient data for fundraising and marketing; the prohibition of health plans from considering genetic information for underwriting purposes, and the sale of PHI. New Notices of Privacy Practices are required, although providers only have to give them to new patients and are not required to send them out to their entire patient list. Health plans may distribute them in their next annual mailing.

Worry Free Solutions assists with updating an existing Policy and Procedure manual or with creating a new manual for practices that do not have this critical set of documents in place today.

Contact Us About HIPAA Policies and Procedures

  • This field is for validation purposes and should be left unchanged.