The HIPAA Final Omnibus Rule, released in January 2013, significantly impacts how your medical practice can use and disclose your patients' Protected Health Information (PHI). The Omnibus Rule requires you to revise your practice's Notice of Privacy Practices; changes the definition of "business associate"; changes how your practice can use and disclose PHI for different purposes; gives patients greater privacy rights and more rights to access their PHI; and changes how your practice must analyze an improper use or disclosure of PHI to determine if it amounted to a breach of PHI that must be reported. More specifically, the previous breach notification rule did not require providers to report breaches of PHI unless the breach posed a substantial risk of financial, reputational, or other harm to the individual. In contrast, the Omnibus Rule requires providers to report breaches of PHI unless they can demonstrate that there was a low probability that the PHI was compromised. Stricter enforcement of these requirements beginning on September 23rd means that your practice must better monitor staff and physician compliance with HIPAA and update practice policies and processes for protecting the privacy and security of PHI.

In response to the Omnibus Rule, and based on invaluable insight from our Administrator Advisory Board members, Medical Mutual has decided to ease the compliance burden on our insured groups. We retained outside counsel to construct a soup-to-nuts collection of compliance forms, policies, and checklists – a HIPAA Final Rule Guide. From a new compliant Business Associate Agreement to an updated Notice of Privacy Practices, we have an "app" for that! The following guide offers what your practice needs to help prevent most HIPAA violations and to assure that if a breach occurs, you can respond appropriately. This HIPAA Final Rule Guide is exclusively available to Medical Mutual members free of charge.

Please Note: In exchange for the free download of the HIPAA Final Rule Guide, Medical Mutual insured members acknowledge (by logging in with their website username and password) that they will not provide the model forms and policies to any other individuals or entities. We have licensed these materials for copyright and, as such, they may not be shared with third parties (meaning nobody outside of your own practice).