Mirage, Calif.-based Eisenhower Medical Center and Sacramento, Calif.-based Sutter Health have both won lawsuits filed against them following data breaches, in landmark rulings for hospital liability following loss of patient information.
In a $500 million class action suit against Eisenhower Medical Center, the California Court of Appeals ruled providers are not liable for release of patient personal information under California's Confidentiality of Medical Information Act if that information does not include information about medical histories, conditions or treatments.
The California Supreme Court declined to hear an appeal for two lower court decisions ruling Sutter Health was not liable under the CMIA for damages of up to $1,000 per patient in the theft of a desktop computer with access to 4 million patient records.
"These decisions set a powerful precedent on damages that can be awarded in the event of data breaches," said Beth Diamond, claims team leader for Beazley Insurance Services' technology, media and business service focus group. "While healthcare providers have a clear duty to protect patient information, they should not be subject to opportunistic damages claims."
More articles on health IT:
JASON co-chairs suggest solution to interoperability is market forces