The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established national standards for electronic healthcare transactions and identifiers. The HITECH Act modernized and strengthened HIPAA's privacy and security provisions due to increased data breaches. Under HIPAA, a breach is defined as the unauthorized acquisition, access, use or disclosure of unsecured patient health information. HIPAA fines for noncompliance can be up to $100 per violation with a yearly maximum of $25,000, while willful violations carry stiffer penalties including imprisonment.

1. HIPAA and HIM Security21 AUG 2011

2. HIPPAHealth Information Portability and Accountability Act (HIPAA) of 1996 Established by the Department of Health and Human Services (HHS) to provide national standards for:Electronic health care transactionsNational identifiers for providers, health plans, and employers.

3. HIPAAHIPAA established standards for electronic health information transactions for certain electronic healthcare transactions, including claims, enrollment, eligibility, payment, and coordination of benefits. These standards also mandate that organizations address the security of electronic healthcare information systems (CMS, 2010).

4. HITECH ActThe Health Information Technology for Economic and Clinical Health (HITECH) Act HITECH modernizes existing HIPAA standards for healthcare privacy and security measures Enhances HIPAA provisions due to the increased incidence of violations and security breaches of health information

5. HIPAA Breach Notification RuleAffects the unauthorized acquisition, access, use or disclosure of unsecured patient health data and information as a result of a security breach (AMA, 2010)This Rule does not replace existing HIPAA privacy regulations that permit providers to exchange or collect patient information within certain limits of their practice

6. DATA Breach DefinedA breach per the AMA (2010) can be defined as:The acquisition, access, use, or disclosure of unsecured patient health information which is not permitted by the HIPAA Privacy Rules and compromises the security or privacy of that information

7. Legal ActionHHS can impose fines for noncompliance as high as $100 per offense, with a maximum of $25,000 per year on any person who violates a provision of the HIPAA rule Under "Wrongful Disclosure of Individually Identifiable Health Information," Section 1177 states that a person who knowingly:uses or causes to be used a unique health identifier obtains individually identifiable health information relating to an individualdiscloses individually identifiable health information to another personCorporate Author. (2011). HIPAA Violations: HIPAA Fines and HIPAA Penalties for Non-Compliance. Retrieved 21 AUG 2011, from http://www.training-hipaa.net/hipaa_resources/Violation_Penalties.htm

8. Legal Action shall be fined not more than $50,000, imprisoned not more than 1 year or bothif the offense is committed under false pretenses, be fined not more than $100,000, imprisoned not more than 5 years or both; and if the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, be fined not more than $250,000, imprisoned not more than 10 years, or both. Corporate Author. (2011). HIPAA Violations: HIPAA Fines and HIPAA Penalties for Non-Compliance. Retrieved 21 AUG 2011, from http://www.training-hipaa.net/hipaa_resources/Violation_Penalties.htm

9. ReferencesAMA. (2010). What You Need to Know About the New HIPAA Breach Notification Rule. Retrieved 21 AUG 2011, from http://www.ama-assn.org/ama1/pub/upload/mm/368/hipaa-breach.pdfCorporate Author. (2011). HIPAA Violations: HIPAA Fines and HIPAA Penalties for Non-Compliance. Retrieved 21 AUG 2011, from http://www.training-hipaa.net/hipaa_resources/Violation_Penalties.htmCMS. (2010). CMS Information Security (IS) Virtual Handbook. Retrieved. 21 AUG 2011, from http://www.cms.gov/informationsecurity/01_overview.aspRinehart-Thompson, L. (2009). Redefining the Health Information Management Privacy and Security Role. Retrieved 21 AUG 2011, from http://perspectives.ahima.org/index.php?option=com_content&view=article&id=146:redefining-the-health-information-management-privacy-and- security- role&catid=47:privacy-and-security&Itemid=91