HHS Announces Civil Penalties for HIPAA, ACA, and MSP Violations - Bim Group

HHS Announces Civil Penalties for HIPAA, ACA, and MSP Violations


On October 6, 2023, the Department of Health and Human Services (HHS) released inflation-related penalty adjustments for violations of the Health Insurance Portability and Accountability Act (HIPAA), Affordable Care Act (ACA), and the Medicare Secondary Payer (MSP) rules.

These adjusted amounts apply to penalties assessed on or after October 6, 2023, for any violations occurring on or after November 2, 2015.

Health Insurance Portability and Accountability Act (HIPAA)

The penalty amounts related to the HIPAA privacy and security rules are broken down into a four-tiered structure
based on the violator’s intention level.

ACA: Summary of Benefits and Coverage (SBC)

The ACA requires plan sponsors and insurers to provide SBCs to eligible employees and their beneficiaries before enrollment (or re-enrollment) in a group health plan. The maximum penalty for failing to provide an SBC to covered individuals increases to $1,362 (from $1,264).

Medicare Secondary Payer (MSP)

The MSP rules prohibit employers and insurers from offering Medicare beneficiaries financial or other incentives that encourage these beneficiaries to waive or terminate group health plan coverage that would be primary to Medicare. The maximum penalty for failing to comply with these MSP rules increased to $11,162 (from $10,360). Additionally, the maximum penalty for failing to inform HHS when a group health plan is or was primary to Medicare increased to $1,428 (from $1,325).

What Employers Should Do Next

To avoid these penalties, employers should review their plan documents and operations, ensuring compliance with the above HHS-related requirements.


This information has been prepared for UBA by Fisher & Phillips LLP. It is general information and provided for educational purposes only. It is not intended to provide legal advice. You should not act on this information without consulting legal counsel or other knowledgeable advisors.

Recent Insights

July 9, 2024
News, Webinar

Webinar: Keep it Classy – Identifying Employees Properly

Tuesday, August 13, 2024 1 – 2PM CST Register Now Registration Code:UBA410EW   Attend this month’s webinar to learn how to properly classify employees for benefit eligibility. ​ Gain insights into:​​ Allowable employment-based classifications for benefits and contributions Risks arising from misclassifying or discriminating against employees Offering benefits to 1099 employees and related tax implications […]
Read more
July 9, 2024

EEOC Issues Final Regulations for the Pregnant Workers Fairness Act

READ TIME: 6 MINUTES The Equal Employment Opportunity Commission (EEOC) has recently released extensive final regulations under the Pregnant Workers Fairness Act (PWFA). The regulations were published in the federal register on April 19, 2024, and will take effect on June 18, 2024. Here’s what employers need to know. Overview of PWFA The PWFA took […]
Read more
July 9, 2024

Group Health Plan Fiduciaries are the Subject of New ERISA Class Actions

READ TIME: 5 MINUTES Retirement plan fiduciaries are no stranger to ERISA class action lawsuits. These lawsuits typically allege that imprudent processes and lack of oversight led to excessive fees for investment options, recordkeeping services, and investment management services. Similar class actions are beginning to find their way to group health plan fiduciaries thanks to […]
Read more
June 26, 2024

HIPAA Privacy Rule to Support Reproductive Health Care Privacy

READ TIME: 6 MINUTES Following the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, which overturned Roe v. Wade and its constitutional protection of abortion, many states adopted extreme abortion bans and other restrictions on reproductive health care. Along with these new laws came concerns from both patients and providers that protected health […]
Read more