N NPP Generator
EHR & Vendor

Does Veradigm (Allscripts) Provide a Notice of Privacy Practices?

By NPP Generator Research Team  ·  Published Apr 25, 2026  ·  Last reviewed Apr 28, 2026  ·  3 min read

Need to update your NPP?

Update → Generate new →
Quick answer: No. Veradigm (formerly Allscripts) does not provide a HIPAA-compliant Notice of Privacy Practices for your practice. Veradigm provides HIPAA-compliant infrastructure, signs a BAA, and offers practice-customizable patient-facing portals — but does not produce a HIPAA-compliant NPP. The NPP — the patient-facing HIPAA document required by 45 CFR § 164.520 — is the covered entity's responsibility to produce and maintain.

Veradigm (formerly Allscripts) (formerly Allscripts) provides EHR and practice-management software for ambulatory practices and group practices. A common assumption among new Veradigm (formerly Allscripts) customers is that the platform's HIPAA-compliant infrastructure or BAA covers the NPP requirement. It does not. The NPP is a covered-entity-side document — your practice produces it, distributes it, and posts it.

What Veradigm (formerly Allscripts) does provide for HIPAA compliance

Veradigm (formerly Allscripts) provides HIPAA-compliant infrastructure and contractual protections, but none of them are an NPP:

Plan tiers and BAA availability

Veradigm offers tiered enterprise plans. The BAA is included on appropriate HIPAA-customer tiers and executed during onboarding.

How to request the BAA from Veradigm (formerly Allscripts)

Veradigm's BAA is executed during enterprise onboarding. Contact Veradigm's contracting team for the BAA.

What the Veradigm (formerly Allscripts) BAA covers (and doesn't)

The Veradigm (formerly Allscripts) BAA binds Veradigm (formerly Allscripts) to HIPAA's safeguard obligations for PHI it handles on your behalf. It does not produce an NPP, fulfill your NPP-distribution obligation, or substitute for any patient-facing HIPAA documentation. The BAA covers vendor-side responsibilities; the NPP covers practice-side patient communications.

Alternatives if you need NPP support

After Veradigm onboarding, produce an NPP using NPP Generator's tool ($49) or attorney-drafted, and integrate it into the Veradigm patient portal and your practice website.

Setup after enabling Veradigm (formerly Allscripts)'s HIPAA features

Configure Veradigm portal to deliver NPP at intake, post on practice website, and at physical locations. Re-distribute on material change.

Common patient-facing scenarios with Veradigm (formerly Allscripts)

In day-to-day operations using Veradigm (formerly Allscripts), several scenarios commonly surface NPP-related questions:

Audit-readiness with Veradigm (formerly Allscripts)

When OCR or a state regulator audits a practice using Veradigm (formerly Allscripts), expect the auditor to request:

What changed in the HHS February 2026 model

The HHS February 2026 final rule introduced several NPP content updates that affect every covered entity, including practices using Veradigm (formerly Allscripts): clarified Right of Access language, updated breach-notification provisions, refined marketing-communication requirements, and explicit safeguards-against-AI language. Practices issuing or updating NPPs after February 16, 2026 should align to the new model. Veradigm (formerly Allscripts)'s patient-portal infrastructure typically supports either model; the document content is the practice's responsibility.

More EHR & vendor guides

Athenahealth Provide AN Npp Cerner Oracle Provide AN Npp Charmhealth Provide AN Npp Drchrono Provide AN Npp Eclinicalworks Provide AN Npp Elation Health Provide AN Npp Epic Provide AN Npp Greenway Health Provide AN Npp Jane App Provide AN Npp Kareo Provide AN Npp Meditech Provide AN Npp Nextgen Provide AN Npp Practice Fusion Provide AN Npp Simplepractice Provide AN Npp Tebra Provide AN Npp Theranest Provide AN Npp Therapynotes Provide AN Npp Valant Provide AN Npp

Generate a compliant NPP in 5 minutes

HHS Feb 2026 model · Part 2 SUD language · Section 1557 taglines · whether you're updating or starting fresh.

Update my existing NPP → Generate a new NPP →

No subscription · PDF + Word · Free watermarked preview · See sample →

Related: EHR & practice-management vendors

athenahealth Cerner / Oracle Health CharmHealth DrChrono eClinicalWorks Elation Health Epic Greenway Health

Frequently Asked Questions

Does Veradigm (formerly Allscripts) provide a Notice of Privacy Practices?
No. Veradigm (formerly Allscripts) provides HIPAA-compliant infrastructure and signs a BAA on appropriate plans, but does not produce a HIPAA-compliant NPP. The NPP is the covered entity's responsibility under 45 CFR § 164.520.
Does Veradigm (formerly Allscripts) sign a BAA?
Yes, on appropriate enterprise/healthcare-tier plans. Veradigm offers tiered enterprise plans. The BAA is included on appropriate HIPAA-customer tiers and executed during onboarding.
What's the cheapest way to get an NPP for my practice?
The HHS model notices are free and can be adapted manually, but they require you to fill in practice-specific fields (entity name, Privacy Officer, website, effective date) and add Part 2 SUD language if applicable. Tools like NPP Generator take the HHS model, capture practice information via a guided intake, and produce a formatted PDF and Word file for $49.
If I switch from Veradigm (formerly Allscripts) to another EHR, do I need to update my NPP?
Possibly. The NPP describes uses and disclosures; if changing EHR materially changes data flows or vendor relationships, the NPP may need updating. Re-distribute on material change.
Does HIPAA-compliant infrastructure satisfy the NPP requirement?
No. HIPAA-compliant data hosting, encryption, and audit logging are Security Rule safeguards. The NPP is a Privacy Rule requirement under § 164.520 — distinct and not satisfied by infrastructure.