HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA), a U.S. federal regulation, has been mandated to provide national standards and procedures for the storage, use, and transmission of personal medical information and health care data. This regulation provides a framework and guidelines to ensure security, integrity, and privacy when handling confidential medical information. HIPAA outlines how security should be managed for any facility that creates, accesses, shares, or destroys medical information.
People’s health records can be used and misused in different scenarios for many reasons. As health records migrate from a paper-based system to an electronic system, they become easier to maintain, access, and transfer, but they also become easier to manipulate and access in an unauthorized manner.
Penalties under HIPAA
HIPAA mandates steep federal penalties for noncompliance. 
  • If medical information is used in a way that violates the privacy standards dictated by HIPAA, even by mistake, monetary penalties of $100 per violation are enforced, up to $25,000 per year, per standard.
  • If protected health information is obtained or disclosed knowingly, the fines can be as much as $50,000 and one year in prison. 
  • If the information is obtained or disclosed under false pretenses, the cost can go up to $250,000 with ten years in prison if there is intent to sell or use the information for commercial advantage, personal gain, or malicious harm.


Our Approach to implement HIPAA