The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was a groundbreaking law. It created standards for privacy practices at health care facilities and any businesses with access to individuals’ protected health information (PHI). Patients can now trust in proper privacy practices and can trust that a doctor won’t share their records without explicit written permission.
Businesses should train their employees about the appropriate use of PHI and have systems in place to protect the privacy and medical records of their patients or clients. Sometimes, a health care provider will face accusations that they violated someone’s privacy rights and are therefore not compliant with HIPAA.
What penalties are possible for health care providers who don’t properly protect the PHI of their patients?
THE TYPE OF VIOLATION DETERMINES THE PENALTY
There are four different tiers of HIPAA violations. The more serious the violation, the bigger the penalties possible. Businesses and health care providers that adhere to best practices and were unaware of the violation could face a $120 minimum penalty that could increase to more than $60,000 per violation.
A tier 2 offense occurs when the business should reasonably know about the violation. The minimum penalty increases to $1,205 per infraction, while the maximum penalties remain the same. In a tier 3 offense, there was willful neglect, although the business took steps to correct the violation within 30 days of discovering it. The minimum and maximum penalties remain the same for tier three, but the actual penalties assessed are likely to be higher than they would be for a tier 1 or tier 2 violation.
A tier four violation involves both willful and neglect and a failure to resolve the issue within 30 days of discovering it. The minimum penalty per infraction increases to $60,226, while the maximum penalty per violation increases to more than $1,800,000.
DEFENDING AGAINST HIPAA VIOLATIONS WILL PROTECT YOUR PRACTICE
Depending on the extent of the alleged violation and how many patients it affected, a violation and the financial penalties it causes could force your medical practice out of business or make you uninsurable in the future.
Defending against accusations that could affect your health care practice, insurance or licensing may require some investment but will benefit you and all of your patients in the long run.