The Health Insurance Portability and Accountability Act of 1996 (HIPAA), spells out rules for the privacy and protection of health information. The HIPAA Privacy and Security Rules establish standards for implementing physical, administrative, and technical safeguards to ensure that Protected Health Information (PHI) is handled with the utmost confidentiality and integrity.
The failure to adhere to the regulations established under HIPAA can lead to criminal and civil penalties, followed by progressive disciplinary actions. These penalties apply to healthcare entities, as well as individuals.
The reckless or intentional failure to comply with the rules set forward under HIPAA is called “Willful Neglect.” Violations, as a result of willful neglect, can carry severe penalties, civil or criminal depending on the exact facts of the case.
Case in point
In early 2011, the HHS (The Department of Health and Human Services) levied a fine of $4.3 million on an entity named Cignet Health Center for willful neglect. What’s unique about this case is that the entity was not fined for breach of privacy.
Read the rest of this post »