January 30, 2011
HIPAA privacy regulations and the ramifications of improper information disclosure Privacy regulations issued by the Department of Health and Human Services under the Health Insurance Portability and Accountability Act declare to protect the privacy of American patients' health information in several ways (HIPAA Privacy Regulations, 2000). As summarized by HHS, the regulations are intended to give patients control over their health information; create "limits" around how medical records can be used and released; make certain the security of personal health information; and ascertain accountability for the use and release of medical records (HIPAA Privacy Regulations, 2000). The regulations also "balance public responsibility with privacy protections," meaning that they allow many uses of patient information without consent (HIPAA Privacy Regulations, 2000). Not only does HIPAA have privacy regulations, it also has security rules that came into effect on April 21, 2005. The privacy regulations and security rules are the only national set of regulations that administers the use and disclosure of private, confidential, and susceptible information (Amaguin, 2011). There are a few legal ramifications of improper information disclosure which the U.S. Department of Justice has clarified. There are a few penalties that may be assessed and whom these penalties may be against for these violations. Covered facilities and persons whom "intentionally" attain or disclose individually identifiable health information in violation of HIPAA may be fined up to $50,000, as well as imprisonment up to one year (Amaguin, 2011). Offenses committed under insincere or feigned behavior allow penalties to be increased to a $100,000 fine, with up to five years in prison (Amaguin, 2011). Finally, offenses committed with the intention to sell,...