As everyone in the health care industry knows by now, the Department of Health and Human Services issued the final HIPAA Omnibus Rule late last week, giving long-awaited clarity to HIPAA’s privacy, security, enforcement, and breach notification provisions.
Among other things, the Omnibus Rule expands the responsibilities of business associates, imposes a tiered civil monetary penalty structure, and makes changes to the breach notification provisions. To assist you in making sense of the final rule, Mintz has prepared a full analysis of the changes between the proposed rules issued since the passage of the HITECH Act and the Omnibus Rule.
In the coming weeks, Mintz will be providing additional analysis of the Omnibus Rule and its impact on providers, health plans, and business associates. On January 30th from 2:00-3:30 p.m. Eastern, we will hold a webinar entitled "The New HIPAA Omnibus Rule and Your Liability." We will provide additional details as soon as they are available.