Privacy Violations Result in 8 Fines
Hospitals Get Sanctions Under Tough California LawsThe fines for health information breach incidents last year are the result of state laws passed in 2008 that set some of the nation's toughest penalties for patient privacy violations.
At the federal level, the HITECH Act increased penalties for violations of the HIPAA privacy and security rules. The hospitals fined are:
- Kern Medical Center, Bakersfield, fined $250,000 as a result of the theft of 596 patients' lab test documents from an unlocked locker. The hospital also was fined $60,000 for an incident regarding unauthorized access to information about one emergency room patient by two employees.
- Pacific Hospital of Long Beach fined $225,000 for an identity theft incident that involved an employee gaining unauthorized access to information on nine patients.
- Kawaeah Manor Convalescent Hospital, Visalia, fined $125,000 for an identity theft incident that involved an employee gaining unauthorized access to information on five patients.
- Delano Regional Medical Center, fined $60,000 after an employee who was not authorized accessed the records of a relative.
- Children's Hospital of Orange, fined $25,000 when an unauthorized employee accessed the records of a child of a co-worker.
- Oroville Hospital fined $42,5000 after an employee discussed a patient's case with others on her cell phone and on the social networking site My Space.
- Biggs Gridley Memorial Hospital, Gridley, fined $5,000 after two unauthorized employees viewed the record of a fellow employee who was hospitalized.
In June, the department reported fines against five hospital totaling $675,000 for health information breaches. And in September, another hospital announced it was appealing a $250,000 state fine related to tardy notification about a breach.