According to the American Medical Association, failure to comply with HIPAA can result in civil and criminal penalties.

There are various forms of HIPAA violations that can result in minimum to maximum penalties.

1.  Individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA
   • Minimum Penalty: $100 per violation, with an annual maximum of $25,000 for repeat violations (Note: maximum that can be imposed by State Attorneys General regardless of the type of violation)
   • Maximum Penalty: $50,000 per violation, with an annual maximum of $1.5 million
2.  HIPAA violation due to reasonable cause and not due to willful neglect
   • Minimum Penalty: $1,000 per violation, with an annual maximum of $100,000 for repeat violations
   • Maximum Penalty: $50,000 per violation, with an annual maximum of $1.5 million
3.  HIPAA violation due to willful neglect but violation is corrected within the required time period
   • Minimum Penalty: $10,000 per violation, with an annual maximum of $250,000 for repeat violations
   • Maximum Penalty: $50,000 per violation, with an annual maximum of $1.5 million
4. HIPAA violation is due to willful neglect and is not corrected
   • Minimum Penalty: $50,000 per violation, with an annual maximum of $1.5 million
   • Maximum Penalty: $50,000 per violation, with an annual maximum of $1.5 million