The Omnibus Rule

Need multiple seats for your university or lab? Get a quote
The page below is a sample from the LabCE course An Introduction to the Medical Laboratory, Part 3. Access the complete course and earn ASCLS P.A.C.E.-approved continuing education credits by subscribing online.

Learn more about An Introduction to the Medical Laboratory, Part 3 (online CE course)
The Omnibus Rule

The Omnibus Rule, also known as the Final Rule, went into effect on March 26, 2013. It strengthens the privacy and security protection for individuals' health information, including genetic information, maintained in electronic health records and other formats. It added additional protection to the HIPAA Privacy and Security Rules. Rather than contain new information, the Omnibus Rule enforces the changes proposed by the HITECH Act.
The Omnibus Rule:
  • Bolsters patients' rights and PHI security
    • E.g., the sale of PHI without patient authorization is prohibited
  • Enforces business associate liability with direct penalties
    • E.g., business associates and subcontractors are directly liable for HIPAA compliance
  • Expands breach notification practices
    • E.g., PHI sensitivity is evaluated before proceeding with breach notifications