The HIPAA Omnibus Rule, which became effective in 2013, contains modifications and edits to the Security, Privacy, Breach Notification Rules and their enforcement. These modifications are intended to enhance confidentiality and security in data sharing, and strengthen the protection of protected health information, especially in electronic form.
One major change is the Omnibus rule makes Business Associates and Subcontractors liable for non-compliance with HIPAA.