A 1996 American federal law designed to prevent disclosure of sensitive patient health information without the patient’s consent or knowledge. It allows American workers and families to continue health coverage by transferring their health insurance when they lose or change jobs. It requires confidential handling of Protected Health Information (PHI) and reduces healthcare fraud and abuse. It also establishes the standards for health care information on electronic billing and related processes.
HIPAA Non-Compliance includes penalties and/or enforcement rules (corrective action plans on covered entities who fail to comply), from the Department of Health and Human Services’ Office of Civil Rights (OCR) and the State’s Attorney General. These act as a deterrent to prevent any violations with a 4 tier structure for fines from $100 per violation up to $50,000 per violation (see image below). But fines can reach $1.5M/year!