HIPAA privacy and security updates (Omnibus Rule 2013)

Course description
Target Audience:

Pharmacists in community-based practice.

Universal program number: 0401-0000-14-004-H03-P
Activity type: Knowledge-based


To assist in the compliance with the changes to the HIPAA Privacy and Security Rules resulting from the release of the Omnibus Final Rule, which is based upon statutory changes to the Health Information Technology for Economic and Clinical Health Act, or HITECH, and the Genetic Information Nondiscrimination Act of 2008, or GINA.


The healthcare industry continues to change at a seemingly exponential rate, including new technologies for treatment and administration. Along with the benefits of technological advances are the opportunities for widespread breaches of confidential data. It is easy to affect millions of people in seconds when a computer that contains electronic health data is lost or stolen. In 1996, the Health Insurance Portability and Accountability Act, known as HIPAA, was enacted to address, among many things, the confidentiality of individual protected health information in healthcare settings in Title II.1 Just as a child grows to adulthood, HIPAA, too, has matured and developed over time. Most recently, long-awaited guidance was released in the form of the HIPAA/HITECH Act Omnibus Final Rule to further clarify the underlying premise of protection of personal health information.2 “The new rule will help protect patient privacy and safeguard patients’ health information in an ever-expanding digital age,” according to Health and Human Services.3 This lesson presents the highlights of the federal Omnibus Final Rule, referred to here as the Final Rule, which are relevant to practice in the community pharmacy.

Learning objectives:

Upon completion of this program, the pharmacist should be able to:

  1. Describe three ways that the final omnibus rule provides the public with increased protection and control of personal health information.
  2. List two changes to the HIPAA Privacy and Security Rules under the Omnibus Final Rule.
  3. Recognize the increase in penalty amounts for violations of the Omnibus Final Rule.
  4. Explain three newly required elements for a compliant HIPAA privacy notice.
To obtain credit:

A minimum test score of 70% is needed to obtain credit. Submit your answers to the learning assessment questions online at Your statement of credit will be available through CPE Monitor located at To ensure transmission of credit hours to CPE Monitor, you must enter your correct e-PID number in your CE profile.

All customer service questions should be directed to (800) 933-9666.

If you are a paid enrollee, there is no cost to participate in this lesson. The fee for participants who are not enrolled is $13.95.


Drug Store News is accredited by the Accreditation Council for Pharmacy Education (ACPE) as a provider of continuing pharmacy education. This CPE Activity is approved for pharmacists and is worth 1.5 contact hours (0.15 CEUs). The activity is available for CE credit through April 4, 2016.

Faculty & disclosure

By Shari L. Miller, MA, CPhT, JD, attorney at Shari L. Miller, Attorney, PLLC

Shari L. Miller and the DSN editorial and continuing education staff do not have any actual or potential conflicts of interest in relation to this lesson.

The author is providing information, not legal advice. Some states may have more stringent requirements than HIPAA. Check with an attorney to verify whether federal or state law applies. Readers are encouraged to seek legal advice for specific questions they may have regarding implementation of any of the provisions of HIPAA and the Omnibus Final Rules.

Course summary
Credit hours: 
  • 1.50 Pharmacist
Course format: 
Written Lesson
Course opens: 
Course expires: 

Please login or register to take this course.