California Healthcare Provider Not Liable for Data Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

California Healthcare Provider Not Liable for Data Breach

June 13, 2014
by Gabriel Perna
| Reprints

California Court of Appeals has ruled in favor of Eisenhower Medical Center in Rancho Mirage, Calif., saying that the 524-bed, community hospital is not liable for releasing personal identifying information on patients if that information doesn't include medical history, mental or physical condition, or treatment.

The court said that the healthcare provider organization is not liable under the California’s Confidentiality of Medical Information Act (CMIA) because that medical data was not released. The CMIA says its unlawful when a provider releases a patient's medical data without obtaining prior authorization, and defines medical data as individual identifiable information on a patient’s medical history, mental or physical condition, or treatment.

The original suit, from the Superior Court of Riverside County on behalf of patients, argued that Eisenhower broke the law in accordance with the CMIA when a computer with information about over 500,000 patients was stolen in 2011. The information included person’s name, medical record number, age, date of birth, and last four digits of the person’s Social Security number. Eisenhower Medical countered by saying that they didn't disclose medical information as defined in the CMIA. The court agreed with Eisenhower Medical.

Read the source article at National Law Review

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


/news-item/california-healthcare-provider-not-liable-data-breach

See more on

betebettipobetngsbahis