The 2013 Amendments include a number of sweeping changes to the HIPAA Rules, including the expansion of the definition of a business associate to include their subcontractors that handle protected health information (“PHI”); a lower threshold for determining whether a breach has occurred for reporting purposes; and restrictions on “marketing” activities and the “sale” of PHI.
Click here to read this Overview Summary of the 2013 Amendments. Duane Morris is issuing a series of Alerts on the 2013 Amendments. Please see the in-depth Alerts already distributed by the firm on changes under the 2013 Amendments to the definition of a business associate and changes to the breach notification requirements. We will continue to issue Alerts on discrete HIPAA topics.