What Happens If You Violate HIPAA?

HIPAA violation. These are the two words that every physician and medical professional dreads hearing because of the serious penalties that a single HIPAA violation can incur. While there is sometimes leniency for smaller practices, just one violation of this law can devastate the finances of any healthcare provider.

In this article, we’ll take a quick look at the basics of HIPAA and what happens when HIPAA violations occur.

What Is HIPAA?

HIPAA stands for the Health Information Portability and Accountability Act of 1996. This piece of legislation established rules, regulations, and guidelines for the protection of Protected Health Information (PHI).

The HIPAA Privacy Rule and Security Rules are what most people associate with HIPAA. Together, these two rules create a set of protocols that govern the administration, protection, sharing, and safety of PHI.

Failure to protect PHI adequately – or intentional violations of HIPAA protocols – can result in massive fines, as well as other civil penalties. Criminal charges can even be brought against violators, in some cases, if malicious intent can be proven.

What Happens When HIPAA Is Violated?

The penalties for a HIPAA violation are expensive. Usually, a penalty will be assessed and levied by the Department of Health and Human Services’ Office for Civil Rights (OCR), in partnership with the attorney general for the state.

The penalty is usually assessed per violation, or per record which was exposed. Depending on the level of negligence or malicious intent, these fines can range from $100-$50,000 per violation.

In addition, any practice or healthcare provider that violates HIPAA or is guilty of noncompliance will be responsible to adopt a corrective action plan. They will have to implement policies and procedures that bring their business up to the standard which HIPAA requires – and this can often be quite expensive.

Keep Your Practice Safe – Don’t Violate HIPAA

It’s a good idea to familiarize yourself with HIPAA compliance guidelines, or even hire an outside consultant to ensure that you are not violating any HIPAA provisions by mistake. While this can be expensive, it’s well worth it. You can ensure that your patient’s data is protected and avoid steep fines and potential civil charges from violation of HIPAA guidelines.

An ounce of prevention is better than a pound of cure – and as doctors, we should all know that maxim by heart. Do your best to prevent HIPAA violation altogether. It’s worth the investment.