EHR and practice management for mental / behavioral health
PIMSY mental health EHR Rebecca Morehead

Countdown to Compliance

by Rebecca Morehead, 9.8.13

The January 17, 2013 release of the HIPAA Omnibus Rule ushered in several important changes to the privacy and security requirements and gave medical practices until September 23, 2013 to meet those requirements. Today, I’d like to focus on the requirement for covered entities to have updated privacy policies as a part of their compliance plans. Many practices that I am talking with are just now realizing that they need to revise their privacy policies and associated forms in order to meet the Omnibus requirements.

The specific updates required involve the following areas:

  1. New breach notification standard
  2. Changes to the marketing and sale of PHI
  3. Disclosure of decedents’ PHI
  4. Allowable disclosures to schools (e.g., proof of immunizations)
  5. Patients’ right to limit disclosures when payment is made out of pocket
  6. Patient requests for electronic copies of medical records

We recognize that this can be an overwhelming responsibility particularly when it is added to the everyday tasks of seeing patients, running your medical practice and keeping on top of the ever-changing governmental rules and regulations.

Practice Manager Solutions has a solution for you. We have a set of Privacy Policies which includes updated forms, policies and templates that you can use as a solid starting point and customize for your specific needs.  

And, just like the security policies, documentation is not enough; they must also be implemented and your staff trained on the new policies in order to meet the Omnibus Rule requirements.

Once updated, your Notice of Privacy Practices (NPP) must be made available to existing patients when they request a copy or provided automatically to any new patient. The NPP should also be posted in your office and on your website. 

Guest blogger and PIMSY Advisory Board member Rebecca Morehead is a Practice Manager Strategist with over 20 years of experience in medical practice management, EMR implementation, MSO Business Management, Medical Billing and Meaningful Use Support. She is the founder of Practice Manager Solutions and host of a podcast radio program that offers Practice Managers solid ideas for navigating management of their busy practices.


Kudos from Clients

Seth H.

“PIMSY more than pays for itself by streamlining my office, improving efficiency and reducing billing times. I would recommend PIMSY to anyone looking for a good EMR company that will help you implement its program and help you with any questions you have along the way.”

~ Seth H., Business Owner