Question: Are penalties for violating the Health Information Portability and Accountability Act (HIPAA) all equal, or are accidental breaches taken to consideration? Indiana Subscriber Answer: A few years back, the HIPAA Omnibus Final Rule introduced and solidified a new penalty structure, as well as new definitions relating to HIPAA violations. The definitions for three terms in particular are pivotal under the penalty system. 1. Reasonable Cause: An act or omission in which a covered entity or business associate knew, or by exercising reasonable diligence would have known, that the act or omission violated an administrative simplification provision, but in which the covered entity or business associate did not act with willful neglect. 2. Reasonable Diligence: Business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances. 3. Willful Neglect: Conscious, intentional failure or reckless indifference to the obligation to comply with the administrative simplification provision violated.