New California Breach Notification Law: HIPAA & HITECH Act Blog by Jonathan P. Tomes

JonTomesGovernor Jerry Brown recently signed into law a California bill regarding breach notification, A.B. 2828, amending California Civil Code §§ 1798.29(a) and 1798.82(a) so that, if encrypted data is leaked together with the encryption key or security credential that “could render that personal information readable or useable,” breach notification is required. Previously, similar to HIPAA, California breach notification law did not require notification if the data was encrypted. If the encrypted data was lost or stolen, no notification had been required. But under this change, if the encrypted data is compromised, along with the encryption key or security credential that “could render that personal information readable or useable,” the entity must notify as required by California Civil Code §§ 1798.29(e) and 1798.82(f). This change is effective January 1, 2017.
So if you are doing business in California, it’s time now to update your breach notification policy to reflect this change in California law. And remember to train your workforce on your updated policy and to keep written documentation of the policy and the training in Your Happy HIPAA Book.
Alice McCart here. If you can’t take any more shopping or decorating or heating up leftovers and just want to relax and read something amusing, you can now find Chapters 9-20 of Jon’s novel HITECH Hysteria in the Premium Member section of the Veterans Press website. Of course, Chapters 1-8 are there, too, in case you haven’t read them yet. HITECH Hysteria is the sequel to Jon’s earlier novel, HIPAA Hysteria, which is also available in the Premium Member section.
If you have trouble logging into the Premium Member section, we apologize. We are in the process of redesigning our website to make it more user friendly. If you have ideas on how we can make it less user surly, please let us know. Yes, we know that it needs to be faster and mobile friendly. What else would you like? We can’t guarantee that we can fulfill every request, but we would like to know what to aim for. Please email me your suggestions at Also email me if you have trouble logging in, and I will forward your help requests to our IT/order department.
As always, and not just now at Thanksgiving time, thank you for being such loyal customers and clients and readers of Jon’s blog. We are truly grateful for your business and wish you every success in your HIPAA compliance efforts.

seo by: k.c. seo