On January 17, 2013, the U.S. Department of Health and Human Services issued a final omnibus rule modifying prior regulations enacted pursuant to the Health Insurance Portability and Accountability Act of 1996. Among the key changes that will come into effect this September is the addition of a provision that dramatically increases the number of organizations directly subject to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. In an article published in the March/April issue of Storage & Destruction Business Magazine, Lisa J. Sotto, partner and head of the Global Privacy and Data Security practice at Hunton & Williams LLP, and Ryan P. Logan and Melinda L. McLellan, senior associates on the firm’s Privacy and Data Security team, discuss how the newly-adopted HIPAA Rules will impact business associates and outline steps that records and information management companies should take to prepare for the upcoming changes.

Download a PDF copy of the article.