HHS lowers monetary penalties for HIPAA violations

HHS has changed its regulations for civil monetary penalties (CMP) under the Health Insurance Portability and Accountability ACT of 1996 (HIPAA), effectively lowering penalties across four categories of violations.

Instead of an annual upper limit of $1.5 million, the CMP limit is lowered to $25,000 when the affected party had "no knowledge" in a violation under the changes. 

The change enforces different CMP limits across the four penalty tiers outlined in the Health Information Technology for Economic and Clinical Health (HITECH) Act. Current regulations maintain the same CMP limit for all penalties. 

The $1.5 million cap remains in place for HIPAA violations with "will neglect–not corrected," while the cap for parties with violations of "reasonable cause" is lowered to $100,000 annually and the "will neglect–corrected" cap is lowered to $250,000.

HHS plans to use the new penalty tier structure going forward, with adjustments for inflation, according to the agency.

HIPAA violations that expose patient data can be costly incidences for healthcare providers for a variety of reasons. Last year, three hospitals in Boston paid nearly $1 million to settle HIPAA violation accusations over the filming of a television documentary series without receiving patient authorization.

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”