On January 25, 2013, the Office for Civil Rights published an Omnibus Final Rule implementing changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules (“HIPAA”). By September 23, 2013, covered dental practices must revise their policies and procedures to comply with new rules. This course begins with a brief history of HIPAA with information about compliance dates, the effect of state law, and enforcement and penalties. Next, there is a discussion of changes to HIPAA requirements for breach notification; business associates; requests for restricted disclosure to a health plan; patient access to records; marketing communications; sale of patient information; fundraising; Notice of Privacy Practices; decedents; immunization records; genetic information; and research. The resources section includes information about ADA and government resources, and directions for accessing the text of the HIPAA rules online.