HIPAA Omnibus Rule Reference Chart

By Dianne J. Bourque, Ellen L. Janos, Stephanie Willis

Mintz Levin is pleased to provide this section-by-section analysis of the HIPAA Omnibus Rule.

The chart lists provisions of the proposed privacy, security, and enforcement rules mandated by the Health Information Technology for Electronic and Clinical Health Act (“HITECH”) published in a proposed rule on July 14, 2010; the interim final enforcement rule—including HITECH’s new, tiered penalty structure—published on October 30, 2009; and the interim final breach notification rule published pursuant to HITECH on August 24, 2009 (collectively, “Proposed Rules”) and compares them to the same regulatory provisions published on January 17, 2013 as part of the Omnibus Rule (“Final Rule”). Note that this summary does not include revisions under the Genetic Information Nondiscrimination Act (GINA), also published in the Final Rule.

For quick reference, our chart indicates whether or not there were changes between the Proposed Rules and the Final Rule and includes commentary on certain notable provisions.

We hope that this summary will serve as a useful tool as we all begin the process of understanding new requirements under HIPAA.

» View the chart.

Subscribe To Viewpoints

Published

Professionals

Authors

Dianne J. Bourque

Member

Dianne specializes in counseling researchers and research sponsors in matters related to FDA and OHRP regulated clinical research, and counsels health care clients on the HIPAA Privacy Rule and Security Standards.

Ellen L. Janos

Member

Ellen provides strategic advice to health care providers, investors, and start-ups on telehealth initiatives as well as the traditional practice of medicine across multiple states.

Stephanie Willis