HB 1101 concerning security breach disclosure and identity deception was amended in committee and recommended to the Senate. It seems to be a well-intentioned bill. Basically it imposes duties on owners of databases with personal information of Indiana citizens designed to prevent identity theft and to mitigate the consequences to the people whose personal information is disclosed when the databases are compromised.
But stuck in the middle of that is a provision concerning the governing boards of county hospitals. It says that the board member in discharging his or her duties is entitled to rely on representations made by people the member believes to be reasonably competent in the matters presented, including legal counsel or accountants. It says that “All proprietary and competitive information concerning the county hospital is confidential. A member of a governing board may not disclose confidential information concerning the county hospital to any person not authorized to receive this information.” Finally it says that licensed physician is only eligible for appointment to a county hospital governing board if the physician is an active member of the medical staff of the hospital or holds a position that is equivalent to being an active member of the medical staff of the hospital; that a physician who is terminated from the medical staff of the hospital is removed from the governing board by operation of law; and that a physician whose clinical privileges or staff membership privileges have been significantly reduced shall be removed from the governing board by action of the board.
None of that is objectionable in and of itself, but it’s odd to see all that hospital stuff in a bill about identity theft and databases with personal information. I wonder what the backstory is.
Leave a Reply