This document summarizes the key changes brought about by the HITECH Omnibus Rule, which modifies HIPAA privacy and security regulations. Some major changes include expanding the definition of business associates, strengthening enforcement of violations including increased penalties, and requiring individual authorization for marketing and the sale of protected health information. The document also reviews new requirements around fundraising, research, and electronic access to health records.