 |
 |
 |
 |
 |
 |
The act further requires that standards be set and enforced for the protection of confidentiality and the security of personal health information. Healthcare organizations must have documented policies defining the security measures that have been instituted to prevent unauthorized access to personal health information. Personal health information can include such items as medical history, notes, appointment memos, phone messages, x-rays, claims forms, insurance information, prescription information, diagnosis and more, Healthcare organizations must take action to ensure compliance with HIPPA guidelines. The penalties enforced on companys violating HIPPA are severe. Each health organization failing to comply can be fined up to $100 per violation and up to $25,000 per year for all violations of a given standard. That is for EACH violation. A lost or misplaced list of patients, for instance, could be thousands of names long and could result in hundreds of thousands of dollars in penalties. Criminal penalties also apply to anyone releasing or receiving protected health information without the proper approvals. These penalties can include a prison term for one to five years and fines ranging from $50,000 to $100,000. Anyone releasing protected health information for money or to cause someone harm intentionally could be fined up to $250,000 and be imprisoned for up to ten years.
|
|
