HIPAA and SAMHSA 42 CFR Part 2 Updates for 2025: Ensure Compliance and Protect Patient Data

This webinar will be addressing how practice/ business managers (or compliance officers) need to ensure their organization/ practice is complying with the new changes for the Federal Substance Abuse and Mental Health Administration (SAMHSA) regulations (42 CFR Part 2) and the HIPAA Privacy Rule.

This webinar will cover the latest updates which were released in 2024 and cover multiple scenarios and FAQs relating to Substance Abuse Records, Mental Health Records, Alcohol Abuse Records, and the proper ways to secure this information and/or release this information. The webinar will also cover the new updates relating to the HIPAA Privacy Rule, specifically the Right of Access, Information Sharing, and Notice of Privacy Practices An overview of a comparative analysis will be presented comparing SAMHSA to the HIPAA laws relating to protected health information in general.

Learning Objectives:-

• Understanding how to implement changes relating to SUD health records
• Understanding the 2024 HIPAA Privacy Updates
• How HIPAA and Part 2 are being merged
• Unique risks for SUD records
• Understanding consents (differences between HIPAA and SAMHSA)
• Emailing/ Texting PHI (do’s and don’ts)
• How to comply with new Part 2 rules

Areas Covered in the Session:-

• What exactly is SAMHSA?
• What is the Vision?
• 42 CFR Part 2
• Patient Record Confidentiality (CFR Title 42: Part 2)
• Confidentiality of Alcohol and Drug Abuse Patient Records (CFR Title 42: Part 2)
• Federal Assistance Checklist
• Does 42 CFR Part 2 Apply to My Practice?
  • Example 1: Opioid Treatment Program
  • Does Part 2 Apply To ABC?
  • Can ABC Disclose SUD Information?
  • How Can ABC Disclose?
  • Example 2: Mixed Use Facility
  • Example 3: Accountable Care Organization (ACO)
  • Example 4: Integrated Care Setting
• Medical Records Are Not Created Equal
• Separating SUD Records from Normal Medical Records
• SAMHSA vs HIPAA
• 42 CFR Part 2 Rulemaking
• Issuance of the Notice of Proposed Rulemaking (NPRM)
• What Has Changed?
  • Compliance Date and Deadlines – Feb 16, 2026
  • Applicability and Re-Disclosure
  • Disposition of Records
  • Consent Requirements
  • Disclosures Permitted w/ Written Consent
  • Disclosures to Central Registries and PDMPs
  • Medical Emergencies
  • Audit and Evaluation
  • Undercover Agents and Informants
  • Other changes that Are implemented
• How can one get access to a patient’s information under SAMHSA 42 CFR Part 2
• Train Staff on Email Hacking Tricks
• What is Ransomware?
• Ransomware - Major Concern for 2024 and Beyond
• What does OCR say?
• 2024 Mobile Devices – Protect PHI
• Private Legal Remedies
• FAQs relating to Part 2 and HIPAA
• HIPAA Resources
• SAMHSA Resources
• Best Proactive Actions
• Live Q&A Session

Who Should Attend?

• Healthcare Executive and Directors
• Physicians and NPPs
• Practice Managers
• Substance Abuse Clinics (Both for Profit and Non-Profit)
• Business Associated who Work with Mental Health, Substance Abuse, or Alcohol Abuse Records
• Medical Billing Companies
• Medical Billing Managers and Staff
• IT Officers
• Compliance Officers
• Home Health Agencies
• Healthcare Attorneys
• HIPAA Privacy Officers
• HIPAA Security Officers
• Information Security Officers
• Risk Managers
• Health Information Managers
• Medical Office Manager
• Healthcare Business associates (Shredding, data storage, systems vendors, billing services, etc.)
• Records Release Manager and Staff.