• HIPAA Omnibus Rule Significantly Expands Privacy, Security, Enforcement Standards, Breach Notification Requirements, and Penalties for Non-Compliance
  • February 13, 2013
  • Law Firm: Cooley LLP - Palo Alto Office
  • On January 17, 2013, the U.S. Department of Health and Human Services ("HHS") issued a final rule ("Omnibus Rule")1 affecting multiple aspects of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). The Omnibus Rule becomes effective on March 26, 2013, and HIPAA covered entities and business associates must comply with its requirements by September 23, 2013 (the "Compliance Date"), which is 180 days beyond the Omnibus Rule's effective date.