Focus on HIPAA Compliance

Meeting the September HITECH Omnibus Rule Compliance Deadline

July 31, 2013

Thomson Reuters Webcast

McGuireWoods lawyers Holly Carnell and Meggan Bushee spoke at this live webcast hosted by Thomson Reuters’ West LegalEdcenter.

On January 17, 2013, the Federal government released the HITECH Act Omnibus Final Rule, which clarified and expanded the HIPAA compliance obligations of covered entities and their business associates. Among other changes, the Omnibus Final Rule created a new breach standard, clarified the definition of a business associate, and implemented the increased liability and penalty structure mandated by the HITECH Act. Except with respect to certain grandfathered business associate agreements, covered entities, business associates and downstream subcontractors must achieve compliance with the changes under the Omnibus Final Rule by September 23, 2013.


  • The key changes to compliance obligations of covered entities, business associates and downstream subcontractors;
  • Steps entities should take in order to meet the Omnibus Final Rule’s compliance deadline;
  • The current enforcement climate; and
  • Overview of the OCR audit program and how to prepare for an audit.

For more details, go to