HIPAA Omnibus Rule
E698614
The HIPAA Omnibus Rule is a 2013 set of regulatory updates that strengthened and expanded HIPAA privacy, security, breach notification, and enforcement provisions, particularly increasing obligations and liability for business associates.
Statements (50)
| Predicate | Object |
|---|---|
| instanceOf |
HIPAA regulation
ⓘ
United States federal regulation ⓘ |
| addresses |
sale of protected health information
ⓘ
use and disclosure of PHI for fundraising ⓘ use and disclosure of PHI for marketing ⓘ |
| alsoKnownAs |
HIPAA Final Omnibus Rule
NERFINISHED
ⓘ
Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the HITECH Act and GINA NERFINISHED ⓘ |
| appliesTo |
business associate subcontractors
ⓘ
health care clearinghouses ⓘ health care providers ⓘ health plans ⓘ |
| appliesToJurisdiction |
United States of America
ⓘ
surface form:
United States
|
| basedOn | Health Information Technology for Economic and Clinical Health Act NERFINISHED ⓘ |
| changes | definition of breach ⓘ |
| citation | 78 FR 5566 ⓘ |
| complianceDate | 2013-09-23 ⓘ |
| country |
United States of America
ⓘ
surface form:
United States
|
| effectiveDate | 2013-03-26 ⓘ |
| enhances |
individual rights to access PHI
ⓘ
individual rights to restrict disclosures to health plans ⓘ |
| establishes | presumption of breach unless low probability of compromise ⓘ |
| expandsLiabilityTo |
business associates
ⓘ
subcontractors of business associates ⓘ |
| hasComponent |
breach notification rule modifications
ⓘ
enforcement rule modifications ⓘ privacy rule modifications ⓘ security rule modifications ⓘ |
| implements | HITECH Act provisions ⓘ |
| increases | civil monetary penalties for HIPAA violations ⓘ |
| issuedBy |
HHS Office for Civil Rights
NERFINISHED
ⓘ
U.S. Department of Health and Human Services NERFINISHED ⓘ |
| legalBasis | HITECH Act Section 13400 et seq. NERFINISHED ⓘ |
| objective |
enhance breach notification requirements
ⓘ
improve security of electronic health information ⓘ increase HIPAA enforcement ⓘ strengthen privacy protections for health information ⓘ |
| partOf | Health Insurance Portability and Accountability Act regulatory framework NERFINISHED ⓘ |
| publicationDate | 2013-01-25 ⓘ |
| regulates |
business associates
ⓘ
covered entities ⓘ electronic protected health information ⓘ protected health information ⓘ |
| requires |
notice of privacy practices updates
ⓘ
risk assessment for breach determination ⓘ updated business associate agreements ⓘ |
| strengthens |
HIPAA Breach Notification Rule
NERFINISHED
ⓘ
HIPAA Enforcement Rule NERFINISHED ⓘ HIPAA Privacy Rule NERFINISHED ⓘ HIPAA Security Rule NERFINISHED ⓘ |
| yearEnacted | 2013 ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.