Illinois Medical Marijuana HIPAA Compliance Required

The deadline for Illinois Medical Marijuana dispensaries to become HIPAA compliant was December 1, 2021. As of this date, Illinois medical marijuana HIPAA compliance is required for all dispensaries in the state that provide marijuana products to patients.

Illinois Medical Marijuana HIPAA Compliance Must be Complete

Recently the Illinois Department of Financial and Professional Regulation – the primary regulatory authority for cannabis in the state – announced that medical and co-located dispensaries in Illinois must protect patient information in accordance with the stringent privacy and security rules set out in the federal HIPAA regulations and attendant regulations. 

The guidelines issued by the regulators made it clear that full compliance with all of the policies and procedures of HIPAA would be required. Under HIPAA, policies and procedures must be written to apply directly to a business’ operations. These policies and procedures are required to be drafted in line with the HIPAA Privacy, Security, and Breach Notification Rules, and should be reviewed at least annually to account for changes in business operations. 

How to Become HIPAA Compliant

There are more than 1000 pages of HIPAA regulations and instructions in the U.S. Department of Health and Human Services’ website. Adding to the confusion is the fact that HIPAA compliance looks different depending upon the size and structure of the organization needing it. What would work for a large regional health system would not be appropriate for a single dispensary. 

Finding an experienced guide to walk your business through all the steps of HIPAA compliance in a way that works for your business is crucial. With 16 years in the industry, Compliancy Group has never had a client fail a HIPAA audit, or be fined. Let us help you get compliant, and stay that way.