How to respond to the Final Omnibus HIPAA Rule

March 2013

How to respond to the Final Omnibus HIPAA Rule

At a glance

The Final HIPAA Omnibus Rule calls for changes to privacy and security requirements that healthcare organizations should address, especially where current practices and processes could be less effective and expensive to build and maintain, inviting risk.

Download: How to respond to the Final Omnibus HIPAA Rule

Create custom report

Download chart pack

Download the iBook for your iPad

Organizations that simply address the Final Omnibus HIPAA Rule without taking into account the other privacy and security requirements are at risk of creating a patchwork of processes and controls that will ultimately prove less effective and unnecessarily expensive to build and maintain.

The Final HIPAA Rule has a number of significant changes, and among other things:

strengthens and expands the scope of the HIPAA privacy and security rules
increases penalties for HIPAA violations
extends potential liability and requirements for business associates and subcontractors
enhances patient privacy protections and requires mandatory changes to Notices of Privacy Practices, which have specific redistribution requirements
creates a new presumption that a reportable compromise has occurred under HIPAA’s federal notification law for breaches of protected health information (PHI) unless a new, specific assessment can demonstrate "ittle probability."

Contacts

James Koenig: Privacy Compliance & Breach Response; Tel: (610) 246-4426
Mick Coady: Health Information Privacy and Security Practice; Tel: (314) 565-1949
Nalneesh Gaur: Health Information Privacy and Security Practice; Tel: (214) 754-5232

More contacts