View Page As PDF
Share Button
Tweet Button

If your organization fails to comply with data privacy laws or breach notification statutes, you (or your company) could be facing some of the following legal penalties:

  • Up to $750,000 in penalties to the company for failure to notify affected individuals
  • Up to $50,000 per violation for consumer health information retained on a hard drive (Health Insurance Portability and Accountability Act [HIPAA])
  • State privacy statutes provide for private civil actions for instances of non-compliance, including punitive damages and attorneys’ fees
  • Under HIPAA, failure to properly erase consumer health information can carry a minimum prison term of one year