Anyone who is a health care professional or facility or dealing with a health care professional or facility should aware of legal provisions defined by Health Insurance Portability and Accountability Act (HIPAA). The violation of (HIPAA) carries civil and criminal penalties.  

Penalties for HIPAA Violations.

The U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. DOJ covered entities and specified individuals, who "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penalties to be increased to a $100,000 fine, with up to five years in prison.

Alongside that offense submitted with the aim to move, utilize and exchange the Identifiable data of the patients for individual increase business advantage or utilized for malevolent exercises. Such exercises allow the fine of up to @ 250,000 and detainment for up to 10 year

Increase in Civil Penalties for HIPAA Violations.

The "American Recovery and Reinvestment Act of 2009"(ARRA), that was marked into law in 2009, sets up a layered common punishment for HIPAA infringement. The Secretary of the Department of Health and Human Services (DHHS) still has carefulness in deciding the measure of the punishment dependent on the nature and degree of the infringement and the nature and degree of the mischief coming about because of the infringement.

The accompanying graph plots the ARRA layered common punishment structure for HIPAA Violation.

Who Can Be Held Liable for HIPAA Violations?

The DOJ reasoned that the criminal punishments for infringement of HIPAA are straightforwardly relevant to secured substances—including wellbeing designs, human services clearinghouses, medicinal services suppliers who transmit asserts in the electronic frame, and Medicare professionally prescribed medication card supports. People, for example, chiefs, representatives, or officers of the secure element, where the secured substance isn't an individual, may likewise be straightforwardly criminally subject under HIPAA as per standards of "corporate criminal obligation." Where a person of a secure element isn't specifically at risk under HIPAA, he/she can, in any case, be accused of intrigue or supporting and abetting.

What is the Definition of "Knowingly?"

The DOJ (Department of Justice) explained the "intentionally" element of the HIPAA statute for criminal liability as requiring only knowledge of the actions that establish an offense. Specific information of an action being in violation of the HIPAA law is not required.


HIPAA Violations Can Lead to Medicare Exclusion.

DHHS has the powers to expel a Health Care Provider infringing upon HIPAA laws from the Medicare Program and any secured substance that isn't consistent with the exchange and code set models by October 16, 2003 (68 Fed. Reg. 48805).

This is an amazing asset. Medicare rejection can be a capital punishment for a social insurance supplier.

What Agencies Enforce HIPAA Regulations?

The privacy standard enforcement comes under the domain of The HHS Office for Civil Rights (OCR), However, the Centers for Medicare & Medicaid Services (CMS) domain is to ensure that both the transaction and code set standards and the security standards such. The civil and monetary provisions have not been enforced by any agency.

For more information on implementation of the privacy standards, click here.