The U.S. Department of Health and Human Services (HHS) has issued revised monetary-penalty limits for Health Insurance Portability and Accountability Act (HIPAA) violations by covered entities. Under the revisions, the maximum annual penalty for violations per tier of culpability would be:
|Culpability||Old Annual Limit||New Annual Limit|
|Willful Neglect - Corrected||$1,500,000||$250,000|
|Willful Neglect - Not Corrected||$1,500,000||$1,500,000|
While each tier is capped, an entity can violate multiple tiers depending on the circumstances of violation. Accordingly, the Office of Civil Rights (OCR) can issue penalties up to the annual limit for more than one tier.
TAKEAWAY: The revised monetary-penalty limits are consistent with the decreased enforcement activity we have seen from the OCR in the last few years.