The Department of Health and Human Services (HHS) recently
published a final
rule increasing the civil monetary penalties for violations of laws
enforced by HHS, including the HIPAA privacy
and security
rules.
HHS is required to adjust these penalties for inflation each year
to improve their effectiveness and maintain their deterrent effect. The new
penalty amounts are effective for penalties assessed on or after Jan. 17, 2020.
2020 HIPAA Civil Penalties
HHS may assess civil penalties when it discovers a HIPAA
violation. The penalty amount depends on the facts involved.
·
For violations where the covered entity does not
know about the violation
(and by exercising reasonable diligence, would not have known about the
violation), the penalty amount is between $119 and $59,522 for each violation.
·
If the violation is due to reasonable cause, the
penalty amount is between $1,191 and $59,522 for each violation.
·
For corrected violations that are caused by
willful neglect, the penalty amount is between $11,904 and $59,522 for each
violation.
·
For violations caused by willful neglect that
are not corrected, the penalty amount is $59,522 per violation, with an annual
cap of $1,785,651 for all violations of an identical requirement.
Source: Zywave, 2020.
No comments:
Post a Comment