Enforcement & Penalties

How HIPAA violations are investigated and penalized.

HIPAA Penalty Tiers Explained

The four civil penalty tiers based on culpability, penalty amounts per violation, annual caps, and factors OCR considers when setting penalty amounts.

Criminal Penalties for HIPAA Violations

The three levels of criminal penalties, who can be criminally charged for HIPAA violations, intent requirements, and the Department of Justice's role.

State Attorney General HIPAA Enforcement

How state AGs can enforce HIPAA, concurrent jurisdiction with OCR, attorney's fees and damages, and notable state enforcement actions.

Notable HIPAA Enforcement Cases

Six significant HIPAA enforcement actions illustrating common violation patterns, penalty amounts, and the lessons covered entities can learn from each case.