HIPAA Omnibus Tops Event's AgendaConference Focuses on Health Data Security
The topic of HIPAA Omnibus compliance will in the spotlight at a security conference May 14-15 in Washington, D.C., jointly hosted by the Department of Health and Human Services' Office for Civil Rights and the National Institute of Standards and Technology. I'll be attending the event to provide coverage of the important issues discussed.
The presentations at this important annual data security event should provide valuable insights.
The omnibus rule was unveiled in January, went into effect on March 26 and has a compliance date of Sept. 23. Among other things, the rule includes new guidelines for assessing breach notification, makes business associates directly liable for HIPAA compliance and gives patients the right to obtain an electronic copy of their health records.
This annual security event, "Safeguarding Health Information: Building Assurance through HIPAA Security," will feature a keynote address by OCR Director Leon Rodriguez, who'll be discussing HIPAA and HITECH Act compliance. Rodriguez is the nation's lead HIPAA enforcer. Under HIPAA Omnibus, penalties for non-compliance increased to $1.5 million per violation, and OCR has indicated it will ramp up enforcement.
Other presentations will describe the new breach notification guidance in the HIPAA Omnibus Rule, plus the findings of OCR's pilot HIPAA compliance audit program. Experts from NIST will also be on hand to discuss topics ranging from cloud computing to cybersecurity threats.
But I'll be looking forward to learning from attendees as well as speakers. If you're attending this important event in Washington, I look forward to chatting with you about how your HIPAA Omnibus compliance work has been going so far and how you're addressing other privacy and security challenges.
For instance, what's confusing you most about HIPAA Omnibus? Do you have tips that might help others meet the challenge of implementing the rule's many new provisions?
If you're a business associate, you now for the first time have direct liability to comply with HIPAA. Are you making progress with modifications to your agreements with covered entities and your subcontractors?
The presentations at this important annual data security event should provide valuable insights to attendees regardless of whether they're on site or online. Webcast registration for the event ends on May 19.
Be sure to look for news updates and interviews from the event next week. And visit our new HIPAA Omnibus Resource Center to access a wealth of information about the rule.