If you are a covered entity, you are mandated to be in compliance with the sweeping new revisions to HIPAA, as per the HIPAA Omnibus Act that passed in January of 2013. Changes go into effect on September 23, 2013.
The rule expands the individual rights of patients, including tightening requirements on providers when patient information is breached. The result is that providers could face more legal scrutiny and higher fines in case of an information breech.
Two free resources are online to help you be compliant.
The American Medical Association has made a FREE 25-page practical guide available to assist providers.
The APA also has information, but you must have paid the Practice Assessment fee to access. Here is the link for the “free” portion.