by: ASRM Office of Public Affairs
Published in ASRM Bulletin Volume 15, Number 28
The AMA has created a toolkit to help physicians navigate the sweeping new revisions to the federal privacy and security rules for health information that go into effect on Sept. 23, 2013. The Department of Health and Human Services issued a final rule in January that revises and extends required safeguards for protected health information established under the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
Among the key changes doctors must make for the Sept. 23 deadline are new agreements with business associates that handle patient information and privacy notices to share with patients and increased security measures for patient data. The updated law also tightens requirements on physicians when patient information is breached. As a result, physician practices could face more legal scrutiny and higher fines in the event of an information breach.
The toolkit is available at www.ama-assn.org/go/hipaa
The toolkit offers practical resources physicians can begin using in their practices:
- A physician primer provides an easy-to-understand breakdown of the revised rules to help physicians review and update their existing HIPAA policies and procedures.
- A template business associate agreement and a notice of privacy practices are ready for adoption in the practice.
- A HIPAA security resource explains how to encrypt patient data.
The ASRM Bulletin is published by ASRM's Office of Public Affairs to inform Society members of important recent developments. Republication or any other use of the contents of the Bulletin without permission is prohibited. To request permission to quote or excerpt material from the Bulletin, contact Sean Tipton at