HIPAA Compliance or Get Penalized and Jailed?

HIPAA or the Health Insurance Portability and Accountability Act of 1966 is establish to set the rules in safeguarding security and privacy of individually identifiable health information.

HIPAA Privacy Rule and Security Rule is basically the national standards which require both individuals and organizations to enforce administrative, technical and physical protection to keep the integrity, confidentiality as well as availability of PHI or Protected Health Information.

Failure to meet the requirements established by HIPAA may lead to criminal and civil penalties and even progressive disciplinary actions via Indiana University and may even result to termination. Both civil and criminal penalties are applicable to both covered individuals and entities. You just don’t play by the rules, you should make it a lifestyle. Otherwise, you’ll suffer the repercussion of your actions. For sure, you don’t want to file bail for murder simply because you weren’t able to comply with the guidelines and rules.

Section D of 13410 of HITECH Act became effective after almost a decade of February 18. The revised section of 1176(a) of Social Security Act establishes

  • Four violation categories reflecting the increase levels of culpability
  • Four corresponding tiers of penalties which drastically increase minimum penalty amount for every violation and;
  • Maximum penalty amounting to 1.5 million dollars for the violations of the same person.

Civil Monetary Penalties

Following is brief information on how HIPAA implements its rules and fines associated when it is violated.

Number 1. Covered individual or entity didn’t know the act was HIPAA Violation.

Fine: 100 to 50,000 dollar for every violation with a maximum of 1.5 million dollars for the same provisions in a calendar year.

Number 2. HIPAA violation wasn’t due to willful neglect and had reasonable cause.

Fine: 1,000 to 50,000 dollars for every violation with a maximum of 1.5 million dollars for the same provisions in a calendar year.

Number 3. HIPAA violation was a result of willful neglect but the violation was corrected before the lapse of required time period.

Fine: 10,000 to 50,000 dollars for every single provision with a max of 1.5 million dollars for the same provisions in a calendar year.

Number 4. HIPAA violation was a result of willful neglect and wasn’t corrected.

Fine: 50,000 dollars and up for each violation with a maximum of 1.5 million dollars for the same provisions in a calendar year.

Criminal Penalties

Now if the violation is so serious that it leads to criminal offense, the following is a basic guide on what is the equivalent consequence.

  • Either with reasonable or unknowingly cause

Up to 12 months imprisonment

  • Under false pretense

Up to 60 months of imprisonment

  • For malicious reasons or personal gains

Up to 120 months of imprisonment