California Healthcare Provider Not Liable for Data Breach

June 13, 2014
California Court of Appeals has ruled in favor of Eisenhower Medical Center in Rancho Mirage, Calif., saying that the 524-bed, community hospital is not liable for releasing personal identifying information on patients if that information doesn't include medical history, mental or physical condition, or treatment.

California Court of Appeals has ruled in favor of Eisenhower Medical Center in Rancho Mirage, Calif., saying that the 524-bed, community hospital is not liable for releasing personal identifying information on patients if that information doesn't include medical history, mental or physical condition, or treatment.

The court said that the healthcare provider organization is not liable under the California’s Confidentiality of Medical Information Act (CMIA) because that medical data was not released. The CMIA says its unlawful when a provider releases a patient's medical data without obtaining prior authorization, and defines medical data as individual identifiable information on a patient’s medical history, mental or physical condition, or treatment.

The original suit, from the Superior Court of Riverside County on behalf of patients, argued that Eisenhower broke the law in accordance with the CMIA when a computer with information about over 500,000 patients was stolen in 2011. The information included person’s name, medical record number, age, date of birth, and last four digits of the person’s Social Security number. Eisenhower Medical countered by saying that they didn't disclose medical information as defined in the CMIA. The court agreed with Eisenhower Medical.

Read the source article at National Law Review

Sponsored Recommendations

Explore how healthcare leaders are shifting from reactive maintenance to proactive facility strategies. Learn how data-driven planning and strategic investment can boost operational...
Navigate healthcare's facility challenges. Get strategies to protect assets and ensure long-term stability.
Join Claroty, Cisco, and Children's Hospital Los Angeles (CHLA) on-demand as they uncover the reasons behind common pitfalls encountered by hospitals in network segmentation efforts...
Cyber-physical systems (CPS) in healthcare encompass OT assets and systems, along with a proliferation of connected devices. This includes clinical assets, medical devices, building...