A breach at Lucile Salter Packard Children’s Hospital in 2010 generated a number of posts on this blog – especially after the hospital was reportedly fined $250,000 by California for a delay in notifying patients of the breach.
I recently reported that the hospital had settled its appeal with the state and did not have to pay the $250,000 fine, but I didn’t know why or what we could learn from the settlement. Neither the hospital nor the state would give me any statement before I wrote that post.
The state subsequently contacted me and said they would issue a statement, which I just received:
The original $250,000 penalty posting was an error discovered during the appeal. The correct calculation should have been $100/day times the number of days the facility failed to report the breach to CDPH, for a total penalty of $1100.
So after all that – and after all the blog entries and discussions with lawyers about the wisdom of such a steep penalty under the conditions of the breach and the possible constitutionality of California’s law, the fine was just a mistake.
And thus endeth this story.