The IT Law Wiki
The IT Law Wiki

Citation[]

Confidentiality of Medical Information Act (CMIA), Cal. Civ. Code §§ 56 et seq.

Overview[]

The Act requires health care providers and employers to obtain written authorization from patients prior to disclosure of identifiable information. There are many exceptions to the authorization requirement. Authorization is not required for disclosures related to diagnosis, treatment, billing, emergency situations, licensing and accreditation, utilization review, and quality assurance activities. Finally, "upon specific inquiry, unless specific written request by the patient to the contrary, [health care providers] may release patient name, address, age, sex, general description of the reason for treatment, general nature of condition, or other information not defined as 'medical information.'" Minimal remedies are available for violations of the Act.

Source[]