The California Department of Public Health has gained national attention for its enforcement of §1280.15 of the California Health and Safety Code. Since §1280.15 became law in 2009, CDPH has imposed fines of more than $2 million against California health care entities. Between June 2010 and November 2010, CDPH imposed fines totaling nearly $800,000 against six hospitals and one nursing home for violations of §1280.15.
Responsibilities Under §1280.15
Section 1280.15 requires licensed clinics, health facilities, home health agencies and hospices in California to “prevent unlawful or unauthorized access to, and use or disclosure of, patients’ medical information.” Section 1280.15 also requires health care entities to report breaches to CDPH and to the affected patient or patient’s representative within five business days of detection by the facility. The statute is strict and encompasses even minor and inadvertent missteps. Misdirected fax transmissions, e-mails and internal paper records, however, may not constitute a breach and may not need to be reported to CDPH, but only if (1) the document was mistakenly sent to another health care worker within the same facility or health care system and (2) the transmission was for the purpose of coordinating care or delivery of services.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
