New medical privacy rules in the works to combat patient data breaches
 | |
| California to impose fines on people who violate a patient’s privacy. Source: Medical Informatics Insider |
The proposed medical privacy rules are in response to the recent breaches in which University of California Los Angeles (UCLA) Medical Center employees accessed the confidential records of celebrities, according to the Los Angeles Times. In May, a UCLA hospital employee was indicted by a federal grand jury for selling the medical records of Farrah Fawcett to the media. The same employee also allegedly pried into the medical records of California First Lady Maria Shriver.
State legislators also approved a bill from Sen. Mervyn Dymally, D-Compton, to extend healthcare coverage to those with pre-existing medical conditions. The bill would require insurance companies to either insure those people or pay into a state account that would subsidize insurance for them.
While the state’s Assembly did not meet Tuesday, the state Senate approved, 29 to 7, a measure that would require hospitals to draft a plan to safeguard patient information and set up a new state Office of Health Information Integrity with power to review plans and violations and assess fines of up to $250,000 against people who violate patient privacy, reported the LA Times.
A companion bill would issue fines of up to $250,000 against healthcare providers in case of breaches. "Our current system of protecting patient privacy has not served as a sufficient deterrent to stop repeated and damaging breaches of patient confidentiality," said Sen. Elaine Alquist, D-Santa Clara, author of the companion bill, on which the Senate has yet to act.
According to the LA Times, Alquist's measure, SB 541, which the Assembly has already approved, would increase fines against individuals and health facilities for serious medical errors from the current maximum of $50,000 to a limit of $125,000. The Assembly has already approved it.