What are the potential penalties for a HIPAA violation?

The Health Insurance Portability and Accountability Act (HIPAA) provides federal standards for the privacy and security of personally identifiable medical information. A person who knowingly violates the provisions of HIPAA may be subject to a fine of $50,000 and / or 1 year in prison for each offense. If the offense was committed under false pretenses then the fine may be raised to $100,000 and the prison term may be increased to 5 years in prison. Finally, for the most egregious HIPAA violations where the offense was committed with the intent to sell, financially benefit or maliciously use someone’s personally identifiable medical information the fine can be raised to $250,000 and the prison term may be increased to 10 years in prison. Smaller civil fines of around $100 per violation may also be imposed.

The information on this page is meant to provide a general overview of the law. The laws in your state and/or city may deviate significantly from those described here. If you have specific questions related to your situation you should speak with a local attorney.

Additional Health Insurance Articles

Search LawInfo's Health Insurance Resources