The new version of HIPAA rules and regulation is HIPAA omnibus rule which is came under force this year in March. The organizations must have to adopt these new policies by HIPAA so that they can avoid breaches.
This new version by Omnibus is enforceable and has high power. They are providing excellent security controls on private data of patients so that they cannot be leaked. They are providing new restriction rules that authorized person will only see that records which it has to be. The breach of rule is now easily accessible and liable in these 4 main criteria: nature of data, authorized person, who has accessed or potentially accessed and the last one is data. Under this great rule, risk is minimized and analyzable. In past, when breach occur there were massive amount of data which was exposed but now, only limited quantity of data with neither date of birth and security number are taken into account.
Under this new rule, privacy policy is clear to anyone and has been updated. Due to this, now every person would greatly become aware of how to use this rules, which conditions are opted and which are not. The data must not be used in marketing purpose so that it cannot be publically exposed. PHI sales must be banned under this rule. Other points include patient access as they have rights to lookup their health records and secured. There must be high security control on patients request so that it cannot be publically exposed and limit on their record. Business associates are not liable under this new rule and are only act as an agent of covered entity. However, fines are not certain under this new rule due to breach of contract but immediate actions will be taken to improve the strategies. Omnibus Rule must be updated by the business associates so that they can avoid breaches. The new rule is quite better and adoptable so that several organizations can feel themselves safe from various threats. Major important primary factors are highlighted in this rule which are wise able and rationalized.