The Security Rule is different from the Privacy Rule in that it provides administrative, technical, and physical safeguards of ePHI. The administrative safeguards of HIPAA relate to risk analysis, risk management, sanctions, and information systems activity review. Administrative safeguards cover management of employees, supervision, clearance, and termination procedures. According to Gartee (2011), “Administrative Safeguards are policies, procedures, and actions to manage implementation and maintenance of security measures to protect ePHI” (p. 395). Healthcare organizations normally employ computer systems that use antiviral software to prevent systems from attack and disclose …show more content…
The Department of Health and Human Services (HHS) is responsible for developing the amount of penalties based on if the violation of HIPAA resulted in harm of a patient. Another important note is that HIPAA violations are broken down by if a violator had knowledge of HIPAA requirements to include zero knowledge of HIPAA, reasonable cause and not due to willingly neglect, willful neglect but corrected in 30 days, and willful neglect which is not corrected in 30 days (AMA, 2016). HIPAA criminal penalties range from minimum penalties of $100 to $50,000 per violation or $25,000 per repeated violation to $1.5 annual maximum (AMA, 2016). Maximum penalties for violation of any range of HIPAA violation range from $50,000 per violation with $1.5 with an annual maximum (AMA,