Health Insurance Portability and Accountability Act of 1996 (HIPAA)

The United States Department of Health and Human Services developed standards and requirements for the maintenance and transmission of health information that identifies individual patients.

HIPAA will have a major, ongoing impact on healthcare providers.

The HIPAA compliance deadline is April 14, 2003. The Department of Human Services for Civil Rights is responsible for enforcing the privacy regulations which will carry significant criminal and civil penalties.

General penalty for failure to comply is $100 for each violation. Maximum penalty for all violations of an identical requirement may not exceed $25,000.

Wrongful disclosure of individually identifiable health information is $50,000, imprisonment of not more than one year or both.

Offense under false pretenses is $100,000, imprisonment of not more than 5 years or both.

Offense with intent to sell information is $250,000, imprisonment of not more than 10 years or both.