The HIPAA Privacy and Security final rule, also known as the HIPAA Omnibus Rule, became effective on March 26. The new rule changes the breach notification process, shifting the burden of proof to providers who must now prove their innocence when patient data is breached. Providers and their vendors have 180 days to comply or risk enforcement actions and penalties. The addition of business associates under the rule could catch companies off guard and unprepared. The Office for Civil Rights has already prosecuted five covered entities, indicating increased enforcement going forward. Providers should conduct risk assessments and ensure their vendors are protecting personal health records according to the new rule.
Listen: Nation’s Capital Cuts Traffic Deaths as Rates Rise Across US
LISTEN: Distracted. Reckless. Drunk. Americans’ driving has gotten more dangerous since the covid pandemic. Chaseedaw Giles appeared on WAMU’s “Health Hub” on Nov. 26 to
