HIPAA, the Health Insurance Portability and Accountability Act of 1996, spells out rules and regulations for the privacy and protection of individually identifiable health information. The HIPAA Privacy Rule and the HIPAA Security Rule establish standards related to the implementation of physical, administrative, and technical safeguards to ensure that PHI or Protected Health Information is handled with the utmost confidentiality and integrity.
The failure to adhere to the regulations established under HIPAA can lead to criminal and civil penalties, followed by progressive disciplinary actions. These penalties apply to to healthcare entities, as well as individuals.
The reckless or intentional failure to comply with the rules set forward under HIPAA is what is referred to as “Willful Neglect.” Violations, as a result of willful neglect, can carry severe penalties, civil or criminal depending on the exact facts of the case.
Case in point
In early 2011, the HHS (The Department of Health and Human Services) levied a fine of $4.3 million on an entity named Cignet Health Center for willful neglect. What’s unique about this case is that the entity was not fined for breach of privacy.
Read the rest of this post »