The Internet has changed the way we do business. The increased visibility, broader customer base, and ease in communication also bring various legal and procedural safeguards that must be in place on your website. These safeguards not only protect you as the business owner, but also your customers.
Depending on what type of website you have, you may require specific disclaimers and legal language to minimize your liability and stay in compliance with governmental agencies that monitor online businesses.
Congress enacted The Health Insurance Portability and Accountability Act (HIPAA) in 1996 to address the privacy and security of medical data. The purpose of the HIPAA privacy rule is to provide federal protection for personal health information and give healthcare patients certain rights when it comes to their own information.
A covered entity is one that has access to medical information, including website owners, healthcare facilities, doctors, and insurance companies. If you are an employer that has any health clinic services available to your employees, provides any type of self-insurance health plan, or acts as an intermediary between employees and their health care providers, you could be handling information that is governed by HIPAA provisions.
Failure to adhere to HIPAA guidelines can result in serious penalties: up to $100 a day for every day that you are not in compliance. These fines have a maximum of $25,000 per year, per violation. If only two standards were not adhered to for a single person, the violation could result in a maximum penalty of $50,000 a year. Criminal penalties can bring up to ten years in prison, or even more if the violations are proven to be motivated by financial gain.