PRINTER'S NO. 1927
No. 1626 Session of 1995
INTRODUCED BY DeLUCA, JAROLIN, READSHAW, FAIRCHILD, SHANER, ROONEY, STURLA, ROBINSON, COLAIZZO, MANDERINO, LUCYK, D. W. SNYDER, TIGUE, WALKO, YOUNGBLOOD, SAYLOR, HERMAN, MIHALICH, ITKIN, RAMOS AND WASHINGTON, MAY 10, 1995
REFERRED TO COMMITTEE ON HEALTH AND HUMAN SERVICES, MAY 10, 1995
AN ACT 1 Providing for the confidentiality of medical records and for a 2 civil cause of action; and providing penalties. 3 The General Assembly of the Commonwealth of Pennsylvania 4 hereby enacts as follows: 5 Section 1. Short title. 6 This act shall be known and may be cited as the 7 Confidentiality of Medical Records Act. 8 Section 2. Legislative intent. 9 (a) Findings.--The General Assembly finds that computer 10 networks are increasingly being used to store confidential 11 medical records, which has increased the availability of this 12 information to nonauthorized personnel. Computer networks have 13 proven to be an invaluable tool in providing emergency health 14 care. The increased availability of these records, however, 15 requires strict laws regarding the access to and use of 16 confidential medical records.
1 (b) Intent.--It is the intent of the General Assembly to 2 promote the use of new technologies to improve medical care 3 while at the same time affording the public protection against 4 unauthorized access to and use of confidential medical records. 5 Section 3. Definitions. 6 The following words and phrases when used in this act shall 7 have the meanings given to them in this section unless the 8 context clearly indicates otherwise: 9 "Computer network." The interconnection of two or more 10 computers through the usage of satellite, microwave, line or 11 other communication medium. 12 "Department." The Department of Health of the Commonwealth. 13 "Medical records." Medical charts or records of any health 14 care facility licensed under the laws of this Commonwealth. 15 Section 4. Notification of records transfer. 16 No medical records shall be transferred to any computer 17 network without prior notice being provided to the patient. 18 Notice in writing shall be provided to any patient whose records 19 have been transferred prior to the effective date of this act. 20 Section 5. Good faith access and use of records. 21 No cause of action shall arise for transfers in regard to 22 this section if the action was made in good faith for the 23 benefit of the patient in an emergency health care situation. 24 Section 6. Civil cause of action. 25 Any person aggrieved by a violation of this act shall have a 26 cause of action against the person who committed or ordered the 27 commission of such violation and may receive compensatory 28 damages. An aggrieved person may also recover reasonable 29 attorney fees and costs. 30 Section 7. Sentencing. 19950H1626B1927 - 2 -
1 Any person who violates this act commits a misdemeanor of the 2 third degree and shall, upon conviction, be sentenced to pay a 3 fine of not more than $2,000 and to imprisonment for not more 4 than one year. 5 Section 8. Separate violations. 6 Each disclosure of or access to confidential medical records 7 in violation of this act is separate for the purposes of 8 criminal prosecution and civil liability. 9 Section 9. Departmental regulations. 10 The department shall issue any additional regulations needed 11 to ensure the confidentiality of any medical records placed on a 12 computer network. 13 Section 10. Automation of medical records. 14 Nothing in this act shall be construed to prohibit the use of 15 automation in medical records service, provided that all 16 provisions in this act are met and the information is readily 17 available for use in patient care. 18 Section 11. Effective date. 19 This act shall take effect in 90 days. D11L35DGS/19950H1626B1927 - 3 -