Penalties for Violating HIPAA Regulations

General Failure to Comply (Civil)

• Each violation: $100
• Maximum penalty for all violations of an identical requirement: $25,000.

Incidental. disclosure of individually identifiable health information

• Knowing disclosure: $50,000, imprisonment of not more than one year or both.
• Disclosure under false pretenses: $100,000, imprisonment of not more than 5 years or both.
• Disclosure for profit, gain, or harm: $250,000, imprisonment of not more than 10 years or both.