Penalties for Violating HIPAA Regulations
General Failure to Comply (Civil)
Each violation: $100
Maximum penalty for all violations of an
identical requirement: $25,000.
Incidental. disclosure of individually
identifiable health information
Knowing disclosure: $50,000,
imprisonment of not more than one year or both.
Disclosure under false pretenses:
$100,000, imprisonment of not more than 5 years or both.
Disclosure for profit, gain, or harm:
$250,000, imprisonment of not more than 10 years or both.