Health Insurance Portability & Accountability Act of 1996 (HIPAA)
The Health Insurance Portability & Accountability Act of 1996 (HIPAA) is a United States federal law that protects the privacy of patient medical records.
Penalty for Lack of Compliance
Penalties imposed by HIPAA vary depending on the circumstances of the violations, but they include:
- fines of US$100 per violation
- additional penalties of up to $250,000
- up to 10 years in prison.
In April 2010, a former healthcare employee of UCLA was sentenced to United States federal prison for 4 months for illegally peeking at patient records, mostly of celebrities and other high-profile patients. Details: Ex-UCLA healthcare employee sentenced to federal prison for illegally peeking at patient records.
More Information
The information provided above is simplified to make HIPAA easier to understand. For more details, see Office for Civil Rights - HIPAA. For the full text of the act, see Public Law 104-191. Also: HIPAA at UCSF.
Training for Students
PharmD students are:
- Provided with HIPAA training in their first year.
- Presented during Orientation with our e-mail policy, which reminds students that they must use secure e-mail when sending patient information in e-mail.
Training for Employees
All University employees receive basic HIPAA training as part of the New Employee Orientation Program. See New Employees.
For Employees Only
If a Violation Occurred
If you know or suspect that a HIPAA violation occurred, immediately contact your supervisor to resolve the problem. If you're not satisfied with your supervisor's response, contact the Whistleblower coordinator.
