Hospital Fined $250,000 For Late Reporting of Data Breach
A hospital can be fined up to $250,000 for a breach itself. However state law says the combined fine for failing to report a breach and the penalty for the breach itself cannot exceed $250,000, Montano said.
The state's medical record confidentiality laws were enacted in 2008 after hospital medical records of celebrities such as the late Farrah Fawcett and Britney Spears were inappropriately accessed and distributed. A two-bill combination requires health facilities to adopt appropriate administrative, physical and technical safeguards to prevent unauthorized access or unlawful access, use, or disclosure.
Under that breach statute, the total fines as of last June 11 were $1.12 million, levied against eight hospitals.
One of those fines involved the violation of medical records of pop star Michael Jackson at Ronald Reagan UCLA Medical Center. Last year, Kaiser Permanente Hospital in Bellflower was fined for two separate breaches involving the medical records of Nadya "Octomom" Suleman and her octuplets. Those fines totaled $250,000 and $187,000.
Cheryl Clark is senior quality editor and California correspondent for HealthLeaders Media. She is a member of the Association of Health Care Journalists.
- How One Health System Saved $3.5M in Benefits Costs
- Federal Appeals Court Mulls Observation Status
- How the Military's EHR Reboot Will Impact Interoperability
- HCA to Acquire CareNow Urgent Care Centers
- 'Leadership Gap' Threatens MU Momentum, Says AMA
- BCBS Tries New Drug Contracting Model
- Investing in Population Health Strategies Creates Financial Risk
- Evidence-Based Practice and Nursing Research: Avoiding Confusion
- Ebola: Lawmakers, Healthcare Leaders Clash Over Quarantines
- Abington Health, Jefferson Health Plan '100% Equal' Merger