HIPAA Violations







HIPAA Violations

HIPAA is an acronym for "The Health Insurance Portability and Accountability Act".

Failure to comply with HIPAA can result in civil and criminal penalties.

HIPAA Violations - Civil Penalties

HIPAA Violations - Violations of the Administrative Simplification Regulations can result civil monetary penalties of $100 per violation, up to $25,000 per year.

HIPAA Violations - Criminal Penalties

In June 2005, the U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities and specified individuals, as explained below, whom "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penalties to be increased to a $100,000 fine, with up to five years in prison. Finally, offenses committed with the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain or malicious harm permit fines of $250,000, and imprisonment for up to ten years.

HIPAA Violations - Covered Entity and Specified Individuals

The DOJ concluded that the criminal penalties for a violation of HIPAA are directly applicable to covered entities—including health plans, health care clearinghouses, health care providers who transmit claims in electronic form, and Medicare prescription drug card sponsors. Individuals such as directors, employees, or officers of the covered entity, where the covered entity is not an individual, may also be directly criminally liable under HIPAA in accordance with principles of "corporate criminal liability." Where an individual of a covered entity is not directly liable under HIPAA, they can still be charged with conspiracy or aiding and abetting.

Knowingly The DOJ interpreted the "knowingly" element of the HIPAA statute for criminal liability as requiring only knowledge of the actions that constitute an offense. Specific knowledge of an action being in violation of the HIPAA statute is not required.



HIPAA Violations - Exclusion

The Department of Health and Human Services has the authority to exclude from participation in Medicare any covered entity that was not compliant with the transaction and code set standards by October 16, 2003.

HIPAA Violations - Enforcing Agencies

The DHHS Office of Civil Rights (OCR) enforces the privacy standards, while the Centers for Medicare & Medicaid (CMS) enforces both the transaction and code set standards and the security standards. Enforcement of the civil monetary provisions has not yet been tasked to an agency.

Our Most Visited Health Links

| 900cc Implants
| Benadryl Side Effects
| Benefits of Beet Juice
| Benefits of Eating Chocolate
| Benefits of Resveratrol
| Benefits Omega 3 Fatty Acids
| Benefits Vitamin D
| Breast Augmentation Risks
| Carol Wright Catalog
| Cobra Employer Responsibilities
| Dangers of Plavix
| Dangers with Mammograms
| Difference between HMO and PPO| Drugs Online Without a Prescription
| Gluten free Diet
| Health Benefits Apple Cider Vinegar
| Health Benefits of Acai Berry
| Health Benefits of Flaxseed Oil
| HIPAA Violations
| HMO vs PPO
| Medicare Part A vs Part B
| Resveratrol Side Effects
HIPAA Violations