If the old HIPAA penalty rules confuse you, do not expect too much from the new; it’s just a little bit better than the old one.
HSS issued interim final rule with request for comments under the HITECH Act review 30 October 2009. The HITECH growth requires HHS to develop new penalties for violations of the same health security to take place on February 18, 2009. According to HHS, Regulation shall enter into force on 30 November 2009, which will consider comments until 29 December this year.
as the proposed new rule, violations would be punished range corresponding to the break did or did not: if he did not break, he would be punished at $ 100 to $ 50,000 per violation; if the violation occurred due to reasons, the penalty would be $ 1,000 to $ 50,000 per violation. The penalty would be between $ 10,000 and $ 50,000 per violation if it was deliberate negligence. And if it was not corrected, the minimum penalty is $ 50,000 per violation.
According to Robert Mark Charette, in cooperation with Gilliland & Mark Charette LLP, one of the less clear areas HITECH act, the penalties. She adds: “The way the law was worded made it sound like the high end of the sanctions was basically the same for all violations, that does not make much sense.”
This may indeed be the case, but you should keep in mind that one can be punished at the low and high ends of the exact amount of $ 50,000 per violation; HHS has tried to come up with a more rationale plan for civil penalties.
Mark Charette says “HHS should have organized it so that each tier ends of the floor below the first tier, although I understand that they felt bound by the law in their hands. It will be interesting to see how the penalties under this range play out . “
Sanctions are subject to the overall cap of $ 1.5 million for any violation of such provision year. It is about 6000% increase in the maximum penalty agency or provider pay for HIPAA violations.