Understanding the Latest HIPAA Changes: What Small Clinics Need to Know

HIPAA Updates affecting Healthcare Clinics


As MGMA members, we get insight into the latest up and coming HIPAA compliance and regulatory changes coming down the pipeline. I was invited to attend the Washington update to MGMA members on September 12, 2023. A few items stood out to me in terms of Health IT that could affect our clientbase of small healthcare clinics in the US. We thought it helpful to inform our readers about these coming changes and how they might affect your health IT strategy, so you’ll have time to make adequate preparations if necessary.

The healthcare industry is ever-evolving, especially when it comes to regulations and compliance. One area that has seen significant changes recently is the Health Insurance Portability and Accountability Act (HIPAA). Two major updates—the proposed HIPAA Privacy Rule and penalties for information blocking—are set to impact healthcare providers, including small clinics. In this blog post, we’ll delve into what these changes mean and how they could affect your practice.

HIPAA Privacy Rule Proposed Update

What’s HIPAA Changes are possibly coming?

The Department of Health and Human Services (HHS) has proposed updates to the HIPAA Privacy Rule. The changes aim to enhance patient access to their Protected Health Information (PHI). Patients will now be able to take notes or photographs of their PHI, and healthcare providers will have a shortened timeframe—15 calendar days—to respond to PHI requests.

Potential Implications for Small Clinics from these HIPAA Changes

  1. Increased Patient Engagement: This change could lead to higher patient engagement, as patients can actively participate in their healthcare by having easier access to their PHI.
  2. Operational Efficiency: The shortened timeframe for PHI requests may require clinics to streamline their administrative processes, potentially impacting staffing and operational costs.
  3. Compliance Simplification: The elimination of the requirement for written acknowledgment of the Notice of Privacy Practices could simplify patient onboarding but still necessitates a robust system for compliance.

Information Blocking Updates on Penalties

What’s Changing?

Starting September 1, 2023, healthcare providers and developers could face severe penalties for information blocking. For developers, the penalties could go up to $1 million per violation.

Information Blocking | HHS-OIG

Potential Implications for Small Clinics

  1. Financial Risk: Non-compliance could result in substantial financial penalties, making it crucial for small clinics to invest in compliance measures.
  2. Technology Updates: Clinics may need to update their Electronic Health Records (EHR) systems to ensure they are not inadvertently blocking information.
  3. Staff Training: Staff members will need to be trained on the new regulations to avoid accidental violations, adding another layer to operational costs.

Conclusion and Next Steps

The latest HIPAA changes are designed to improve patient access to healthcare information and system interoperability. However, they also bring new challenges for small clinics, from operational adjustments to compliance risks. Staying informed and proactive is the key to navigating these changes successfully.

Want to ensure your clinic is HIPAA-compliant with the latest changes? Contact us at Stringfellow Technology Group for a comprehensive consultation.