No harm, no foul — appellate court finds no CMIA claim without actual injury
By Joseph R Tiffany, Connie J Wolfe and Allen Briskin
California’s Confidentiality of Medical Information Act, Cal. Civ. Code § 56 et seq. (CMIA) provides that an individual may recover $1,000 (£590) nominal damages (plus actual damages if any) based on the negligent release of medical information by a healthcare provider or other covered party. A California appellate court recently held that a health provider cannot be held liable for negligent release based on theft of medical records unless the plaintiff can establish that those records were actually viewed by an unauthorised person.
Following the trend of several recent data breach cases limiting the liability of healthcare providers, the California Court of Appeal, Third District, held last week that plaintiffs cannot make a CMIA claim when their medical records are stolen from their healthcare providers, unless those plaintiffs can allege that their information was actually viewed by an unauthorised person: Sutter Health v Superior Court (Atkins), No. C072591, 2014 WL 3589699 (Cal. Ct. App. 12 July 2014). In May 2014, the California Court of Appeal, Fourth District, held that plaintiffs could not establish a CMIA claim based on the theft of a hospital index containing personal identifying information unless the index also includes information relating to medical history, mental or physical condition or treatment: Eisenhower Medical Center v Superior Court (Malanche), No. E058378, 2014 WL 2115216, at *1 (Cal. Ct. App. 21 May 2014). In 2013, the California Court of Appeal for the Second District held that to obtain nominal damages for violation of the CMIA, a plaintiff must allege that ‘the confidential nature of the plaintiff’s medical information was breached as a result of the healthcare provider’s negligence’: Regents of University of California v. Superior Court, 220 Cal. App. 4th 549, 564-70 (2013)…
Click on the link below to read the rest of the Pillsbury briefing.
News from Pillsbury Winthrop Shaw Pittman
News from The Lawyer
Briefings from Pillsbury Winthrop Shaw Pittman
The English High Court has analysed the arguments for and against non-English forum selection and choice-of-law terms in commercial contracts involving English parties.
The European data protection authorities will be conducting a ‘cookie sweep’. Businesses should be checking their websites and cookie notices now to ensure they are compliant and fix any issues.