About the CMS HIPAA 5010 Compliance Grace Period

CMS announced a 90-day grace period for HIPAA 5010 compliance on Nov. 17, 2011. While CMS did not offer a deadline extension on the HIPAA 5010 compliance date of January 1, 2012, they will not “initiate enforcement action” before March 31, 2012. What does this mean?

It’s certainly not a free pass, but it does offer leniency on full compliance until March 31, 2012. During the grace period, CMS’ Office of E-Health Standards and Services (OESS) will continue to accept complaints regarding non-compliance for Version 5010, NCPDP D.0, and NCPDP 3.0 transaction standards, but will not take enforcement action as long as the covered entities that complaints were filed against can “produce evidence of either compliance or a good faith effort to become compliant with the new HIPAA standards during the 90-day period.”

View CMS’ Full Statement About the 5010 90-Day Grace Period

View CMS’ 5010 Resources Page