HIPAA Omnibus Update
The HIPAA Omnibus Update rules contain a number of changes to HIPAA Privacy, Security, and Breach Notification rules. Recently patient rights under HIPAA have been expanded to include several new rights of access: mental health records, electronic copies of records and laboratory test results. These changes must be respected by every covered entity and business associate to stay in compliance with the HIPAA rules through modifications to policies and procedures.
Not only the compliance rules but the enforcement rules have also changed. Now with the new four-tier violation schedule the mandatory fines for willful neglect of compliance starts at $10,000 even if the problem is corrected within 30 days of discovery. Violations that are not promptly corrected carry mandatory minimum fines starting at $50,000.