Originally published in Health IT Law & Industry Report, on January 23, 2013.
On Jan. 17, 2013, the Office for Civil Rights of the U.S. Department of Health and Human Services (‘‘HHS’’) issued a long-awaited omnibus rule (the ‘‘Omnibus Rule’’), which modifies a wide range of privacy, security and breach notification requirements under the Health Insurance Portability and Accountability Act (‘‘HIPAA’’). The Omnibus Rule, among other things:
..Replaces the controversial ‘‘risk of harm’’ standard for determining whether a reportable data breach has occurred with a new test focused on whether data have been ‘‘compromised.’’...
Please see full publication below for more information.