California governor Arnold Schwarzenegger just signed into law increased fines for breaches of patient medical record confidentiality and increased oversight. The new bills (SB 541 and AB 211) will permit the state to assess and enforce fines for unauthorized leaking of patient information and will enhance the Federal Health Insurance Portability and Accountability Act (HIPAA) standards already in place. The laws were approved by the Governor on September 30, 2008, and take effect January 1, 2009.
The bill also creates a new State Office of Health Information Integrity (OHII) to oversee data issues and to enforce statutes concerning confidentiality of health care data. The purpose of the bill is “to ensure the enforcement of state law mandating the confidentiality of medical information and to impose administrative fines for the unauthorized use of medical information.” Health facilities and individuals can be fined $25,000-$250,000 for each time they inappropriately obtain, use, or disclose a patient’s medical information.
Read more after the jump.
From the Internet Business Law Services:
“An important change in the law is to make actionable not just data taken illegally by outside sources, called “unlawful” access, but now also the misuse of patient data by those who have legal, but un-permission access to the information through their jobs. This is termed “unauthorized access to patient health data.” So this means health care organizations must implement controls not just to protect information from malicious outsiders, but also to guard against employee data misuse.”