Changing HIPAA Regulations Hub

Welcome to the most active regulatory environment we have ever seen! As the Office for Civil Rights (OCR) works to rapidly update HIPAA and other privacy and security regulations, as well as increase enforcement, it has become more important than ever to keep up with changing regulations! At HIPAAtrek, our compliance experts track these changes, so you don’t have to.

Why Does HIPAA Change?

HIPAA changes are inevitable as the world—and especially the storage and sharing of Protected Health Information (PHI)—changes. Privacy and security regulations may be updated for a number of reasons, including keeping up with changing technology, strengthening enforcement standards, and clarifying specific civil rights.

The adoption of telehealth, the use of smartphones in clinical settings, and the digital transmission of ePHI all impact regulations. As technology changes and Healthcare is the number one industry targeted by cyberattacks, regulations must adapt to protect patient data from new and growing threats.

Additionally, the OCR works to clarify and expand patient rights and PHI protections on an ongoing basis. The Proposed Modifications to the HIPAA Privacy Rule, for instance, are designed to strengthen individuals’ rights to access their own health information. Similarly, the Information Blocking was created under the 21st Century CURES Act to protect patient rights to access their own data.

HIPAA changes may also be created in response to the political environment in some states or across the United States. The Reproductive Health NPRM of 2023, which would impact the HIPAA Privacy Rule, is one such example.

Finally, individual states or the OCR may change or create new regulations to clarify or strengthen enforcement standards, giving additional authority to healthcare privacy and security regulations.

Upcoming Regulatory Changes

Privacy Rule 2021 NPRM

The largest change to HIPAA we have ever seen, over 30% of HIPAA will change under this NPRM, impacting BAAs, Policies, and NPPs. Final action anticipated in December 2024.

Learn More About Privacy Rule Changes ⟶

42 CFR Pt 2

With an expanded definition of a lawful holder, the regulations previously impacting only substance use providers will now encompass most healthcare organizations. Published to the Federal Registry Feb 16, 2024.

Learn More About 42 CFR Pt2 ⟶

Health Data, Technology, and Interoperability (HTI-1)

Implements the Electronic Health Record Reporting Program, requirements for IT Certification under the ONC, and enhancements for information sharing.

Effective March 11, 2024.

Privacy Rule Reproductive Health NPRM

A proposed rule change to clarify healthcare privacy rights with regard to reproductive health across states with varying laws. Final action anticipated in March 2024.

HIPAA Security Rule

The first ever change to the HIPAA security rule will be introduced in March 2024 with an anticipated publication date in Q2 2025.

HIPAA Security Rule Cybersecurity NPRM

Will propose modifications to improve cybersecurity in healthcare, with strengthened requirements for safeguarding EPHI under HIPAA. NPRM to be published in September 2024.

Disincentives for Information Blocking

A new provision of the Cures Act outlining disincentives for providers committing Information Blocking, effectively beginning the enforcement of Information Blocking. NPRM published in November 2023.

Non-Discrimination for SUD Patient Records

Outlines anti-discrimination provisions as a part of the Confidentiality of Substance Use Disorder Patient Records Rulemaking. NPRM to be Published in September 2024.

State Regulatory Changes

13 states thus far have enacted comprehensive consumer privacy laws impacting healthcare organizations (with one more coming soon).

How HIPAAtrek Helps with Regulatory Changes

HIPAAtrek was built by HIPAA compliance experts who have been in your shoes, so we know how challenging sweeping changes to HIPAA can be.

That’s why we work diligently to support our clients through changing regulations with:

  • Specific, in-depth training to educate and prepare our clients, with opportunities to ask questions of our HIPAA compliance experts;
  • Updated policy templates, BAA templates, and NPP templates (as applicable) available in HIPAAtrek within 45 days of any major regulatory change;
  • HIPAA training videos within the software will be updated to reflect the current regulations and assist with implementation among your team.

Schedule A Demo

There’s never been a better time to join HIPAAtrek. Register for a demo now and a member of our team will reach out with more information:

Prepare Now for Regulatory Changes

HIPAAtrek includes a personalized roadmap to upcoming regulatory changes as a part of our Privacy Gap Assessment and Security Risk Analysis. Learn more.

Conduct a Risk Analysis

Know where your privacy program stands, so you can build on a strong foundation once the changes are finalized. 

Create an Action Plan

Understand the specifics of these changes, and begin preparations by identifying policies and BAAs that will require updates.

Communicate with Leadership

Create buy-in among the C-suite, sharing your action plan and budget proactively.

Are you up to date with HIPAA?

We made you a free cheat sheet to guide your compliance as regulations change.

Changing Regulations Cheatsheet
Security Icon


Work with the HIPAA Compliance Experts at HIPAAtrek to Mangage Regulatory Changes

The best way to ensure your organization’s compliance in this quickly changing regulatory environment is to begin with an understanding of your current HIPAA compliance. Our Security Risk Analyses and Privacy Gap Assessments specifically include a personalized roadmap to changing regulations, so you can build from a strong foundation, even as regulations change.

In consultation with your team, our in-house compliance experts will:

  • Review your existing privacy or security policies and procedures,
  • Identify gaps and mitigation strategies,
  • Compile our findings into a report for your team, and
  • Build a roadmap to support your team in navigating major regulatory changes.

Get a proactive head start in complying with the updates to HIPAA by working with the experts at HIPAAtrek.

Ready to learn more? Fill out this form and a member of our team will follow up with more details.