Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

What is the HIPAA Omnibus Rule?

The HIPAA Final Omnibus Rule of 2013 was issued by the Department of Health and Human Services (HHS) to implement required amendments under the Health Information Technology for Economic and Clinical Health (HITECH) Act. This Rule strengthens privacy and security protections for individuals’ health information, makes certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) improve their workability and effectiveness,  increases flexibility for and decreases the burden on regulated entities. 


The HIPAA Final Omnibus Rule clarified gray areas and fleshed out necessary details in existing HIPAA and HITECH regulations while also establishing new penalties for HIPAA noncompliance.

Related Terms

Additional resources you might like:

Comparisons and reviews
Blog
The best TPRM software for 2026

Discover the best third-party risk management software solutions for 2026.

Comparisons and reviews
Blog
Top 5 OneTrust alternatives

Check out top OneTrust alternatives for compliance and risk management.

Comparisons and reviews
Blog
Top 4 Secureframe alternatives

Explore features, limitations, and scalable compliance solutions.

Additional resources you might like:

Comparisons and reviews
Blog
The best TPRM software for 2026

Discover the best third-party risk management software solutions for 2026.

Comparisons and reviews
Blog
Top 5 OneTrust alternatives

Check out top OneTrust alternatives for compliance and risk management.

Comparisons and reviews
Blog
Top 4 Secureframe alternatives

Explore features, limitations, and scalable compliance solutions.

Vendor Risk Management
Blog
GDPR, NIS 2, and DORA converge on one problem: Third-party risk

Discover how EU regulations, GDPR, NIS 2, and DORA, make third-party risk a direct, continuous business liability. Find out why most teams still lack visibility.

Product updates
Events
Vanta Delivers: Live from New York

Join us to see new product capabilities and live demos, and learn how Vanta is delivering a unified risk experience for GRC teams.

Vendor Risk Management
Events
AI broke your Third Party Risk Management program. Now what?

Watch on demand to learn where traditional TPRM breaks down in an AI-first world, and how one team rebuilt their program to actually keep up.

Compliance
Events
Learn how to automate compliance for SOC 2, ISO 27001, and more

Watch on demand to learn how Vanta’s Agentic Trust Platform helps fast-moving startups and security teams get audit-ready fast and stay continuously compliant.

Compliance
Blog
How do you perform quarterly access reviews?

Without periodic access reviews, former employees may retain access to sensitive data after termination. Learn how to perform effective quarterly access reviews.

Product updates
Events
Turn Every Promise into Predictable Trust: Customer Commitments in Action

Watch on demand for a demo of Customer Commitments and learn how Vanta turns contracts into structured, actionable intelligence.

Get compliant and build trust—fast

Request a demo
G2 Badge Winter 2026 LeaderG2 Badge Winter 2026 Enterprise LeaderG2 Badge Milestone 'Users Love Us'