HIPAA Omnibus Rule Office of Civil Rights

The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance... more +
The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance Portability and Accountability Act of 1996 (HIPAA), improve the government's ability to enforce those protections, and give individuals greater access to their health information. One of the most significant changes associated with the Rule is the application of HIPAA's requirements to business associates of health care providers and health care claim processors. HHS broadened HIPAA's application to these groups after several large breaches were tied to business associates.  less -
News & Analysis as of

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

Healthcare Privacy – 2013 Year in Review

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more

OCR Releases Model Notices of Privacy Practices

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

Refill Reminder Exception to the Privacy Rule Created by the HITECH Act

The passing of the Health Information Technology for Economic and Clinical Health Act (HITECH) resulted in multiple changes regarding existing protection of protected health information (PHI) under the Health Insurance...more

Hearing to Address HIPAA Accounting of Disclosures

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

It's Never Too Late To Give Guidance: OCR Starts Releasing HIPAA Omnibus Rule Guidance In Anticipation Of September 23 Compliance...

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

OCR and ONC Release Model Notices of Privacy Practices

The long-awaited Omnibus Regulations (Omnibus Rule) adopted earlier this year by the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) requires covered entities to include new information in...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

Days Before Enforcement Date OCR Issues New Guidance

Just days before the September 23, 2013 enforcement date for the new HITECH Act Omnibus rules, the Department of Health and Human Services' Office for Civil Rights has published several new guidance tools and documents. On...more

HHS Office of Civil Rights Releases Several Model Notices of Privacy Practices

The HHS Office of Civil Rights (OCR) recently released several versions of a model Notice of Privacy Practices (NPP) for use by covered entity health plans and health care providers. The notices have been written specifically...more

OCR Publishes Model Notice of Privacy Practices

With the September 23, 2013 compliance date for the HIPAA Omnibus Rule only one week away, the Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have developed...more

Privacy Monday – September 16, 2013

Dis-Like! Senator Markey Urges the FTC to Investigate Facebook’s New Policies - As we previously reported, Facebook has proposed a number of revisions to its Data Use Policy and Statement of Rights and...more

OCR Guidance to Address HIPAA Marketing Turmoil

In response to a recent lawsuit and outcry from a variety of players in the health care market, the Department of Health and Human Services (“HHS”) has committed to issuing guidance by September 23rd (the compliance date for...more

Omnibus HIPAA/HITECH Rules Require Changes to Notice of Privacy Practices Prior to September 23, 2013

Earlier this year, the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) issued its long-awaited omnibus regulations that make significant modifications to the HIPAA Privacy, Security,...more

Health Law Blog: HIPAA Update: Don't Forget Your Photocopiers

Affinity Health Plan has agreed to pay more than $1.2 million to settle potential violations of the HIPAA Privacy and Security Regulations....more

Employment Law Blog: Regzilla Stomps Another One! - Idaho State University and the Compliance Gap Analysis

Presumably at this point HIPAA, HITECH and the Omnibus Regulation have been published, digested and everyone is in full compliance with the requirements that have been set forth....more

The HIPAA Omnibus Final Rule—Data Privacy and Security Implications for Business Associates and Covered Entities

On January 17, 2013, the Office for Civil Rights (‘‘OCR’’) of the U.S. Department of Health and Human Services (‘‘HHS’’) published the HIPAA Omnibus Final Rule (‘‘Final Rule’’) which OCR has trumpeted as carrying ‘‘the most...more

Newly Effective HIPAA Omnibus Rule Makes Sweeping Changes to HIPAA

The long-awaited final omnibus rule (Omnibus Rule) that modifies the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [1] took effect last week, on March 26, 2013. Leon Rodriguez, Director of the U.S....more

HIPAA’S FINAL RULE: Putting Things in Perspective – Comments from OCR

On March 22, 2013, Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) Director Leon Rodriguez presented the keynote address to attendees of the American Health Lawyers’ Association HIPAA/HITECH Conference in...more

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

HIPAA Alert: Action Steps To Reach Compliance

As discussed in two prior HIPAA alerts, a final, 563-page Omnibus HIPAA Rule was released by the Department of Health and Human Services Office of Civil Rights to strengthen HIPAA’s security and privacy protections. The final...more

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

Expanding The Reach Of HIPAA Data Security And Privacy Requirements

In this information technology era, it is little wonder that the Obama Administration has made enforcement of data security and privacy protections a top priority. The enforcement emphasis reflects public opinion favoring...more

Final HIPAA Regulations: What's Changed (and What Hasn't) for Group Health Plans

The Office for Civil Rights of the Department of Health and Human Services (“OCR”) has issued final regulations modifying the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security, Breach...more

54 Results
|
View per page
Page: of 3