Agencies
Services
Health Insurance Portability and Accountability Act (HIPAA)
Welcome to the Illinois Department of Healthcare and Family Services Health Insurance Portability and Accountability Act (HIPAA) informational Web pages. The department will use these pages to communicate HIPAA-specific information to our providers in a concise and consistent manner.
Sanctions may be imposed for improper use or disclosure of health information
Civil Penalties may be imposed for improper use or disclosure of medical information. In accordance with 45 C.F.R. § 160.404, the US Department of Health and Human Services Office of Civil Rights (OCR) may, in certain circumstances, impose civil or criminal penalties on covered entities and business associates, as those terms are defined at 45 CFR 160.103, for failure to use or disclose health information in accordance with applicable law. Penalties may not exceed a calendar year cap for multiple violations of the same requirement.
Criminal Penalties may also be imposed for improper use or disclosure. In accordance with 42 USC 1320d–6, a person who knowingly and improperly obtains or discloses health information may face a criminal penalty including a fine and a term of imprisonment. The fines and terms of imprisonment increase if the individual obtains the information by misrepresenting a material fact, or if the person intends to sell, transfer, or use your health information for commercial advantage, personal gain or malicious harm. The US Department of Justice is responsible for criminal prosecutions.
The department has compiled much of the HIPAA specific information within the following links:
In order to save you time, we encourage you to review these FAQs prior to contacting the Department.
Frequently Asked Questions and Answers (Coming Soon)
Centers for Medicare and Medicaid Services (CMS) Web site, where additional information on HIPAA can be found.