CHA News Article

CHA Submits Comments on CDPH Proposed Privacy Breach Regulations

Earlier this month, CHA submitted comments on the California Department of Public Health’s (CDPH) proposed regulations related to medical information breaches. The regulations seek to align state and federal law, but would impose several requirements CHA opposes.

For example, the regulation seeks to impost a strict liability standard rather than a negligence standard, meaning that a hospital could be held accountable for a privacy breach even if it was not negligent in any way. In its comments, CHA reminds CDPH that, under Senate Bill 541 (Chapter 605, Statutes of 2008), hospitals that implement appropriate safeguards are not liable for employees’ illegal actions. CHA also suggests technical amendments that further clarify the regulations and align them with current law.