HIPAA Omnibus Rule (2013 Final Rule)

The HIPAA Omnibus Rule, issued in 2013, updates the Privacy, Security, and Enforcement Rules to strengthen protections for individuals' health information. It expands the definition of covered entities to include business associates, tightens breach-notification requirements, and raises civil penalties for non-compliance.