This entry is part 21 of 59 in the series Complete Guide to HIPAA Security Final Rule

This Compliance dates section of the HIPAA Security Final Rule specifies the dates by which various organizations must be compliant:

(a) Health plan.

(1) A health plan that is not a small health plan must comply with the applicable requirements of this subpart no later than April 20, 2005.

(2) A small health plan must comply with the applicable requirements of this subpart no later than April 20, 2006.

(b) Health care clearinghouse. A health care clearinghouse must comply with the applicable requirements of this subpart no later than April 20, 2005.

(c) Health care provider. A covered health care provider must comply with the applicable requirements of this subpart no later than April 20, 2005.

Series Navigation<< 164.308(a)(4)(ii)(B) Standard: Information access management – Access authorization164.316 Policies and procedures and documentation requirements >>

Michelle Caswell

Senior Director, Legal & Compliance at Clearwater Compliance
Michelle Caswell has over 14 years legal and healthcare experience and worked as a HIPAA Investigator for the U.S. Department of Health and Human Services, Office for Civil Rights where she ensured covered entities were in compliance with HIPAA, conducted complaint investigations and educated entities on HIPAA compliance. Michelle brings that experience to Clearwater Compliance as Senior Director, Legal and Compliance.