FROM THE FOUNDATION

All Over the Map

Newly updated to include breast cancer, prostate cancer, and spine procedures, this CHCF-sponsored research shows that practice patterns vary dramatically from place to place.

Medi-Cal Transforms

Medi-Cal is the main source of health insurance for one in five Californians. An updated report gives an overview of the program's key features, describes how the program is evolving, and examines the challenges ahead.

Obama Care in the Second Term

CHCF is a long-time sponsor of the UC Irvine Forecast Conference. A webcast of this year's conference on health policy in President Obama's second term is now available.

Privacy and Security

Tuesday, July 03, 2012

Calif. Lawmakers Mull Bill To Limit Patient Record Privacy Law

On Tuesday, the California Senate Judiciary Committee is scheduled to consider legislation (AB 439) that would limit a state health data privacy law, Healthcare IT News reports.

Support for the Bill

The legislation -- by Assembly member Nancy Skinner (D- East Bay) -- would affect the Confidentiality of Medical Information Act, which allows patients to take legal action against a health care provider if their health records are released without their permission.

Skinner said the bill seeks to update the confidentiality law for "the digital age, protecting patient privacy while also recognizing that inappropriate release may occur even when providers adopt strict protections."

The McKesson Corporation, a health IT developer, supports the bill.

Opposition to the Bill

The Consumer Federation of California -- which opposes the bill -- said it would exempt health care corporations that commit significant privacy violations from damage awards if they can provide an "affirmative defense" when sued by patients. The bill would deny a judge's discretion to assign damages based on the circumstances of the information breach.

Richard Holober -- executive director of the Consumer Federation of California -- said, "Californians want to hold health care businesses accountable in court -- and want them to pay a stiff price when they violate our medical privacy." He said that the bill "eliminates an important financial deterrent against cutting corners when safeguarding our records"

Other organizations that oppose the legislation include:

  • California Alliance for Retired Americans;
  • CALPIRG;
  • Consumer Action;
  • Consumer Watchdog;
  • Electronic Frontier Foundation;
  • Privacy Rights Clearinghouse; and
  • World Privacy Forum (McCann, Healthcare IT News, 7/2).

Reader Comments:
  • 1
  • 07/03/2012
  • Kel Mohror

On Thursday, iHealthBeat reported "the University of Texas M.D. Anderson Cancer Center began notifying patients that an unencrypted laptop computer containing patient data was stolen in April."

Encrypting all PHI on mobile devices, ensuring the devices are "out of sight, out of mind" to potential thieves, and other breach mitigating practices are "no-brainer" steps to take. Dozens (if not hundreds) on online white papers and tutorials are available at no / low cost to the provider.

A plaintiff can document this fact to defeat an "affirmative

Until providers "get serious" about PHI security, they must be held accountable for breaches through legal action. Dozens (if not hundreds) of online white papers and tutorials on mitigating PHI breaches are readily available at no / low cost.

A plaintiff can easily document this fact to make "laughing stock" of an "affirmative defense." The abundance guidance regarding PHI security and preventing breaches might support "willful negli



Readers are invited to send feedback to: chl@chcf.org

Click to register for California Healthline