The ACP has put together the following resources to help members understand and comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Administrative Simplification rules, including the Omnibus, Breach Notification, and the Enforcement Rules. Manuals can be used for practice assessments, as a framework for staff training, customizable forms and checklists, as well as for background information and reference.
HIPAA and Administrative Simplification Overview
- HIPAA Summary
- HITECH General Information –
- In the Omnibus rule published January 2013, HHS implemented a number of provisions of the HITECH Act to strengthen the privacy and security protections for health information established under HIPAA.
- Are You a Covered Entity?
- HIPAA and ACA Key Dates
- HIPAA Training Materials
The HIPAA Privacy Rule requires safeguards to protect the privacy of personal health information. These resources help physician practices comply with the rules.
- Privacy manual (September 2013) (members only)
- Communicating with Patient Family, Friends, and Caregivers
- Model Notice of Privacy Practices – This model NPP, developed collaboratively by the Office of the National Coordinator of HIT (ONC) and the Office of Civil Rights (OCR), is customizable in three different formats.
- Business Associate Agreements
- HIPAA Privacy Forms in Spanish (members only) (coming soon)
Security Rules require practices to protect all patient information that is stored, received, or transmitted electronically.
- Security Manual (September 2013) (members only)
- Security Risk Assessment
- Security Rule Training Games. These two security training modules use an interactive game format to understand privacy and security challenges often faced in a typical small medical practice. The games address Cybersecurity and Contingency Planning.
- Top 10 Myths of Security Risk Analysis
The HITECH Breach Notification Rule requires HIPAA-covered entities to notify HHS of a breach of unsecured protected health information.
- Breach Notification Regulations – The Office of Civil Rights is responsible for enforcing this rule. This page has information on
- Breach Notification Guide (members only) - This guide provides everything you need to do in the event of a breach of unsecured protected health information (PHI) within your practice.
Links to other HIPAA and Administrative Simplification Resources
The following resources offered by other reputable organizations offer some additional information and alternatives to those included above.
- Electronic Funds Transfer (EFT) and Electronic Remittance Advice (ERA) Rules
- EFT General Information
- EFT Tool - Providers can now enroll in electronic funds transfer (EFT) with multiple payers simultaneously through this single, secure, online, FREE, process available from CAQH.
- AMA Resources
- MGMA Resources
- HIMSS Resources
- WEDI Resources
- CMS – Resources related to Administrative Simplification, including the published rules themselves.
- Office of Civil Rights – Resources related to enforcement of Privacy, Security, and Breach Notification as well as complaint processes.
These information pages from the Office of Civil Rights (OCR) and the Centers for Medicare and Medicaid Services (CMS) offer well organized web pages, including easily searchable FAQs, regarding all parts of HIPAA.
Multimedia Learning Resources
More Related Links:
- ACP Internist Practice Resources
- Where We Stand: Issues of Advocacy
- Council of Early Career Physicians
ACP's Special Interest Groups
Connect with other ACP members through these members-only groups that promote community and networking through lively online discussions. Current groups include ACOs/New Practice Models, Emerging Technology, and more.
ACP Clinical Shorts
Expert Education on Your Schedule
Short videos deliver highly focused answers to challenging clinical situations seen in practice and are a terrific way to earn CME credit on-the-go. See more.
New: Free Modules from ACP Practice Advisor!
Keep your practice moving in the right direction. ACP Practice Advisor is offering four modules that you and your staff can try for free. Get to know the premier online practice management tool at no risk. Explore the modules.