California Senate Bill 541 (SB 541)

California Senate Bill 541 of 2007-2008, also known as SB 541, is a California law that imposes penalties upon institutions that fail to protect the privacy of patient medical records.

Penalty for Lack of Compliance

Penalties imposed by SB 541 vary depending on the circumstances of the violations, but they include:

penalties of up to US$25,000 per patient
penalties of up to $17,500 per subsequent access, use, or disclosure
penalties of $100 per day that the violation is not reported within the 5-day reporting period

The penalties imposed by SB 541 apply to institutions, not to individuals.

More Information

The information provided above is simplified to make SB 541 easier to understand. For the full text of the act, see SB 541.

Go To: Privacy of Patient Medical Records

Training for Students

PharmD students are:

Provided with HIPAA training in their first year. This training also covers SB 541.
Presented during Orientation with our e-mail policy, which reminds students that they must use secure e-mail when sending patient information in e-mail.

Training for Employees

All University employees receive basic HIPAA training as part of the New Employee Orientation Program. This training also covers SB 541. See New Employees.

For Employees Only

If a Violation Occurred

If you know or suspect that an SB 541 violation occurred, immediately contact your supervisor to resolve the problem. If you're not satisfied with your supervisor's response, contact the Whistleblower coordinator.