Gov. Arnold Schwarzenegger was among the celebrity victims of medical record privacy breaches when a UCLA researcher peered into his patient file in 2003, court records show.
Photo by Jyn Meyer
Whether he knew about it or not was unclear as of press time Thursday. But true to action hero form, Schwarzenegger leveled the forces of good and evil by signing two laws addressing the problem in 2008. Both carry harsh penalties for health workers who snoop and health facilities that enable them.
Yesterday the Department of Public Health announced the first round of fines against hospitals that failed to prevent medical privacy breaches. The penalties are among the most significant sanctions to date on behalf of people who hold little tabloid intrigue.
The state issued five fines totaling $675,000 against five California hospitals. Two laws allow the state to levy fines against hospitals and individuals. The law enforced yesterday sets fines at $25,000 for a breach of medical information and $17,500 for additional instances.
The heftiest fine of $250,000 went to Community Hospital of San Bernardino. According to a report on the lapses there, a radiology technician “lost a baby because she was on drugs and wanted to see records of obstetrics to see what the pregnant mothers did to get help.”
That worker went on to access the medical records of 204 patients. The Department of Public Health concluded that the hospital policies did not address prevention of unauthorized access to patient records.
The second-highest fine of $130,000 was issued to Enloe Medical Center in Chico after a “high-profile” patient was admitted. One staff member at the hospital and five employees of local doctors looked at the patient’s records.
Department of Public Health officials said they can refer hospital privacy breaches to the state’s Office of Health Information Integrity, which was created by one of two laws passed in the wake of celebrity breaches.
That office can fine individuals and convict them of a misdemeanor for knowing and willful disclosure of medical information or using it for financial gain.
While that nascent office does not boast of any enforcement actions on its website yet, the federal government recently elicited a guilty plea from the first medical worker to do jail time for snooping through other people's files.
According to a brief filed by assistant U.S. attorneys in a case against Huping Zhou, a medical researcher, Zhou accessed patient medical records more than 1,100 times. He peered upon the records of his boss and stars, including Schwarzenegger, Cameron Diaz, Drew Barrymore, Tom Hanks and Leonardo DiCaprio.
Schwarzenegger spokesman Aaron McLear said the governor was aware of the high-profile leak of California First Lady Maria Shriver's records when he signed the privacy protection laws.
"Californians seeking care at a hospital or health facility should never have to worry that their private medical information will be shared," the Governor said at the bill signing in 2008.
In an unrelated proceeding, Zhou pleaded guilty to charges of wrongful obtaining of records and was sentenced earlier this year to four months in jail.
Prosecutors summarized their case, which was set for trial, days before Zhou entered the plea agreement: