This Compliance dates section of the HIPAA Security Final Rule specifies the dates by which various organizations must be compliant:

(a) Health plan.

(1) A health plan that is not a small health plan must comply with the applicable requirements of this subpart no later than April 20, 2005.

(2) A small health plan must comply with the applicable requirements of this subpart no later than April 20, 2006.

(b) Health care clearinghouse. A health care clearinghouse must comply with the applicable requirements of this subpart no later than April 20, 2005.

(c) Health care provider. A covered health care provider must comply with the applicable requirements of this subpart no later than April 20, 2005.

Series Navigation<< 164.308(a)(4)(ii)(B) Standard: Information access management – Access authorization164.316 Policies and procedures and documentation requirements >>