HIPAA, Health Insurance Portability and Accountability Act was enacted to offer protection to workers as well as their families through new employer limitations to exclude health coverage for any preexisting condition, providing new rights to those who end up losing coverage to access group health plan and to ban discrimination that is based on preexisting conditions of the employees. This act was put in place back in 1996 and also protects patient medical information electronically stored or paper stored. This is through the HIPAA Privacy Rule and the Security Rule implemented by HHS.
The ORC, Office of Civil Rights under HHS, Health Human Services investigates any violations of the act through filed complaints. It is the HIPAA enforcement agency and determines the penalties for every situation where a violation has taken place. The penalties are based on the act of 2009 American Recovery and Reinvestment Act. Most employers and employees do not clearly understand the violation fines yet it is very important information especially for growing businesses.
HIPAA violation fines
The civil penalty amount will usually be dependent on the harm extent resulting from the act violation. It can also be calculated depending on whether the violation willfully or unknowingly occurred and whether it was timely corrected or not. In essence, any unknowing negligence needs to be corrected in as short as 30 days from OCR notice. The most common HIPAA violation fines examples are:
- First time violation unknowingly committed – the fine for this kind of violation can be from $100 to around $50,000
- Willful negligence violation timely corrected – for this kind of violation, the resulting fine stands from $10,000 to $50,000 maximum
- Willful negligence violation not corrected – in case the willful negligence is not corrected within the given time limit of 30 days, the fine cannot be anything less than $50,000. It is the heftiest of all violation fines under the act.
Covered entities can end up suffering serious criminal consequences under the Privacy Rule. The rule protects patient information of health from any disclosure. Any deliberate disclosure can therefore amount to prosecution by the Department of Justice. The fine for the violation is usually $50,000 coupled with 1 year in jail. In case the private information is sold or transferred, the violation could amount to 10 years in jail and $250,000.
If you run a business, it is important to understand the HIPAA act and to comply to avoid the personal and financial penalties that come with violations of the set rules. Insurance adjusters, healthcare professionals as well as other covered entities must be dedicated to ensuring that no circumstance leads to compliance failure. This is because it could have drastic negative effects to a business financially as also as far as credibility goes. It becomes easier for you as a business to keep up with the given acts when you are fully aware of the consequences. Complying can make a huge difference in business prowess and business failure.
HIPAA Law cannot be taken for granted by any small business. The simple set of rules ensures that you and your business are on the right side of the law. This can save the business or company from lots of avoidable losses.
Hipaa Attorney, Hipaa Lawyer