Civil and Criminal Penalties for Non Compliances


What is the cost of non compliances to the regulation? here is the list, from Sarbanes Oxley to HIPAA

Sarbanes Oxley Act
1. Action: Altering, destroying, or concealing any records with the intent of obstructing a federal investigation.
Penalties: Fine and/or up to 10 years’ imprisonment.

2. Action: Failure to maintain audit or review "workpapers" for at least five years.
Penalties: Fine and/or up to 5 years’ imprisonment.

3. Action: Anyone who "knowingly executes, or attempts to execute, a scheme" to defraud a purchaser of securities.
Penalties: Fine and/or up to 10 years’ imprisonment.

4. Action: CEO or CFO who 'recklessly' violates his or her certification of the company’s financial statements.
Penalties: Fine of up to $1 million and/or up to 10 years’ imprisonment.

5. Action: If the violation is 'willful,' the penalty increases. up to 20 years’
Penalties: Fine of up to $5 million and/or imprisonment.

6. Action: Conspiracy by two or more persons to commit any offense against, or to defraud, the United States or its agencies.
Penalties: Fine and/or up to 10 years’ imprisonment.

7. Action: Any person who 'corruptly' alters, destroys, conceals, etc., any records or documents with the intent of impairing the integrity of the record or document for use in an official proceeding.
Penalties: Fine and/or up to 20 years’ imprisonment.

8. Action: Mail and wire fraud.
Penalties: Penalty increase from 5 to 20 years’ imprisonment.

9. Action: Violating applicable Employee Retirement Income Security Act (ERISA) provisions.
Penalties: Various lengths depending on violation.

Health Insurance Portability and Accountability Act (HIPAA)

Under "General Penalty for Failure to Comply with Requirements and Standards" of Public Law 104-191, the Health Insurance Portability and Accountability Act of 1996, Section 1176 says that the Secretary can impose fines for noncompliance as high as $100 per offense, with a maximum of $25,000 per year on any person who violates a provision of this part.

Under "Wrongful Disclosure of Individually Identifiable Health Information," Section 1177 states that a person who knowingly:
- uses or causes to be used a unique health identifier;
- obtains individually identifiable health information relating to an individual; or
- discloses individually identifiable health information to another person,

shall be fined not more than $50,000, imprisoned not more than 1 year, or both:
- if the offense is committed under false pretenses, be fined not more than $100,000, imprisoned not more than 5 years, or both; and
- if the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, be fined not more than $250,000, imprisoned not more than 10 years, or both.


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Technorati

User login

Who's new

  • Cilmimabe
  • jutttizeBress
  • roboboboslains
  • Stolenfinche
  • maggelanert

Who's online

There are currently 0 users and 0 guests online.