It’s not just Federal regulations anymore…

Perhaps you saw the headlines: CALIFORNIA DEPARTMENT OF PUBLIC HEALTH ISSUES PRIVACY BREACH FINES TO 7 CALIFORNIA HEALTH FACILITIES …As we recently wrote, the right to privacy is not new.  Nor is it just being taken up at the federal level.  Forty-six states in the US have enacted privacy regulations.  The AICPA provides a wealth of information on these state laws that we wish to share with you.  The idea of a right to privacy was first addressed within a legal context in the United States. 

Recently in California, six hospitals and one nursing home, almost $800,000 in fines were levied for inadequate security compliance programs.  Under new California law intended to protect the confidentiality of medical records, CDPH determined that the hospitals failed to prevent unauthorized access to PHI. Notably these security breaches all involved inappropriate access by an employee, highlighting the lack of “meaningful use” security standards.  An administrative penalty of $25,000 may be assessed against a medical facility for the breach of each patient’s medical information and another $17,500 for each subsequent breach of each patient’s PHI.  What states will follow?

The complete HIPAA Privacy and Security regulations are here.

If you'd like keep up to date on HIPAA Security and Privacy reminders or HIPAA-HITECH in general, please also consider (all optional!):


No comments yet.

Leave a Reply