This afternoon, HHS released the attached omnibus final rule modifying the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules as required the Health Information Technology Economic and Clinical Health (HITECH) Act and the Genetic Information Nondiscrimination Act (GINA).
Notably, the final rule makes business associates of covered entities directly liable for certain HIPAA Privacy and Security rule requirements; expands individuals’ right to receive electronic copies of their health information; incorporates an increased tiered and civil money penalty structure as provided by the HITECH Act; changes to the “harm” definition included in the HIPAA Breach Notification interim final rule; and modifies the HIPAA Privacy Rule as required by GINA.
Comentarios
Publicar un comentario