Hospitals fined $667K for patient privacy breaches

California's Department of Public Health has fined six hospitals $667,000 for failing to prevent patient privacy breaches.

Kern Medical Center in Bakersfield was hit with the largest penalty, $250,000, for losing 596 patient records that were allegedly stowed in an outside, unlocked locker, Associated Press reports.

State inspectors found that for several months, a Kern staffer would place daily lab reports in a broken locker outside the hospital. One night they were stolen. The hospital's CEO claims the reports' disappearance was part of a Halloween prank and not the work of identity thieves.

Fines are typically $25,000 for the first breach and $17,500 for each additional breach of the same record.

In another breach, Pacific Hospital of Long Beach was hit with a $225,000 fine after an employee used nine patients' medical information to set up fake Verizon accounts.The employee admitted to memorizing personal patient information during a project to purge the hospital's older ER records.

California's patient privacy laws are among the toughest in the country, including penalties for snooping into medical records. The state law enacted in 2008 boosted patient protections after widely publicized violations of patient privacy at UCLA involving Farrah Fawcett, singer Britney Spears, Maria Shriver and other celebrities.

Last year, California health officials issued the first penalty under the law to Kaiser Permanente's Bellflower hospital, which had to pay a whopping $437,500 fine for failing to prevent employees from sneaking a peek at the medical records of Nadya Suleman, aka Octomom, according to the Los Angeles Times.

To learn more:
- read the press release from the California Department of Public Health
- read the Los Angeles Times story
- here's the Associated Press article

Related Articles:
Kaiser hospital hit with another fine for privacy violation
How will California's toughter-than-HIPAA privacy laws impact U.S.?
10 Egregious Patient Privacy Breaches