GuideStar, an information services organization specializing in U.S. nonprofits, recently provided a list of resources for nonprofits concerned about complying with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Once an entity confirms through the Department of Health and Human Services Office for Civil Rights (OCR) that it is covered under HIPAA, it must then comply with all aspects of the HIPAA rules – the Privacy Rule, the Security Rule and the Breach Notification Rule. However, the OCR last year released "major changes to many provisions of these rules," the updates from which have not yet been fully incorporated into the office's website. The OCR did release a press release detailing these changes, which is available here. For more, read the full GuideStar Q&A.