Increased Enforcement of the HIPAA Omnibus Rule Beginning September 23, 2013 Makes Stiff Penalties Possible for Managed Care Organizations without Adequate Safeguards for Protected Health Informationth_Whitepaper-HIPAA-Managed-Care-Organizations-1.png

The stakes are being raised. As of September 23, 2013, the Office for Civil Rights (OCR) began enforcement of the HIPAA Omnibus Final Rule. As the U.S. Department of Health and Human Services (DHHS) Office for Civil Rights (OCR) former Director Leon Rodriguez stated, the final Omnibus rule not only greatly enhances patient rights and protections but also “strengthens the ability of my office to vigorously enforce the HIPAA privacy and security protections, regardless of whether the information is being held by a health plan, a health care provider, or one of their business associates."