2. Patients, even celebrity patients, have
every right to privacy just as anyone else.
Being a medical professional does not
justify your breaching privacy and
confidentiality laws
Deliberate breaches of privacy and
confidentiality of patients could result in
immediate dismissal per policy
3. HIPAA violations are very serious and
could not only result in termination, but
also civil AND criminal penalties.
4. HIPAA Violation Minimum Penalty Maximum Penalty
Individual did not know
(and by exercising
reasonable diligence
would not have known)
that he/she violated
HIPAA
$100 per violation, annual
maximum of $25,000 for
repeat violations
$50,000 per violation, with
an annual maximum of
$1.5 million
HIPAA violation due to
reasonable cause and
not due to willful neglect
$1,000 per violation, with
an annual maximum of
$100,000 for repeat
violations
$50,000 per violation, with
an annual maximum of
$1.5 million
HIPAA violation due to
willful neglect but
violation is correct within
the required time period
$10,000 per violation, with
an annual maximum of
$250,000 for repeat
violations
$50,000 per violation, with
an annual maximum of
$1.5 million
HIPAA violation is due to
willful neglect and is not
corrected
$50,000 per violation, with
an annual maximum of
$1.5 million
$50,000 per violation, with
an annual maximum of
$1.5 million
(American Medical Association, 2013)
5. “Those who „knowingly‟ obtain or disclose
individually identifiable health information in
violation [of HIPAA] face a fine of up to $50,000,” as
well as 1 year in prison
“Offenses committed under false pretenses” face
fines of $100,000 and up to 5 years in prison
“Offenses committed with intent to sell, transfer, or
use individually identifiable health information
for…personal gain or malicious harm” face
$250,000 fines and up to 10 years in prison.
(American Medical Association, 2013)
6. Curiosity does not qualify as a necessity to
view patient medical information
Patient medical information should only be
accessed to deliver appropriate medical
care and billing purposes
Do not ever go into a patient‟s chart you
are not personally treating or have a valid
reason to do so.
Record access can be tracked and
punitive action will occur for HIPAA
violations
7. Sharing your password leaves you
vulnerable to others‟ actions
If you share your password, you are also
liable for the actions of those who use
your password
If that person has committed a violation,
it will result in punitive action for both
parties
8. Whenever you are logged into to your
workstation, ALWAYS secure it before
you walk away
This will protect you from being liable if
someone else were to use your
workstation while you are logged in
If you do not secure your station, you are
liable for the actions of those who use it
9. American Medical Association. (2013).
HIPAA violations and enforcement.
Retrieved June 26, 2013 from
http://www.ama-
assn.org//ama/pub/physician-
resources/solutions-managing-your-
practice/coding-billing-
insurance/hipaahealth-insurance-
portability-accountability-act/hipaa-
violations-enforcement.page