HIPAA Training Course

Page 4 of 10

COMMON QUESTIONS

Q: Can a non-medical person violate HIPAA?
A: Yes, a person (medical and non-medical) can be criminally prosecuted for violating HIPAA.

Q: What is the penalty for violating HIPAA?
A: Up to a $50,000 fine and one year in jail.

Q: Can a patient request their own medical records without giving a reason?
A: A patient can ask for their own records, they do not need to give a reason.

Q: Does a patient requesting their own medical records need to put it in writing?
A: A written request is not necessary if you are giving the medical records to the patient under HIPAA. However, your employer may have policies that require a written request.