Health Insurance Portability and Accountability Act (HIPAA) was created to protect your patients and their Protected Health Information (PHI). It is a sliding scale – the more compliant you are (or attempt to be) the less likely you are to be in violation of it.
HOW CAN YOU COMPLY?
- Training – Get trained yearly by a professional organization that fully understands HIPAA and will keep you abreast of all new changes and manage your documentation
- Technology – Implement a technology protocol that is specific to your network
- Documentation – You must have a handbook establishing policies and procedures
Penalties and Fines - Penalties for an infraction can vary and are dependent of factors such as date of violation, whether the entity knew or should have known of the failure to comply, or whether the covered entity’s failure to comply was due to willful neglect
|For violations prior to 2/18/2009||For violations occurring on or after 2/18/2009|
|Penalty Amount||Up to $100 per violation||$100 to $50,000 or more per violation|
|Calendar Year Cap||$25,000||$1,500,000|
A penalty will not be imposed for violations in certain circumstances, such as if:
- The failure to comply was not due to willful neglect, and was corrected during a 30-day period after the entity knew or should have known the failure to comply had occurred
- The Department of Justice has imposed a criminal penalty for the failure to comply
Understanding HIPAA – Visit the US Department of Health & Human Services to learn more about protecting your practice, patients, and the technology that supports it all.