1.1.4 HIPAA Violations

HIPAA infractions are relatively frequent. In truth, even a capable healthcare facility will occasionally encounter minor HIPAA breach incidents. However, offenses might also be quite severe, causing serious issues for both patients and medical clinics.

Therefore, every doctor’s office must stay current with the changing HIPAA requirements because regulation non-compliance can be quite expensive as the fines can reach millions.

But what are HIPAA violations?

Any violation of a HIPAA standard or provision is considered a HIPAA violation. CFR parts 160, 162, and 164 contain descriptions of these requirements and rules.

A violation occurs when PHI is acquired, accessed, used, or disclosed in a way that places a patient at a high risk of harm to themselves.

Some violations are listed below:

• Unauthorized disclosure of PHI
• PHI unauthorized access
• Improper destruction of PHI
• Failure to do risk analyses when necessary
• Theft of PHI and medical records
• Failure to effectively manage threats to the availability, confidentiality, and integrity of patient health information
• Improperly mailing or handling PHI
• Failure to develop and use security measures to protect PHI’s privacy, accuracy, and availability
• PHI transmission by text message
• Inappropriately securing PHI from unwanted access through encryption.
• Failure to get into a HIPAA-compliant business contract with suppliers before granting them access to PHI.

HIPAA infractions are subject to harsh penalties. In some cases, judges have imposed fines totaling millions of dollars. Moreover, some people who break HIPAA rules may spend up to ten years in prison.