United States

Organizations Face New Rules for PHI Security and Breach Reporting

May 15, 2013
From the Healthcare & Life Sciences Institute

On Jan. 25, 2013, the Federal Register published the final Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule to increase protection of personal health information (PHI).

The Omnibus Rule, which went into effect March 26, 2013, and has a compliance deadline of Sept. 23, 2013, imposes significant changes on the Health Information Technology for Economic and Clinical Health (HITECH) Act and will impact the HIPAA compliance efforts of all covered entities and business associates.

Two changes are worth noting in particular: a heightened breach standard, and extended liability for business associates and their subcontractors.

This article provides a brief overview of the impact of the Omnibus Rule.

Read Organizations Face New Rules for PHI Security and Breach Reporting