The Omibus rules "Modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Enforcement Rules to implement statutory amendments under the Health Information Technology for Economic and Clinical Health Act (“the HITECH Act” or “the Act”) to strengthen the privacy and security protection for individuals’ health information; modify the rule for Breach Notification for Unsecured Protected Health Information (Breach Notification Rule) under the HITECH Act to address public comment received on the interim final rule; modify the HIPAA Privacy Rule to strengthen the privacy protections for genetic information by implementing section 105 of Title I of the Genetic Information Nondiscrimination Act of 2008 (GINA); and make certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) to improve their workability and effectiveness and to increase flexibility for and decrease burden on the regulated entities.
DATES: Effective date: This final rule is effective on March 26, 2013.
Compliance date: Covered entities and business associates must comply with the
applicable requirements of this final rule by September 23, 2013.
The HHS Press Release can be found
on the HHS News page:
http://www.hhs.gov/news/.
