Hospitals fined for weak data protection
The California Dept of Public Health has fined five hospitals for failing to prevent unauthorized access to patient's medical information.
CDPH assessed the penalties under new California legislation intended to protect the confidentiality of medical records. Under the law, an administrative penalty of $25,000 may be assessed against a medical facility for the breach of each patient's medical information. A penalty of up to $17,500 is added for each subsequent breach of each patient's medical information.
Penalties are also increasing at the Federal level thanks to last year's HITECH Act. Enforcement of the new legislation started earlier this year.