An Overview of the Omnibus RuleWhy You Should Be Concerned
Healthcare data breaches will be treated much differently under the new HIPAA Omnibus Rule. Find out how in the latest "ExperianÂ® Answer Men" interview.
Answer man Bob Krenek, also known as Experian's Senior Director of Data Breach Resolution, interviews healthcare attorney Paula Stannard about changes coming down the pike. Stannard, an attorney with Alston & Bird, explains why she believes the new regulations will result in an enormous rise in the number of incidents being classified as healthcare breaches.
The HHS's hope in issuing this final rule is to strengthen the data and security protection for individuals' health information. This ruling finalizes an interim modified HIPAA Breach Notification Rule, which has been in effect since 2009. The new regulations took effect on March 26, 2013 but medical organizations and their business associates have until September 23 to fully comply. The Omnibus Final Rule adds to the complexity of data breach response further increasing the need for pre-breach response plans.
In this podcast, Krenak and Stannard discuss:
- An overview of the Omnibus rule and all of its changes;
- Why business associates should be concerned;
- How to minimize financial penalties if charged with a violation.
At Alston & Bird, Stannard advises clients on regulatory questions that arise out of the on-going health care reform effort and focuses her practice on HIPAA and health information technology (including certified EHR and meaningful use issues), food and drug and other regulatory issues in the health care sector. Her HHS experience provides clients substantive knowledge of, and experience in, FDA, HIPAA, e-health and health IT, federal health insurance regulation, patient safety, and public health preparedness and emergency response issues.
As senior director at Experian Data Breach Resolution, Krenek has extensive experience in data breach resolution. He has managed the resolution of many of the largest data breach incidents in the healthcare, financial and government sectors. Certified in Healthcare Compliance (CHC), Krenek is currently the dedicated data breach resolution account manager for one of the nation's largest healthcare plans. He specializes in pre-breach planning, incident management and identity protection solutions.