Meeting the Sept. 23 HITECH Omnibus Rule Compliance Deadline

September 4, 2013

Complimentary Webinar

Archived media:

  • Webinar replay (WMV)
  • Presentation (PDF) 

On Jan. 17, 2013, the federal government released the HITECH Act Omnibus Final Rule, which clarified and expanded the HIPAA compliance obligations of covered entities and their business associates. Among other changes, the Omnibus Final Rule created a new breach standard, clarified the definition of a business associate, and implemented the increased liability and penalty structure mandated by the HITECH Act. Except with respect to certain grandfathered business associate agreements, covered entities, business associates and downstream subcontractors must achieve compliance with the changes under the Omnibus Final Rule by Sept. 23, 2013. Coming into compliance with the Omnibus Final Rule will involve updates to internal policies and procedures, notices of privacy practices, and business associate agreements.


  • The key changes to compliance obligations of covered entities, business associates and downstream subcontractors;
  • Steps providers and their business associates should take in order to meet the Omnibus Final Rule’s compliance deadline; and
  • The current enforcement climate.

McGuireWoods Presenters

  • Holly Carnell, Associate
  • Meggan Bushee, Associate