Senators call for stronger health data protections, penalties

Just days after UCLA Health System notified more than 16,000 patients that an external hard drive containing their personal information went missing, Congress gathered to question how electronic health data can be better protected, reports the Minneapolis Star Tribune.

Sen. Al Franken (D-Minn.), chairman of the Senate Subcommittee on Privacy, Technology and the Law, held a hearing Wednesday, at which attendees called for stricter penalties of health data breaches and stronger enforcement of protections, according to the Star Tribune.

In addition to several major breaches in Minnesota, the article pointed to a wider trend of data breaches, noting that more than 50 laptops were stolen from hospitals, clinics, and medical centers during a 15-month span.

Of major concern was that the Department of Health & Human Services (HHS) failed to prosecute the data thefts. Only one out of 22,500 data breach complaints received by HHS resulted in civil monetary penalties, Franken said at the hearing.

He also asked the Office for Civil Rights when enforcement rules would be finalized. However, OCR Director Leon Rodriguez couldn't offer a timeline.

That could impair hospitals' protection of patient data. Without definitive enforcement rules, "we probably will not see more compliance," said Kari Myrold, privacy officer at Hennepin County Medical Center in Minneapolis, notes iHealthBeat.

For more information:
- read the Minneapolis Star Tribune article
- here's the iHealthBeat article