The HIPAA Privacy Rule is Changing

Changes are coming to the HIPAA Privacy Rule, and HIPAAtrek is here to help. Bigger than HITECH, bigger than the Omnibus Rule, over 30% of HIPAA is changing, which will impact your entire compliance program, including BAAs, Policies, and NPPs. 

calendar icon


December 2024

These changes were initially due to be finalized in March 2023, but were pushed back, and we now anticipate the updated rule will be published in December 2024.

Question Mark Icon

Why is HIPAA Changing?

The stated reasons for the 2023 Privacy Rule changes include:

  1. Strengthening patient rights to access their own PHI;
  2. Managing information sharing for care coordination and case management;
  3. Family and caregiver involvement for individuals experiencing emergencies and health crises;
  4. Providing guidance for disclosures of PHI to facilitate patient care during an emergency situation, and
  5. Reducing administrative burden.

Learn More at Our HIPAA Compliance Webinars

Past Privacy Rule Webinar

Privacy Rule Changes: What You Need to Know

Learn what’s changing, and how you can prepare.

January 4, 2023

Past webinar: Preparing For Privacy Rule Changes with Software

Preparing for Modifications to the HIPAA Privacy Rule using HIPAA Compliance Software

Create a system for success.

February 1, 2023

HIPAA Privacy Rule Webinar: March 2023

Modifications to the HIPAA Privacy Rule: Your Action Steps and Timeline

Take action and achieve compliance.

March 1, 2023

What is changing under the
new Privacy Rule?

Over 30% of HIPAA is changing, with implications across your compliance program.

New Patient Rights

Patients will now have the right to take recordings or photos of their EPHI.

New BAA Requirements

Business Associates that disclose PHI will need updated BAAs.

New Policies

Plan for the identification, creation, editing, approval, and finalization of new policies.

New NPPs

The NPP itself is changing, as is the requirement to obtain acknowledgement of your NPP.


The larger your organization is, the more staff education and training it will take to change habits, routines, and workflows.

Security Icon

Privacy Rule Consulting

Work with the HIPAA Compliance Experts at HIPAAtrek to manage these changes.

The best way to ensure your organization’s compliance within the timeline allotted by the OCR is to begin with an understanding of your current HIPAA compliance. Our consulting team specifically created the Privacy Gap Assessment in preparation for the proposed modifications to the HIPAA Privacy Rule.

  • Review your existing privacy policies and procedures,
  • Identify gaps and mitigation strategies,
  • Compile our findings into a report for your team, and
  • Build a roadmap to support your team in navigating the changes to the HIPAA Privacy Rule.

Get a proactive head start in complying with the updated Privacy Rule by working with the experts at HIPAAtrek.  

Ready to learn more? Fill out this form and a member of our team will follow up with more details. 

Prepare Now for Privacy Rule Changes

Savvy compliance officers should prepare now in order to efficiently implement key changes later.

number 1

Conduct a Risk Analysis

Know where your privacy program stands, so you can build on a strong foundation once the changes are finalized. 

number 2

Create an Action Plan

Understand the specifics of these changes, and begin preparations by identifying policies and BAAs that will require updates.

number 3

Communicate with Leadership

Create buy-in among the C-suite, sharing your action plan and budget proactively.

Are you up to date with HIPAA?

We made you a free cheat sheet to guide your compliance as regulations change.

Changing Regulations Cheatsheet

Using HIPAAtrek to Prepare for Privacy Rule Changes

HIPAAtrek has been proactively preparing our clients for these modifications since early 2022. Built by HIPAA compliance experts who have been in your shoes, we know how challenging sweeping changes to HIPAA can be.

That’s why we work diligently to support our clients through changing regulations with:

  • Specific, in-depth training to educate and prepare our clients, with opportunities to ask questions of our HIPAA compliance experts;
  • Updated policy templates, BAA templates, and NPP templates available in our platform within 45 days of the finalized Privacy Rule.
  • HIPAA Training videos within the software will be updated to reflect the changes and assist with implementation among your team.

Schedule A Demo

There’s never been a better time to join HIPAAtrek. Register for a demo now and a member of our team will reach out with more information: