In January 2013, the US Department of Health and Human Services released the Omnibus Final Rule (Final Rule).1 The final rule significantly modified the privacy and security standards under the Health Insurance Portability and Accountability Act (HIPAA). These new regulations were driven by a perceived need to ensure the confidentiality, integrity, and security of patients’ protected health information (PHI) in electronic health records (EHRs) and other formats. The final rule addresses these concerns by expanding the scope of regulations and increasing penalties for PHI violations.
C. Jason Wang, Delphine J. Huang. The HIPAA Conundrum in the Era of Mobile Health and Communications. JAMA. 2013;310(11):1121–1122. doi:10.1001/jama.2013.219869