2013 HIPAA Omnibus Rule

In early 2013, the HHS added new scope to HIPAA, which provides individuals new rights to their health information, and strengthens the government’s ability to enforce the law. The changes provide consumers with increased protection and control of personal health information.  The 2013 HIPAA Omnibus Rule expands the federal rules in a few key ways:

  • It expands many of the requirements to business associates of these entities that receive protected health information, such as contractors and subcontractors.
  • Penalties are increased for noncompliance based on the level of negligence with a maximum penalty of $1.5 million per violation.
  • It sets new limits on how information is used and disclosed for marketing and fundraising purposes and prohibits the sale of an individuals’ health information without their permission.

See New changes made to HIPAA privacy and security rules – Health and Human Services has issued final regulations that address recent legislative changes to the HIPAA privacy and date security rules. Compliance is required by September 23, 2013.

Who must comply with the HIPAA Privacy Rule?

Concerns with HIPAA


Read more: