California Senate Bill 541 (SB 541)
California Senate Bill 541 of 2007-2008, also known as SB 541, is a California law that imposes penalties upon institutions that fail to protect the privacy of patient medical records.
Penalty for Lack of Compliance
Penalties imposed by SB 541 vary depending on the circumstances of the violations, but they include:
- penalties of up to US$25,000 per patient
- penalties of up to $17,500 per subsequent access, use, or disclosure
- penalties of $100 per day that the violation is not reported within the 5-day reporting period
The penalties imposed by SB 541 apply to institutions, not to individuals.
More Information
The information provided above is simplified to make SB 541 easier to understand. For the full text of the act, see SB 541.
Training for Students
PharmD students are:
- Provided with HIPAA training in their first year. This training also covers SB 541.
- Presented during Orientation with our e-mail policy, which reminds students that they must use secure e-mail when sending patient information in e-mail.
Training for Employees
All University employees receive basic HIPAA training as part of the New Employee Orientation Program. This training also covers SB 541. See New Employees.
For Employees Only
If a Violation Occurred
If you know or suspect that an SB 541 violation occurred, immediately contact your supervisor to resolve the problem. If you're not satisfied with your supervisor's response, contact the Whistleblower coordinator.
