The Fastest, Easiest Way to Get Personal Injury Help

We Connect You - 1000's of Injury & Accident Victims With Attorneys

We Inform You - FAQs, Lawyer Directory, Specific Claim & Accident Topics


Definition - What does HIPAA mean?

Enacted August 21, 1996, by the United States Congress and signed into law by President Bill Clinton, HIPAA or the Health Insurance Portability and Accountability Act has two main goals: protect workers health insurance coverage when workers change or lose their jobs, and established national standards for the transmission of electronic health data (i.e. a patient’s medical records and personal health information) by health insurance companies, doctors, hospitals and employers.

What information is protected under HIPAA?

The HIPAA privacy rule protects individually identifiable health information when it is held or transmitted through any type of media including paper, oral, or electronic forms of communication. Information which is protected includes information about the patient’s health condition, the provision of health care to the patient, or other identifying elements such as their name, birth date, address, or Social Security number.

Penalties for non-compliance

Businesses which do not comply with HIPAA regulations may face penalties for wrongful disclosure of individually identifiable health data. For instance, general penalties can include forced payment of up to $100 for each violation; or $25,000 maximum penalty for all violations of an identifiable requirement.

If the U.S. Department of Health and Human Services believes the disclosure is intentional or criminal they can assess more severe penalties for violations including a $50,000 fine and imprisonment of not more than one year; a $100,000 fine or imprisonment of not more than five years, or both for offense under false pretenses; or a $250,000 fine or imprisonment of not more than ten years, or both for an offense with intent to sell information.

Reporting HIPAA Violations

Complaint for non-compliance can be reported to the Office for Civil Rights. The OCR is responsible for investigating HIPAA complaints. The OCR works diligently with the violating party to provide technical assistance and seek a voluntary resolution to meet compliance standards.

If the Office for Civil Rights is unable to find a voluntary solution or the business is not willing to comply with the rules outlined under the Health Insurance Portability and Accountability Act penalties will be assessed.

HIPAA violation complaints must be submitted in writing to the OCR and must include a description of the HIPAA violation. They also must be filed within 180 days of when the violation occurred or when the complainer should have known that the violation occurred. The OCR may waive the 180-day time limit for good cause.

Previous Entry

Gross Negligence

Glossary of Legal Terms

Share this article with a friend

Browse Legal Glossary Alphabetically:

1 | # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z | ALL

Like the Glossary? Please share or like it!