Skip to Content

Health Information Technology in California

California has enacted a number of laws dealing with the security and use of health information technology systems.

Health care providers that use electronic records systems must have policies and procedures in place in order to safeguard the confidentiality of patient information and to prohibit any unauthorized access of such records.  A health care provider is required to use an offsite backup storage system and a way of ensuring that once data is entered into the system, it cannot be changed.  Once an electronic patient record has been created and stored, the provider may destroy the original hard copy.1

All insurance companies licensed in California are required to implement an information security program that protects consumer information.2  Its  patient records must be kept confidential and secured against any unauthorized access.3

Additionally, California law requires the state to utilize a Management Information System that includes a clinical decision support system in order to oversee and evaluate the quality of care given to Medicaid recipients and their access to services.4

The state has also enacted laws governing the implementation of the electronic health record incentive program through its Medicaid State Health Information Technology Plan.5

Footnotes

  • 1. Health & Safety Code §123149
  • 2. 10 CA ADC §2689.14
  • 3. 10 CA ADC §2689.15
  • 4. Welfare & Inst. Code §14459.7
  • 5. Welfare & Inst. Code §14046.1

 

Health Information Technology in California

Subtopic Statute/Regulation Description
Incentive payments/funding for EHRs: Through state programs (incl. state Medicaid EHR Incentive Programs) Administration of Medi-Cal Electronic Health Records Incentive Program and Requirements of State Medicaid Health Information Technology Plan – Cal. Welf. & Inst. Code § 14046.1 “Administration of Medi-Cal Electronic Health Records Incentive Program; requirements of State Medicaid Health Information Technology Plan...
Establishment of Demonstration Projects, Performance Data, and Reporting – Cal. Health & Safety Code §130279 “Demonstration projects; project participant applications; areas for projects; selection of projects; evaluation of issues; annual number of...
Security of electronic health records and PHRs Destruction of Records-Cal. Civ. Code § 56.101 All health care providers, health service plans, pharmaceutical companies, contractors or other entities must preserve, store, maintain or destroy...
Electronic Record Keeping Systems and Additional Record Requirements - Cal. Health & Safety Code § 123149 Electronic recordkeeping systems; additional requirements Providers using electronic records systems for patient records must use an offsite backup...
Information Security Program Requirements – Cal. Code Regs. tit. 10 § 2689.14 A licensee is an insurance institution, agent, or support organization licensed by the California Department of Insurance that handles information in...
Incentive payments/funding for EHRs: Meaningful use Establishment of Demonstration Projects, Performance Data, and Reporting – Cal. Health & Safety Code §130279 “Demonstration projects; project participant applications; areas for projects; selection of projects; evaluation of issues; annual number of...
Incentive payments/funding for EHRs: From the federal government (ie: Medicare/Medicaid providers) Establishment of Demonstration Projects, Performance Data, and Reporting – Cal. Health & Safety Code §130279 “Demonstration projects; project participant applications; areas for projects; selection of projects; evaluation of issues; annual number of...
Electronic reporting requirements Management Information System/Decision Support System and Access to Information – Cal. Welf. & Inst. Code § 14459.7 "Management information system/decision support system; progress and status reports; expenditures and staffing; access to information"   The...