(Recorded Webinar) 42 CFR Part 2: SAMHSA's 2020 Rule

This webinar is closed to new enrollments. For more patient privacy and confidentiality trainings, click here.

Duration: 90 minutes
Webinar recorded on: 8/5/2020

The Substance Abuse and Mental Health Services Administration (“SAMHSA”) recently issued changes to the regulations governing the Confidentiality of Substance Use Disorder (SUD) Patient Records (“42 CFR Part 2” or “Part 2”).  Part 2 provides additional confidentiality protections for certain SUD records, requiring a patient’s written consent to disclose their SUD records for treatment, payment, and health care operations, unless one of the very narrow exceptions applies.  In responding to the opioid epidemic, many health centers developed SUD services in such a way that Part 2 applies to some or all of their patients records. 

The 2020 Final Rule is the third set of changes to Part 2 in the past 36 months and, under the Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”), additional changes are expected in order to align Part 2 with HIPAA. These regulatory changes are SAMHSA’s attempt to keep pace with advances in the health care delivery system and to respond to the opioid epidemic; however, many Part 2 Programs and other providers are struggling to keep pace with the regulatory changes.  

In this webinar, we will review the major changes under the 2020 Final Rule and suggest activities that Part 2 Programs and other providers can undertake to ensure compliance by the August 14, 2020 effective date.  We will discuss the additional flexibilities for disclosing and receiving Part 2 records under the 2020 Final Rule.  We will also provide a brief overview of the CARES Act changes (going into effect after March 27, 2021) so that attendees can determine whether to implement the optional provisions of the 2020 Final Rule or wait until SAMHSA issues the CARES Act regulations for Part 2.

Target Audience

  • Leadership team members
  • Clinical staff, including SUD providers and behavioral health providers
  • Compliance Officers and Risk Managers
  • HIPAA Privacy and Security Officers

Learning Objectives

After this webinar, you will be able to:

  • Identify the Part 2 Program documents that require updating to comply with the 2020 Final Rule
  • Describe how a non-Part 2 Program (including parts of a health center that are “non-Part 2 Programs”) can record information received from a Part 2 Program so that its records do not become subject to Part 2
  • Understand how SAMHSA has attempted to align Part 2 with HIPAA and the additional changes expected under the CARES Act
Course summary
Available credit: 
  • 1.50 Certificate of Attendance
Course opens: 
Course expires: 


As Partner and Compliance Counsel with the firm’s health law practice group, Dianne advises health centers on implementing effective compliance programs and on addressing top compliance risk areas. Dianne counsels health centers and other organizations on developing compliance programs that include the OIG’s seven elements, respond to identified compliance risk areas, and reflect the organization’s culture.  Dianne also advises health centers and other organizations on patient privacy and confidentiality, including the HIPAA Privacy Rule and 42 CFR Part 2.  She has experience responding to privacy and security incidents, including determining whether there has been a breach, notifying patients and the government, and creating corrective action plans. [Full Bio]

Certificates of Attendance: We verify attendance upon completion of a webinar (live or recorded version) and will only issue certificates in the name of the account holder enrolled in the course. If you need to document attendance for someone other than the account holder, we provide blank Certificates of Attendance for a supervisor to sign and certify that a different individual viewed the course. 

Group Attendance: Due to the online nature of webinars, we cannot verify participation by more than one person. For groups, we provide an attendance record form and blank Certificates of Attendance to record attendance at a group viewing session and document each individual's participation. We recommend that a supervisor or colleague sign the certificate to certify attendance. 

Read more about maintaining an attendance record in our FAQs.

Available Credit

  • 1.50 Certificate of Attendance


Please login or register to take this course.

This webinar is closed to new enrollments. For more patient privacy and confidentiality trainings, click here.


Recorded webinars are available for 180 days after the date of purchase or date of the webinar. Once posted to your account, you can view this webinar anytime on-demand during the access period identified in your purchase confirmation. For additional information on viewing and accessing webinars, view our full terms and conditions here.


If you pay by credit card or PayPal, you will be able to access the recorded webinar immediately (unless the live webinar has not yet occurred). If you pay by check, we will grant access to the recording when we receive your check. You will receive a confirmation email once access is granted. FTLF reserves the right to suspend access to the webinar if payment is not received within 30 days. For more information on payments and registration, please visit our FAQ page.


No refunds will be provided for recorded webinars. FTLF can transfer a registration to someone else within your organization or, provided you have not already viewed the webinar, transfer the registration to another on-demand program. Where the registration fee for the new webinar is higher, you must also pay the difference between the original course and the new course registration fee at the time of transfer. Administrative fees may also apply. If your organization purchased a webinar under the account of a staff member who no longer works for your organization, please Contact Us. View our full policy on refunds and cancellations here.

Required Hardware/Software

Google Chrome and Mozilla Firefox are the preferred browsers.