If California officials were hoping to make a point, they're certainly going about it great guns.
In 2008, California became the first state to enact a law requiring providers to let individuals know if personal medical data had been breached. Now, the state has hit Kaiser Permanente's Bellflower Hospital with the second of two six-figure fines for failing to protect electronic medical record data from its own employees.
The California Department of Public Health issued an administrative penalty of $187,500 this week against the facility after concluding that the hospital didn't do enough to protect patient health information. Bellflower Hospital was previously slapped with a $250,000 fine in May for violations taking place in mid-March during Nadya Suleman's inpatient stay.
Eight employees were cited in the latest security breach, one of whom was named in an earlier breach involving Suleman (also known as the Octomom).
To learn more about the breaches:
- read this Health Leaders Media piece
Related Articles:
U.S. law now requires data breach warnings
Putting data breach genie back in bottle? Good luck
California expands health data breach rules
GA hospital health data breach due to outsourcing error