California governor signs data breach notification law

The Golden State is taking action following large scale data breaches at some of the country's most prominent health systems, which include UCLA Health.

A data breach notification law recently signed by California Gov. Jerry Brown included data encryption standards, as well as standards for defining personal information, according to an article at HealthITSecurity.com.

The bill signing comes just a few months after it was revealed that a hack of UCLA Health's computer network may have compromised personal and medical information for as many as 4.5 million individuals. 

The law includes three bills:

  1. Assembly Bill 964, which defines properly encrypted data as "rendered unusable, unreadable or indecipherable to an unauthorized person through a security technology or methodology generally accepted in the field of information security."
  2. Assembly Bill 570, which says notifications must be titled "Notice of Data Breach," and must include subheadings covering everything from what happened, what information was compromised and what the patients and organization can do to in the wake of the breach.
  3. Assembly Bill 34, which says personal information now includes data captured by automated license plate recognition systems.

Seventy percent of breaches involving the California healthcare industry were due to unencrypted data on lost or stolen hardware or portable media in 2014, a problem that strong encryption would fix, according to a breach report from the state's attorney general.

To learn more:
- here's the HealthITSecurity.com article

Report

Driving Engagement in an Evolving Healthcare Ecosystem

Deep-dive into evolving consumer expectations in healthcare today and how leading providers are shaping their infrastructure to connect with patients through virtual care.

Suggested Articles

Walmart has tapped Cambia Health Solutions' Cheryl Pegus, M.D., to serve as its new executive vice president of health and wellness.

Andor Health just landed an investment from Microsoft's venture arm to expand its AI-powered virtual health program.

Google Cloud rolled out new tools and services to help providers and payers advance data interoperability in advance of upcoming federal deadlines.