Utah Administrative Code (Current through November 1, 2019) |
R428. Health, Center for Health Data, Health Care Statistics |
R428-2. Health Data Authority Standards for Health Data |
R428-2-9. Penalties
-
(1) The Office may apply civil penalties or subject violators to legal prosecution.
(2) Sections 26-23-6 and 26-33a-110 specify civil and criminal penalties for failure to comply with the requirements of Title R428 or Title 26, Chapter 33a.
(3) Notwithstanding Subsection R428-2-9(2), any person that violates any provision of Title R428 may be assessed an administrative civil money penalty not to exceed $3,000 upon an administrative finding of a first violation and up to $5,000 for a subsequent similar violation within two years. A person may also be subject to penalties imposed by a civil or criminal court, which may not exceed $5,000 or a class B misdemeanor for the first violation and a class A misdemeanor for any subsequent similar violation within two years.
(4) Notwithstanding Subsection R428-2-9(2) and R428-2-9(3), a data supplier that violates any provision of Title R428 may be assessed an administrative civil money penalty for each day of non-compliance. Fines may be imposed as follows:
(a) Not to exceed the sum of $10,000 per violation
(b) Each day of violation is a separate violation
(c) Deadlines established in separate sections of Title R428 are considered as separate provisions.
(5) The Office may impose a fine on any data supplier that misses a deadline to submit data required in Title R428 as follows:
(a) A fine of $250 per violation shall be imposed until the data has been supplied as required
(b) The fines shall increase to $500 per violation for each violation when any data supplier that is currently in violation misses another deadline
(c) After forty-five consecutive calendar days of violation, the Office may adjust the per day penalty subject to the limits in (4)(a) taking into account the following aggravating and mitigating circumstances:
(i) Prior violation history and history of compliance
(ii) Good faith efforts to prevent violations
(iii) The size and financial capability of the data supplier.