Skip to main content

HIPAA Omnibus Rule Reference Chart

Mintz Levin is pleased to provide this section-by-section analysis of the HIPAA Omnibus Rule.

The chart lists provisions of the proposed privacy, security, and enforcement rules mandated by the Health Information Technology for Electronic and Clinical Health Act (“HITECH”) published in a proposed rule on July 14, 2010; the interim final enforcement rule—including HITECH’s new, tiered penalty structure—published on October 30, 2009; and the interim final breach notification rule published pursuant to HITECH on August 24, 2009 (collectively, “Proposed Rules”) and compares them to the same regulatory provisions published on January 17, 2013 as part of the Omnibus Rule (“Final Rule”). Note that this summary does not include revisions under the Genetic Information Nondiscrimination Act (GINA), also published in the Final Rule.

For quick reference, our chart indicates whether or not there were changes between the Proposed Rules and the Final Rule and includes commentary on certain notable provisions.

We hope that this summary will serve as a useful tool as we all begin the process of understanding new requirements under HIPAA.

» View the chart.

Subscribe To Viewpoints

Authors

Dianne J. Bourque advises health care clients on licensure, regulatory, contractual, risk management, and patient care matters for Mintz. Dianne counsels researchers and research sponsors on FDA and OHRP regulations. She also counsels clients on data privacy issues, including HIPAA standards.
Ellen L. Janos uses her in-depth knowledge of health care regulations to help Mintz clients with government investigations, financial transactions, and corporate compliance activities. She also advises traditional health care providers, investors, and start-ups on telehealth initiatives.

Stephanie Willis