California fines 7 hospitals for breaches of patient data

The state's law requiring facilities to protect the confidentiality of medical records is one of the strictest in the nation.

By Pamela Lewis Dolan — Posted Dec. 21, 2010

Print  |   Email  |   Respond  |   Reprints  |   Like Facebook  |   Share Twitter  |   Tweet Linkedin

The California Dept. of Public Health has fined seven California hospitals a total of $792,500 under a 2009 state law against facilities that don't protect patient data sufficiently.

The law requires hospitals to protect the confidentiality of medical records and is separate from those under the federal Health Insurance Portability and Accountability Act regulations, which apply only to breaches affecting more than 500 patients. Under the California law, a hospital can be fined even if only one patient's records are breached.

Under the law, an administrative penalty of $25,000 per patient can be assessed against a facility for a breach and up to $17,500 for each subsequent breach of the same patient's data. The maximum fine per event is $250,000. Fines can be reduced for hospitals in rural areas, said Ralph Montano, spokesman for the CDPH. The fines were announced on Nov. 19.

That was the case for Biggs Gridley Memorial Hospital in Gridley, which was fined $5,000 for two employees accessing a patient's records on three occasions. Montano said the fine would have been $60,000, but a fine of that size "would have closed them down."

Other medical centers fined by the state:

  • Pacific Hospital of Long Beach was fined $225,000 for an employee accessing and using the records of nine patients.
  • Children's Hospital of Orange County was fined $25,000 after an employee accessed the records of another employee.
  • Delano Regional Medical Center in Delano was fined $60,000 for the breach of one patient's record by an employee on three separate occasions.
  • Kaweah Manor Convalescent Hospital, a nursing home in Visalia, was fined $125,000 after an employee accessed and used five patients' information.
  • Kern Medical Center in Bakersfield received one fine for $60,000 for the disclosure of a patient's information by two employees on three occasions. The medical facility also was fined $250,000 for the loss of 596 patients' medical records.
  • Oroville Hospital was fined $42,500 after a patient's information was accessed by an employee on two occasions.

None of the facilities had been fined previously for data breach incidents, and none was required to formally admit guilt as part of the penalty.

California's medical data protection law is considered to be among the most severe in the country. It was signed into law in 2008 by Gov. Arnold Schwarzenegger after the media reported several high-profile cases of snooping into celebrity files. One case involved the governor's wife, Maria Shriver.

The first fine issued under the law was for $250,000 against Kaiser Permanente Bellflower Medical Center in May 2009 for not taking adequate precautions to protect the privacy of Nadya Suleman, who gave birth to octuplets there in January of that year.

Back to top



Read story

Confronting bias against obese patients

Medical educators are starting to raise awareness about how weight-related stigma can impair patient-physician communication and the treatment of obesity. Read story

Read story


American Medical News is ceasing publication after 55 years of serving physicians by keeping them informed of their rapidly changing profession. Read story

Read story

Policing medical practice employees after work

Doctors can try to regulate staff actions outside the office, but they must watch what they try to stamp out and how they do it. Read story

Read story

Diabetes prevention: Set on a course for lifestyle change

The YMCA's evidence-based program is helping prediabetic patients eat right, get active and lose weight. Read story

Read story

Medicaid's muddled preventive care picture

The health system reform law promises no-cost coverage of a lengthy list of screenings and other prevention services, but some beneficiaries still might miss out. Read story

Read story

How to get tax breaks for your medical practice

Federal, state and local governments offer doctors incentives because practices are recognized as economic engines. But physicians must know how and where to find them. Read story

Read story

Advance pay ACOs: A down payment on Medicare's future

Accountable care organizations that pay doctors up-front bring practice improvements, but it's unclear yet if program actuaries will see a return on investment. Read story

Read story

Physician liability: Your team, your legal risk

When health care team members drop the ball, it's often doctors who end up in court. How can physicians improve such care and avoid risks? Read story

  • Stay informed
  • Twitter
  • Facebook
  • RSS
  • LinkedIn