California Confidentiality of Medical Information Act (CMIA)
More and more frequently, hospitals and other healthcare entities are reported for alleged privacy violations. Many patients and health plan customers don’t know immediately how these privacy breaches impact them, though for most individuals, it can be quite damaging to future privacy.
The Lyon Firm is reviewing the California Confidentiality of Medical Information Act (CMIA) for plaintiffs and accepting class action health privacy claims nationwide.
Our medical information and medical history should be kept private at all costs, which is why California has gone above and beyond federal regulations and adopted comprehensive protections for consumers and patients–a necessary safeguard against breaches of doctor-patient confidentiality and widespread personal privacy violations.
Because medical providers, health care companies, and third-party vendors are often careless with regard to data security, medical information is compromised, leaving individuals vulnerable to medical identity theft.
But are there consumer protections in place? Yes, and individuals can take legal action.
The Health Insurance Portability and Accountability Act (HIPAA) is meant to protect patient health information at the federal level, and the California Confidentiality of Medical Information Act (CMIA) takes the protections even more seriously. The California law states that when medical information has been improperly disseminated, individuals can initiate lawsuits and seek compensatory damages.
If you believe your personal medical information has been used without your consent and in violation of HIPAA or CMIA, you may be able to hold those responsible accountable. The Lyon Firm attorneys offer no-cost and confidential consultations regarding California confidentiality laws.
The Confidentiality of Medical Information Act (CMIA) is a California law that protects the privacy of individually identifiable medical information obtained by health care providers, health insurers, and their contractors.
In short, the CMIA prohibits health care providers from disclosing sensitive medical information without first obtaining authorization, and requires health care providers that collect and store medical information to do so in a properly secure manner.
Under the new California confidentiality laws (CMIA), “medical information” is defined as any individually identifiable information in possession of or derived from “a provider of health care, health care service plan, pharmaceutical company, or contractor regarding a patient’s medical history, mental or physical condition, or treatment.”
CMIA’s reach goes beyond medical professionals and doctor-patient confidentiality – the medical privacy act statute also allows individuals to seek compensation when any “person or entity” uses medical information “knowingly or willfully,” and “for the purpose of financial gain.”
CMIA defines “medical information” as any individually identifiable information, in electronic or physical form, in possession of or derived from a provider of health care, health care service plan, pharmaceutical company, or contractor regarding a patient’s medical history, mental or physical condition, or treatment.
“Individually identifiable information” may include the following:
No, and individual plaintiffs may bring an action against any person or entity that has negligently released confidential information or records, for the amount of actual damages.
Any healthcare provider who knowingly and willfully obtains, discloses, or uses medical information in violation of CMIA may be liable for an administrative fine of up to $2,500 per medical privacy act violation.
Please complete the form below for a FREE consultation.
ABOUT THE LYON FIRM
Joseph Lyon has 17 years of experience representing individuals in complex litigation matters. He has represented individuals in every state against many of the largest companies in the world.
The Firm focuses on single-event civil cases and class actions involving corporate neglect & fraud, toxic exposure, product defects & recalls, medical malpractice, and invasion of privacy.
NO COST UNLESS WE WIN
The Firm offers contingency fees, advancing all costs of the litigation, and accepting the full financial risk, allowing our clients full access to the legal system while reducing the financial stress while they focus on their healthcare and financial needs.
Without data privacy class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
Holding companies accountable for poor cybersecurity and data theft incidents helps ensure that consumers are better protected in the future.
Privacy laws are meant to protect patients’ personal health data, and when institutions fail to protect personal data they may be sued for damages. In recent years much health data has been leaked and stolen, causing significant damages to plaintiffs who have have taken legal action.
In a recent case the American Medical Collection Agency (AMCA) settled with nearly 21 million people in 40 states and Washington D.C. concerning a data breach that may have exposed their personal information. The breach, which occurred in 2018, lasted nearly a year until official notice of the intrusion.
An unauthorized user gained access to the AMCA internal data system and collected the personal information, including Social Security numbers, financial information, and personal health information, such as medical tests and diagnostic codes.
Quest Diagnostics was alerted that the hack exposed the personal medical data of 11.9 million of its patients. LabCorp had 7.7 million patients exposed. A number of class action lawsuits were filed throughout the country, alleging negligence, breach of contract, and a variety privacy violations concerning data security.
CMIA violations are often discovered during internal audits. Supervisors may also identify areas of non-compliance or see employees blatantly violate CMIAA Rules. The penalties for violations can be severe, with fines of up to $2,500 per violation.
If your personal health data has been stolen or improperly leaked, you may have a data privacy claim against those responsible. Contact The Lyon Firm for a free and confidential case review.
A Class Action is a lawsuit brought by an individual on behalf of all other similarly situated individuals. Rule 23 of the Federal and State Rules of Civil Procedure allows for Class Action lawsuits to resolve disputes in an efficient format.
Class Actions are typically filed when the amount of money in dispute for a single plaintiff would not justify litigating the case, but where the amount of damages of the entire class of Plaintiffs would justify the cost of litigation. Without class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
Filing Class Action lawsuits is a complex and serious legal course and can carry monetary sanctions if proper legal course is not followed. The Lyon Firm is dedicated to assisting injured plaintiffs work toward a financial solution to assist in compensating for medical expenses or other damages sustained.
We work with law firms across the country to provide the most resources possible and to build your case into a valuable settlement. The current legal environment is favorable for consumers involved in data breach class actions, deceptive marketing lawsuits, TCPA telemarketing claims, and financial negligence claims.
CINCINNATI HYDE PARK OFFICE
2754 Erie AveCLEVELAND OFFICE
6105 Parkland Boulevard