On July 1, 2021, the California Department of Public Health (“CDPH”) issued new regulations[1] (the “Regulations”) effective immediately that more narrowly limit the circumstances under which instances of unauthorized access to medical information have to be reported to CDPH. The new regulations also give CDPH more discretion to adjust penalties for violations. The Regulations complement Section 1280.15 of the Health and Safety Code (“Section 1280.15”) requiring state-licensed clinics, health facilities, home health agencies, and hospices to prevent any unlawful or unauthorized access to, or use or disclosure of, a patient’s medical information, and to report any unauthorized access, use or disclosure to the Department no later than fifteen (15) business days after the breach was detected.
Latest Post
More Posts
OCR Urges Private Sector to Beef Up Ransomware Protections
MITRE Corporation Outlines a Proposal for a Digital Health Revolution in New Report
FDA Proposes Risk-Based and Remote Inspection Strategies in New Report
The American Jobs Plan and the American Rescue Plan: The Biden Administration Bets Big on Home and Community-Based Services
Breaking Down FDA’s New Remote Monitoring Strategy
ACG Panel Paints a Bright Future for Healthcare Investment and Growth
OIG Warns Telehealth Industry: “With Great Power Comes Great Responsibility”
The Honeymoon Phase Is Over: OIG to Audit COVID-19 Part B Telehealth Services
Secret Rules and Hidden Penalties: Biden Executive Order Takes Aim at the Trump Administration’s Efforts to Limit HHS’s Use of Guidance Documents in Civil Enforcement Actions
Subscribe: Subscribe via RSS