• HIPAA protects us when we're sick.in hospital image by Mykola Velychko from Fotolia.com
  
  The Health Insurance Portability and Accountability Act protects us from disclosure of patient information by a hospital employee and from unfair acts by insurance companies that create exclusions from insurance based on medical history, genetic information, health status, disability or pre-existing conditions. The prohibition against exclusion because of medical conditions is dealt with in civil court. Any disclosure of medical information will result in criminal penalties.
  
  

HIPAA's Prohibition of Criminal Activities

• HIPAA says it's a crime to disclose health information or try to obtain that disclosure. The law protects us from someone publishing sensitive and private medical information to our neighbors or our employers or the use of medical information for blackmail or extortion. For example, an executive of a company has a heart condition. A hospital employee knows that the executive is being considered for a higher paying position in the company. It's a felony for that hospital employee to blackmail the executive by threatening to disclose his medical condition to his company.
  
  

Penalties for Serious Violations of HIPAA

• Felony violations of HIPAA can range from a hospital worker showing a chart to another hospital employee who doesn't need to see it to blackmail and extortion. Even a casual incident such as a hospital employee circulating a patient's chart to coworkers inside the hospital can result in serious penalties. In this case, even though there was no intent to defraud and no one outside the hospital saw the information, it's a class 6 felony and the penalty is a $50,000 fine and up to a year in jail. If the offense is done for more serious reasons and involves using false pretenses, it becomes a class 5 felony with a $100,000 fine and up to five years in prison. If the incident was done with the intention of selling the information or doing malicious harm to an individual, it becomes a class 4 felony with a $250,000 fine and up to 10 years in jail or both.
  
  

Minor Penalties Enforced by HIPAA

• The Director of Health and Human Services can impose civil fines on minor violations with a maximum of $100, up to a limit of $25,000. These are cases in which the violator wasn't aware they had broken the rules and would have done it differently had they known; for example, a hospital failing to post the HIPAA regulations in all the necessary places. The law also allows the Attorney General of a state to bring civil action against an individual or company.