California Privacy Laws
The California Confidentiality of Medical Information Act
(CA Civil Code §56 et seq)
provides that Private Information about your health and healthcare is perhaps the most sensitive and personal kind of information collected. California State & Federal HIPAA laws give us many rights to limit those who see our medical records.
Businesses are forbidden from trying to obtain medical information directly from an individual for direct marketing purposes without clearly and conspicuously disclosing how it will use and share that information, and without obtaining the consumer’s consent. (SB 1633 Civil Code §1798.91)
Manifest MedEx manifest medex.org/ is tackling one of healthcare’s hardest and most fundamental problems. A problem that has to be fixed before hospitals, health plans, and physicians can do the hard work to reduce costs, provide a better patient experience, and improve outcomes. Manifest MedEx is on a mission to connect healthcare in California. We’ve built a nonprofit utility that gets health information out of silos. Our network facilitates the secure exchange of real-time information on millions of patients across California. Your job is to make healthcare better. Our job is to get you the information you need.
Covered CA Privacy Policy Webpage
Insurance Information and Privacy Protection Act §791-791.27
California Code of Regulations Section §2689.1 et seq. www.calregs.com/
Regulations Title 10 Subchapter 5.9 – 22 pages pdf
Covered CA Agent Privacy Course 2019-2020
Email us for 2020 – 2021 Presentation
(C:/Covered.CA/Certification.Seminar/Job Aids)
Covered CA Privacy Policy Webpage
Online Privacy Act
The California Online Privacy Protection Act of 2003 (CalOPPA) amended in 2013, requires commercial websites on the World Wide Web and online services to include a privacy policy on their website. Wikipedia *
Data Privacy Law
On Jan. 1, 2020, all Californians will be able to find out what personal information a business is collecting about them, their devices and their children. Companies can still collect the data: what you buy; where you go, and when; all the photos you’ve ever taken; your emails, even the ones you deleted. But what companies must now do is tell you what they’re collecting when you ask, and delete it all if you ask for that. However, some companies can deny your request to delete if the data is required in order to complete a financial transaction or protect against fraud. What companies can’t do anymore, legally, is sell that data if you tell them not to NPR *
leginfo.legislature.ca.gov/1798.82
oag.ca.gov/data breach/reporting
Consumer Links
Website Privacy Law Opt Out Selling Information LA Times 1.2.2020 *
David Lazarus LA Times 8.18.2020 should be easier to opt out
California Patients Guide wikipedia.org
California State Office of Privacy Protection Website CA
Office of HIPAA Implementation ***
CA Healthcare Foundation 15 Page Pdf
Rights & Requirements Federal HIPAA
Technical & Research Links
Use of Social Security Number §1798.85 California Senate Bill 168
Family Law Code §3751.5 Right of Other Parent to Obtain Medical Information
Covered CA Agent Agreement Exhibit # D on Privacy & Security
LAW
California Law – Constitutional Right to Privacy
California Law – General Privacy Laws
California Law – Health Information Privacy
California Law – Identity Theft
California Law – Online Privacy
California Law – Unsolicited Commercial Communications
Federal Law – General Privacy Laws
Federal Law – Health Information Privacy
Federal Law – Identity Theft
Federal Law – Online Privacy
Federal Law – Unsolicited Commercial Communications
California Consumer Privacy Act (CCPA)
The intentions of the Act are to provide California residents with the right to:
- Know what personal data is being collected about them.
- Know whether their personal data is sold or disclosed and to whom.
- Say no to the sale of personal data.
- Access their personal data.
- Request a business to delete any personal information about a consumer collected from that consumer.[9]
- Not be discriminated against for exercising their privacy rights. Wikipedia *
Word Press web sites – How to comply from WordPress.com
The California Department of Insurance, pursuant to Title 10 California Code of Regulations section 2190.7, requires that an insurance producer maintain certain records that must be open and available for Department inspection at the agent’s place of business. The principal rule, found under section 2190.3, requires an agent to keep his file for 18 months after an insurance transaction, which includes the following items:
1) the identity of each person who transacted the insurance,
2) all binders showing the names of the insured and insurer, the nature of the coverage, and the effective and termination dates as well as premium,
3) a copy of the application or memorandum requesting the insurance, and
4) correspondence, notes, memoranda and other records.
Under the broader rule of Title 10 California Code of Regulations section 2190.2, certain information must be kept for every insurance transaction for five years. There are 18 items of information, which include the parties, particulars of the policy and information about what payment was made and how it was handled by the agent (including banking information). Although whole files do not have to be maintained for the five years, this information must be traceable back to whatever source documents were used to assemble the information.
The main areas of concern when the Department wants to inspect a file are typically appropriate handling of premium monies and the presence of signatures on carrier forms. CA License Blog
Records are to be maintained for a minimum of five years after the expiration or cancellation of the policy in question. Good sense dictates that you maintain your records for up to 10 years if economically and practically feasible. Of course, the average agent or broker will not maintain his/her records in perpetuity. Nevertheless, retaining your files for 8 to 10 years is not only suggested but advised as a means to cut off potential E&O claims and to assist existing insureds. Rough Notes.com
§ 2190.2. Required Records. 5 years
§ 2190.7. Place Where Records Kept.
Also, if an insured is over age 65 and the policy is solicited or sold through a house call, the mandated advance notice of that visit should be kept in the file.CA License Blog I don’t think he’s quite right
Our webpage on Scope of Appointment for Medicare Advantage which we are required to keep for 10 years
