The HIPAA Omnibus Rule: Incremental Revisions and a Few Big Pops

more+
less-

Nearly two years after the first anticipated publication date, the U.S. Department of Health and Human Services ("HHS") has finally published the "Omnibus" Final Rule implementing many changes to HIPAA called for by the Health Information Technology for Economic and Clinical Health Act ("HITECH") and finalizing other regulations that were previously issued in proposed form. The Omnibus Rule will officially be published Friday, January 25, 2013, with an "effective date" of March 26, 2013; however, HHS will not enforce most of the new provisions until September 23, 2013, thereby giving covered entities six months to implement fixes.

While the regulations are voluminous, the most important changes relate to a few specific areas: breach notifications; business associates and subcontractors; fundraising and marketing; "hybrid" entities; deceased patients; school immunization records; "notice of privacy practices" revisions; and the "hide" rule.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Business Associates, Covered Entities, Data Breach, Data Protection, HHS, HIPAA, HIPAA Omnibus Rule, HITECH, Marketing, Notice Requirements, PHI, Subcontractors

Published In: Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Jackson Walker | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »