HIPAA Enforcers Lower Fines For Less Serious Violations

By Ben Kochman (April 26, 2019, 7:16 PM EDT) -- The U.S. Department of Health and Human Services said Friday it is significantly dropping the maximum annual fine health care entities can face for lower-level privacy violations, rolling back a practice dating back to the Obama administration.

Maximum annual fines for the most egregious Health Insurance Portability and Accountability Act breaches enforced by the agency — involving "willful neglect" that is not corrected — will stay at $1.5 million, HHS said in a notice in the federal register. But maximum annual penalties for the three lower tiers of breaches, which had also been at $1.5 million since 2009, are going down, the agency...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.

  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!


Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!