What is HIPAA?

There are patients treated by medical professionals every single day. These professionals are trusted with very private information about their patients. When healthcare professionals are allowed access to this information, they are obligated to keep it private and not reveal it to anyone else. This law was enacted by the Health Insurance Portability and Accountability Act (HIPAA) in 1996.

What is HIPAA?

Physicians and healthcare providers are required to comply with HIPAA rules. HIPAA was created to protect the privacy of patients’ medical records and other health information. It ensures that a patient’s confidential information will not be shared with other individuals. These laws prohibit medical professionals from sharing any patient information or making it public. Even if a patient’s condition is not severe or sensitive, it is still private information under these laws.

When a patient fills out paperwork for a physician, they are able to cite individuals that are allowed access to information regarding their health. This may include a spouse, parent, or other loved one. With this consent, a doctor is not breaking HIPAA laws when they discuss a patient’s condition with that intended individual.


There is a system in place to enforce HIPAA laws. The United States Department of Health and Human Services uses an Officer for Civil Rights (OCR) to ensure HIPAA laws are respected. The OCR can investigate any complaints, conduct compliance reviews, and educate providers on following HIPAA rules. If a professional fails to comply with HIPAA laws, they may face certain penalties. These can be both civil and criminal.


When a medical professional violates HIPAA, they can be held accountable for their actions. There are some cases in which a medical professional may not realize they are breaking the law. For example, if they simply tell another person that an individual is receiving treatment or care, they are in violation of HIPAA. This is because they are informing another individual about a patient’s treatment without their consent.

HIPAA violations may be reported by a hospital, patient, or another physician. They are made to the Office of Professional Medical Conduct (OPMC). When this happens, the OPMC launches an investigation to figure out if HIPAA was violated.

There are penalties for medical professionals that violate HIPAA. There are 4 possible levels of violations depending on the offense.

  • If a professional did not know they were in violation, they may be subject to a $100-$50,000 fine
  • If a professional claimed they had reasonable cause to violate HIPAA, they may face a $1,000-$50,000 fine
  • If there was willful neglect that was corrected during a certain amount of time, they may face a fine between $10,000 and $50,000
  • If there was willful neglect that was not corrected, the professional may face a $50,000 fine
  • In the event of multiple violations within the same year, the professional may face a fine of $1.5 million.

Contact our Firm

If you are facing a HIPAA violation and need the assistance of an experienced attorney, contact Walker Medical Law today.

When a medical professional is accused of misconduct, it is essential that they retain strong legal representation. If you require a medical law attorney for your legal matters, call Paul E. Walker, an experienced New York City OPMC & OPD Lawyer. Please contactthe Walker Medical Law firm to set up a free initial consultation.