The year 2014 continues to be a kind year to healthcare provider organizations in California that have been sued for a data breach.
Earlier this year, courts in California have ruled that both Eisenhower Medical Center, a 524-bed community hospital in Rancho Mirage, Calif., and Sutter Health, a Sacramento nonprofit health system, were not liable for their respective data breaches. This week, the California Supreme Court declined to hear an appeal against two lower court decisions that went in favor of Sutter.
In June, the California Court of Appeal ruled that Eisenhower wasn't liable due to the fact healthcare providers are not violating the state's Confidentiality of Medical Information Act (CMIA) for the release of patients' personal information if it does not include information about medical histories, conditions or treatments.
Sutter won two lower court rulings in a similar vein. Had the class-action lawsuit gone against Sutter, the health system would have had to pay up to $1000 per individual for a 2011 theft of a desktop computer.