Welcome to the Sausage Factory

Nov. 9, 2011
Often new legislative trends in privacy and security law are driven by a single incident that grabs headlines.  And when a privacy incident directly

Often new legislative trends in privacy and security law are driven by a single incident that grabs headlines. And when a privacy incident directly touches lawmakers personally ... then expect a new privacy law.

For example, California's landmark security breach notification law came about in response to a high-profile breach involving a California state government database. Now, as I've discussed previously in this blog, there have been several much-publicized incidents involving hospital employees improperly accessing the medical records of public records and celebrities at Cedars-Sinai Medical Center and UCLA Medical Center.

Two new bills are making their way through the California legislature in response to these recent events, S.B. 541 and A.B. 211. The word around the hallways of Sacramento is that Governor Schwarzenegger has a strong personal interest in the passage of these measures because UCLA Medical Center employees improperly accessed his wife's medical records.

S.B. 541 creates a new administrative penalty for hospitals, home health agencies, hospices and licensed clinics that fail to "prevent unlawful or unauthorized access to, and use or disclosure of, patients' medical information."Â The penalty is $25,00 per patient, with a cap of $250,000 "per reported event."

Don't HIPAA and state medical privacy laws already prohibit this conduct? Yes, but not quite so specifically.  As they say, you don't want to know how sausage and law gets made.  It's not pretty and it's certainly not consistent, but this is how privacy law gets made in the U.S.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?