Most people are aware that violating the Health Insurance Portability and Accountability Act (HIPAA) can result is high fines. However, violating HIPAA is a criminal offense that can carry jail time or probation. Consider the three main criminal penalties.
1. If a person knowingly receives and distributes confidential patient information, they could receive a one-year prison sentence in addition to a $50,000 fine.
2. If an individual obtains patient data by lying or any other false pretense, they could serve one year in prison and be required to pay a $100,000 fine.
3. Retrieving patient information for personal or commercial gain, to defame a person or for any other malicious reason carries a penalty of 10 years in jail and a $250,000 fine.
The criminal charges are not just threats meant to deter would-be violators. Each year criminal charges are brought against individuals violating HIPAA statutes. For example, an employee at a hospital in Miami, Fla. was caught stealing patient data as part of an identify theft scheme. The person was sentenced to two years in prison.
In another case, two hospital employees and a doctor were sentenced to one year probation after leaking information about a murdered TV reporter to the media.
Don’t risk it. Make sure your employees know the consequences of HIPAA violations.