HHS to Tier HIPAA Breach Fines Based on Level of Culpability


Late on Friday, March 26, the Department of Health and Human Services (HHS) published a Notice of Enforcement Discretion Regarding HIPAA Civil Monetary Penalties. Essentially, HHS has updated the maximum dollar amount it will penalize health care providers and plans for HIPAA breaches.

The new annual limits for fines are based on the organization's 'level of culpability' associated with the HIPAA violation. Maximum annual fines for the most egregious HIPAA breaches, those involving 'willful neglect' that are not corrected, remain at $1.5 million. But maximum annual penalties for three lower tiers of breaches, which had also been at $1.5 million since 2009, are being reduced significantly.

The updated annual caps for each tier now look like this:

The updated annual caps are effective immediately and indefinitely but will be subject to future rulemaking to amend the regulations, according to the notice.

This means that organizations who have taken measures to meet HIPAA's requirements will face much lower maximum penalties than those who are found neglectful.

This would be a good time for organizations sponsoring group health plans (or anyone who handles Protected Health Information) to review their current privacy practices and ensure that they are doing everything appropriately regarding handling of Protected Health Information of their plan participants.

Posted 10:00 AM

Share |


No Comments


Post a Comment
Name
Required
E-Mail
Required (Not Displayed)
Comment
Required


All comments are moderated and stripped of HTML.
Submission Validation
Required
CAPTCHA
Change the CAPTCHA codeSpeak the CAPTCHA code
 
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013


View Mobile Version