Enforcement of the HIPAA privacy, security and breach notification rules is delegated to the HHS Office for Civil Rights, in collaboration with the U. S. Department of Justice. There are four tiers of civil penalties that could be imposed upon covered entities, as defined by the HIPAA Administrative Simplification laws in the event of any HITECH violations relating to breach of medical information. HHS recently revised the amounts of potential penalties, which took effect on April 30, 2019.
Categories of Violations and Respective Penalty Amounts Available
Did not know a violation occurred
Violation due to reasonable cause and not willful neglect
Violation due to willful neglect but corrected
Violation due to willful neglect and not corrected
The information contained in this article is provided as general guidance and may be affected by changes in law or regulation. This article is not intended to replace or substitute for accounting or other professional advice. Please consult a CBIZ professional. This information is provided as-is with no warranties of any kind. CBIZ shall not be liable for any damages whatsoever in connection with its use and assumes no obligation to inform the reader of any changes in laws or other factors that could affect the information contained herein.
Access articles and tools to help your business generate cash, improve leverage, and align & transform as you recover from the pandemic.
Access all COVID-19 related articles to help your business respond to the pandemic.