First Enforcement of New California Medical Privacy Provisions: $250,000 Fine Imposed
Time 1 Minute Read
Categories: Enforcement, Health Privacy, Information Security, Security Breach, U.S. State Law

On May 14, 2009, the California Department of Public Health issued an Administrative Penalty Notice to the Kaiser Foundation Hospital — Bellflower for patient medical information privacy violations. Although the state did not identify the affected patient by name, the facts and circumstances described in the Notice correspond to the case of Nadya Suleman, the single mother of six who gave birth to octuplets at Bellflower in January 2009. The hospital was fined $250,000 for failure to prevent unlawful or unauthorized access to, or use or disclosure of, a patient’s medical information as required by new provisions recently added to California’s Health and Safety Code. California law also requires health care providers and facilities to notify the Department of any unlawful or unauthorized access to patient medical information within five days of detecting such access. These provisions were reportedly enacted in the wake of several high-profile health data compromises at California health care facilities involving celebrities such as Farrah Fawcett, Britney Spears and California first lady Maria Shriver.

Tags: California, HIPAA
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 1 Minute Read
Guardrails for Legal AI: What California’s SB 574 Would Require of Attorneys and Arbitrators

As reported on the Hunton Employment & Labor Perspectives blog, SB 574 is a California bill that would set specific duties for attorneys who use generative artificial intelligence and would restrict how arbitrators may use such tools in decision-making.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 1 Minute Read
CalPrivacy Issues $1.1 Million Fine for CCPA Violations Involving Student Privacy 
By

The California Consumer Privacy Act continues to drive significant enforcement activity—particularly when minors’ data is involved. In a recent action, the California Privacy Protection Agency imposed a $1.1 million fine on youth sports platform PlayOn Sports for alleged violations involving student data and inadequate opt-out mechanisms. The case highlights growing regulatory scrutiny around how companies collect, share, and provide transparency about personal information—especially when schools and students are involved. 

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
CalPrivacy Issues $1.1 Million Fine for CCPA Violations Involving Student Privacy 

On March 3, 2026, the CalPrivacy announced its first enforcement action involving student privacy, requiring PlayOn Sports to pay a $1.10 million fine for alleged violations of the CCPA’s opt-out rights and requirements.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 1 Minute Read
CARB Board Approves Climate Disclosure Initial Regulations
By

On February 26, 2026, the California Air Resources Board (CARB) voted to adopt staff’s proposed initial implementing regulations for California’s climate emissions disclosure and climate‑related financial risk reporting statutes—Senate Bill 253 and Senate Bill 261—both enacted in 2023.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page