The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law.

Deadline for Covered Entities to comply with the Privacy Rule.

Deadline for Covered Entities to comply with the Transactions and Code Sets Rule.

Deadline for Covered Entities to comply with the Security Rule.

Deadline for applicable Covered Entities to obtain and use a National Employer Identifier (NEI).

The Enforcement Rule goes into effect.

Deadline for all health care providers who are HIPAA Covered Entities to obtain and use a National Provider Identifier (NPI).

The American Recovery and Reinvestment Act of 2009 (ARRA) was signed into law. ARRA includes the Health Information Technology for Economic and Clinical Health (HITECH) Act, which mandates the US Department of Health and Human Services to develop new regulations related to the HIPAA provisions.

The Interim Final Rule goes into effect requiring Covered Entities to notify patients when a breach of their unsecured, protected health information occurs.

Deadline to begin using the ASC X12 Version 5010 Transaction Standards October 1, 2013 - Transition to ICD-10 code sets for medical diagnosis and inpatient procedures.

U.S. Department of Health and Human Services (HHS) releases the Omnibus Final Rule, implementing the changes required by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.

The Omnibus Final Rule takes effect.

Covered Entities, Business Associates, and subcontractors must be in compliance with most provisions under the Final Rule.