Not Worried About Your Patients? Then Worry About Your Bottom Line

Not Worried About Your Patients? Then Worry About Your Bottom Line

by ih-coc admin

We’re always talking about how not complying with HIPAA regulations badly affects patients. Their data is exposed to malicious entities. Their trust in your organization wanes. Even if you’re not worried about the moral implications or your public perception, the fact is you’re not off the hook for noncompliance. There are severe penalties for not following the rules. And that’s what we’ll be discussing in today’s article.

A Breakdown of HIPAA Fines

Penalties for HIPAA noncompliance are broken down into four categories of fines:

  1. Willful neglect with no corrective action taken.
  2. Willful neglect with corrective action taken.
  3. Reasonable cause for noncompliance.
  4. No knowledge of noncompliance.

Each level of noncompliance comes with its own financial penalty for your company or organization. Let’s take a closer look at what each one means, and what its penalty is.

Willful Neglect with No Corrective Action

This is by far the most severe form of noncompliance, and therefore comes tagged with the harshest of government fines. From a legal standpoint, willful neglect is defined as a "conscious, intentional failure or reckless indifference.” If you work in the healthcare industry, there’s a good chance you’ve at least heard of HIPAA. We’ve reached a point where it is very difficult for organizations to claim ignorance of it. If it looks as though you haven’t even bothered to make the necessary changes, there’s a good chance you could be hit with this very serious charge. It comes with a nasty $50,000 minimum penalty for each violation, and can cost your organization up to a whopping $1,500,000 annually.

Willful Neglect with Corrective Action

If a company or organization is found guilty of willful neglect as defined above, resolving the noncompliance issue in a timely fashion will reduce the associated penalty. It’s still a hefty price that’s nothing to sneeze at however, and your best option of course is to comply with the regulations in the first place. After making the necessary changes, you could instead be hit with a $10,000 penalty for each violation, up to a maximum of $250,000 annually. The difference isn’t negligible at least, and is greatly preferable to ignoring the problem - both for your patients and for your company’s bottom line.

Reasonable Cause

The legal definition for reasonable cause in regard to HIPAA compliance is as follows:

“An act or omission in which a covered entity or business associate knew, or by exercising reasonable diligence would have known, that the act or omission violated an administrative simplification provision, but in which the covered entity or business associate did not act with willful neglect.” While not as serious as “willful neglect,” it still comes with a heavy price tag of $1,000 for each violation and up to $100,000 annually.

No Knowledge

Noncompliance is to be considered “without knowledge” if the covered entity or individual did not know (and by exercising reasonable diligence would not have known) the action in question was a HIPAA violation. This is incredibly common, and is a huge culprit for many violations. This is why it is especially important to train your employees and make absolutely certain everyone knows and follows the regulations. Not rigorously training - and refreshing - your employees in HIPAA compliance can cost you $100 for every single violation, and up to $25,000 a year in damages. Teaching your staff the right way of doing things, taking the right precautions and putting processes in place will help you best to avoid these fines.

Remember, there can be hefty fines for not following regulations. But most importantly, it’s important to protect the people you’re serving. Their lives are in your hands. Let us help you help them - and yourselves.  Give us a call today at 800-733-6379 for a free, no obligation, initial consultation.