What are the potential penalties for a HIPAA violation?
The Health Insurance Portability and Accountability Act (HIPAA) provides federal standards for the privacy and security of personally identifiable medical information. A person who knowingly violates the provisions of HIPAA may be subject to a fine of $50,000 and / or 1 year in prison for each offense. If the offense was committed under false pretenses then the fine may be raised to $100,000 and the prison term may be increased to 5 years in prison. Finally, for the most egregious HIPAA violations where the offense was committed with the intent to sell, financially benefit or maliciously use someone’s personally identifiable medical information the fine can be raised to $250,000 and the prison term may be increased to 10 years in prison. Smaller civil fines of around $100 per violation may also be imposed.