What’s happening in California with respect to health privacy? In short, a lot! In a new report released by the California Healthcare Foundation and authored by CDT’s health privacy team, California’s dynamic health privacy landscape is analyzed, with areas for future policy explored. “Rights and Requirements: A Guide to Privacy and Security of Health Information in California” is an invaluable resource for health care professionals in California and elsewhere as they address the privacy and security challenges of patient information.
The report examines both federal and California state laws, paying particular attention to the federal Health Information Technology for Economic and Clinical Health Act (HITECH) and the Affordable Care Act (ACA), including California’s insurance marketplace, Covered California.
Beyond the legislative side, the report also addresses important questions for a wide audience of healthcare and health IT professionals, including:
- Answering how health information exchanges (HIEs) will be impacted as a result of greater regulatory oversight in terms of privacy and security, and what that means for health care providers and insurers as California attempts to implement a network of HIEs throughout the state.
- Explaining when mobile application developers working on personal health records (PHRs) will be subject to regulatory oversight.
- Detailing the breach notification standards that are in place for health care providers and plans with customers in California, including a more stringent requirement for when a provider or plan must respond to a breach.
Overall, both the federal and state laws have helped improve the health privacy landscape for patients in California, but work remains to be done to solidify the privacy and security of electronic health records and information exchanges, and to build public trust. This report offers a good understanding of the current landscape and what work remains – definitely give it a read!