5 Hospitals Fined for Privacy ViolationsCalifornia Laws Set Tough Penalties
The fines, for incidents last year, are the result of state laws passed in 2008 that set some of the nation's toughest penalties for patient privacy violations. At the federal level, the HITECH Act increased penalties for violations of the HIPAA privacy and security rules.
The hospitals fined are:
Community Hospital of San Bernardino: Fined $250,000 for an incident involving one employee accessing electronic records without a clinical need, and $75,000 for allowing a visitor to sit at a desk in an admitting area and overhear information on three patients.
Enloe Medical Center in Chico: Fined $130,000 after seven people, including staff members of local physicians' offices, gained unauthorized access to one "high profile" patient's information.
Rideout Memorial Hospital, Marysville: Fined $100,000 after 17 security guards gained access to 33 patient's information on computers.
Ronald Reagan UCLA Medical Center, Los Angeles: Fined $95,000 after two employees and two contracted workers gained unauthorized access to one patient's electronic record.
San Joaquin Community Hospital, Bakersfield: Fined $25,000 after sending copies of the wrong records on three patients to attorneys.