The deadline for Illinois Medical Marijuana dispensaries to become HIPAA compliant was December 1, 2021. As of this date, Illinois medical marijuana HIPAA compliance is required for all dispensaries in the state that provide marijuana products to patients.

Illinois Medical Marijuana HIPAA Compliance

This includes completion of a security risk assessment and encryption of electronic devices and networks that contain the protected health information (PHI) of patients. Illinois’ requirements spell out specifically how and when Medical Marijuana HIPAA compliance must be achieved, making them more explicit than many other state cannabis regulations.

Illinois Medical Marijuana HIPAA Compliance Must be Complete

Recently the Illinois Department of Financial and Professional Regulation – the primary regulatory authority for cannabis in the state – announced that medical and co-located dispensaries in Illinois must protect patient information in accordance with the stringent privacy and security rules set out in the federal HIPAA regulations and attendant regulations. 

Rated #1 on G2

“Compliancy Group makes a highly complex process easy to understand.”

G2 Leader Fall 2024

The guidelines issued by the regulators made it clear that full compliance with all of the policies and procedures of HIPAA would be required. Under HIPAA, policies and procedures must be written to apply directly to a business’ operations. These policies and procedures are required to be drafted in line with the HIPAA Privacy, Security, and Breach Notification Rules, and should be reviewed at least annually to account for changes in business operations. 

How to Become HIPAA Compliant

There are more than 1000 pages of HIPAA regulations and instructions in the U.S. Department of Health and Human Services’ website. Adding to the confusion is the fact that HIPAA compliance looks different depending upon the size and structure of the organization needing it. What would work for a large regional health system would not be appropriate for a single dispensary. 

Finding an experienced guide to walk your business through all the steps of HIPAA compliance in a way that works for your business is crucial. With 16 years in the industry, Compliancy Group has never had a client fail a HIPAA audit, or be fined. Let us help you get compliant, and stay that way.

Meet All Your HIPAA Requirements

Our software provides everything you need to satisfy state and federal HIPAA laws.

Global CTAs Image