A breach is, generally, an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information. According to HHS.gov, failure to comply with HIPAA can also result in civil and criminal penalties. If a complaint describes an action that could be a violation of the criminal provision of HIPAA, Office of Civil Rights (OCR) may refer the complaint to the Department of Justice (DOJ) for investigation.
Administrative Simplification Regulations, face a fine of up to $50,000, as well as imprisonment of up to 1 year. Offenses committed under false pretenses allow penalties to increase into a $100,000 fine, with up to 5 years in prison.
- Definition of “breach.”
- Is your HIPAA breach reportable?
- The three exceptions to the definition of “breach.”
- Who can be held liable
- Breach notification requirements by covered entities
- Breach notification by a business associate
- Four different categories and penalties
- HIPAA violations and exclusions from Medicare
- Review of HIPAA breach cases
- How to report a HIPAA violation
- Solutions for Safeguarding your HIPAA – “going forward.”
- Medical Practice Employees
- Hospital Staff
- Compliance Officials
- Medical Societies
- Healthcare training organizations
- Business Associates