
HIPAA
The Center for Practice Improvement and Innovation (CPII) has collected the following resources to help member practices comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
![]() | Test your knowledge of common privacy and security issues with this fun, interactive game from HHS. |
ACP Resources
The following resources can be used in physician practices to help implement compliance with all parts of the HIPAA Administrative Simplification rules. Manuals can be used for practice risk assessments, as a framework for staff training, customizable forms and checklists, as well as for background information.
HIPAA Privacy Manual
There are many resources currently available that address HIPAA and how it will affect healthcare. However, few address the regulation as it directly relates to medical practices. This manual is written specifically for medical practices and includes tools, templates, and office forms. This manual is available only to ACP Members and requires a log in. Download the Manual
HIPAA Security Rule Manual
There are many resources currently available that address HIPAA Security and how it will affect healthcare. However, few address HIPAA Security as it directly relates to medical practices. This manual is written specifically for small medical practices and includes tools, templates, and office forms. This Manual is only available to ACP members and requires a login. Download the Manual
Breach and Notification Rules
A step by step guide on what to do in tthe event of a breach of unsecured protected health information (PHI) within your practice. This Guide in only available to ACP members and requires a login. Download the Guide
.Administrative Simplification Rules
Privacy
The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. Learn More
Security
The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. Learn More
Transaction Code Sets
The Standards for Electronic Transactions and Code Sets adopted standards for several transactions, including claims and encounter information, payment and remittance advice, and claims status Any health care provider that conducts a standard transaction also must comply with the Privacy Rule. Learn More
Identifier Standards for Employers and Providers
HIPAA requires that health care providers and employers have standard national numbers that identify them on standard transactions. Learn More
Breach Notification
The Health Information Technology for Economic and Clinical Health (HITECH) Act requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. Learn More
Electronic Funds Transfer and Electronic Remittance Advice Rule
Understand the new operating rules that HHS believes will increase the use of electronic claims payments by physician practices and other healthcare providers and thus, reduce the burden, cost and time to receive these insurance claim payments. Learn More
Government Links
These resources from the Office of Civil Rights (OCR), the Department of Health and Human Services (HHS), and the Centers for Medicare and Medicaid Services (CMS) are web sites and documents regarding all parts of HIPAA.
- HIPAA General Information
- Privacy and Security Standards
- Guide to Privacy and Security of Health Information
This ONC instructional guide is designed to help practices understand the important role privacy and security play in the use of electronic health records (EHRs) and Meaningful Use. - Communicating with Patient Family, Friends, and Caregivers
This guide explains when a health care provider is allowed to share a patient’s health information with the patient’s family members, friends, or others identified by the patient as involved in the patient’s care under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. - Case Examples and Resoultion Information
HHS has developed examples to illustrate how covered entities can effectively comply with the requirements of the Privacy and Security Rules. - Health Information Privacy and Security Enforcement
- Enforcement
- Breach and Notification Rules
Links to other HIPAA Resources
Can't find what you need? Contact the CPII (login required).
Multimedia Learning Resources
More Related Links:
Introducing ACP Clinical Shorts - Expert Education on Your Schedule
![]() |
|
10-minute videos give you answers to challenging clinical dilemmas seen in practice and are a terrific way to earn CME credit on-the-go. See more. |
ACP JournalWise: Reviews of the World's Top Medical Journals-FREE to ACP Members!
ACP JournalWise is mobile optimized with optional email alerts! Get access to reviews from over 120 of the world's top medical journals alerting you to the highest quality, most clinically relevant new articles based on your preferred areas of specialty. ACP Members register your FREE account now! |


