Compliance FYI: HHS Increases Penalties for Inflation

Compliance, Employee Benefits

On August 8, 2024 the Department of Health and Human Services (HHS) issued increased civil monetary penalties for HIPAA and Medicare payer violations based on inflation. These increases were based on a cost-of-living increase of 1.03241.

HIPAA Administrative Simplification (Privacy, Security, Breach Notification): 

HHS has the ability to impose penalties for HIPAA violations.  These penalties have been increased to the following levels:

  • Tier 1 – Lack of Knowledge Standard (per violation)
    • Minimum Penalty = $141; Maximum Penalty = $71,162
    • Calendar Year Cap = $2,134,831
  • Tier 2 – Reasonable cause, not Willful Neglect Standard (per violation)
    • Minimum Penalty = $1,424; Maximum Penalty = $71,162
    • Calendar Year Cap = $2,134,831
  • Tier 3 – Willful Neglect, Corrected within 30 days Standard
    • Minimum Penalty = $14,232; Maximum Penalty = $71,162
    • Calendar Year Cap = $2,134,831
  • Tier 4 – Willful Neglect, Not Corrected within 30 days Standard
    • Minimum Penalty = $71,162; Maximum Penalty = $2,134,831
    • Calendar Year Cap = $2,134,831

Medicare Secondary Payer Violations

Group Health Plans are prohibited from taking into account the Medicare entitlement of a current employee or a current employee’s spouse or family member in relation to the plan.  These penalties include the following:

  • Offering incentives to Medicare-eligible individuals to enroll in Medicare/not enroll in employer plan that would be primary
    • Per violation: $11,524
  • Failure to report situations in which the group health plan is primary
    • Per violation: $1,474

Summary of Benefits and Coverage (SBC)

 SBC must be provided to plan participants and beneficiaries before enrollment or re-enrollment in a group health plan.  Not doing so would result in the following penalties:

  • Failure to provide SBC by insurer or health plan sponsor
    • Per failure: $1,406

Effective Date

August 8, 2024 (for violations occurring on or after November 2, 2015)

Key Takeaway

The federal HHS has increased the penalties for these compliance violations.  Employers who offer group health insurance would be well-served by reviewing their plans and/or processes to make sure they remain compliant with federal regulations.

Back to Insight Center