CALIFORNIA DATA BREACH NOTIFICATION LAW NOW COVERS MEDICAL INFORMATION
California’s security breach notification law, or S.B. 1386, went into effect on July 1, 2003. It states that any California business that maintains computerized data from California residents must notify them if their unencrypted personal data was acquired by an unauthorized person. The law is meant to ensure that companies alert individuals when they are at risk for identity theft. Regarding the medical field, a 2006 survey by Phoenix Health Systems revealed that 40% of health care providers and over 30% of insurers admitted security breach events in the previous six-months. Only half of health care providers implement federal security standards and less than 80% comply with federal privacy standards. One-in-six insurers are out of compliance with federal privacy standards.
The following questions have been addressed in this article:What Does the Original California Database Security Breach Notification Act Cover?
What is the Three-Tier System of the Original Law?
How Has the California Security Breach Notification Law Been Changed?
What are the Three Main Parts of the Amended Law?