Under the Omnibus Rule, breach notification received more than just a face-lift. The new rule went into effect on March 26, 2013 so Covered Entities and Business Associates alike should have updated their incident response and notification procedures in preparation. Under the Omnibus Rule, breach notification received more than just a face-lift.  The new rule went into effect on March 26, 2013 so Covered Entities and Business Associates alike should have updated their incident response and notification procedures in preparation.  The harm provision, which had received much negative reaction and scrutiny, did not survive after all.  In its place a more traditional approach was adopted focused on determining compromise of the information.  While there is still considerable controversy over the definition of compromise the new approach read more

Go here to read the rest:
Breach Notification: Omnibus Style