HIPAA Omnibus Rule Penalties

The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance... more +
The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance Portability and Accountability Act of 1996 (HIPAA), improve the government's ability to enforce those protections, and give individuals greater access to their health information. One of the most significant changes associated with the Rule is the application of HIPAA's requirements to business associates of health care providers and health care claim processors. HHS broadened HIPAA's application to these groups after several large breaches were tied to business associates.  less -
News & Analysis as of

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

Checklist for Timely Compliance with HIPAA Omnibus Rule

The deadline for compliance with the new HIPAA Omnibus Rule is looming for group health plans. As explained in a prior blog, stiff penalties may be imposed on employers whose plans fail to comply. Accordingly, employers...more

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

Burr Alert: Employer Obligations Under New HIPAA Rules

With all of the attention garnered by healthcare reform, it would be easy to overlook the new HIPAA rules (the "Rules") applicable to covered entities under HIPAA, which include employer group health plans. Compliance with...more

Highlights of the Omnibus HIPAA/HITECH Final Rule

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

Significant Changes to HIPAA Effective March 26, 2013

The following is a summary of the major changes to HIPAA under the new Final Rule: 1. Breach Notification Standard Lowered — In perhaps the most significant change under the Final Rule, the new regulations considerably...more

What Do Employers Really Need to Know About the New HIPAA/HITECH Omnibus Final Rule?

The Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act Omnibus Rule, published in the Federal Register Jan. 25, makes many changes to the HIPAA Privacy Rule,...more

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

The HIPAA/HITECH Final Rule Has Been Released

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

10 Results
|
View per page
Page: of 1