Bill

Bill > SF2397


IA SF2397

IA SF2397
A bill for an act relating to a public entity's purchase or collection of health information from an entity not subject to the federal Health Insurance Portability and Accountability Act.


summary

Introduced
02/19/2026
In Committee
02/19/2026
Crossed Over
Passed
Dead

Introduced Session

91st General Assembly

Bill Summary

This bill prevents a public agency from purchasing or collecting health information from an entity that is not subject to the federal Health Insurance Portability and Accountability Act of 1996, regardless of whether the entity has secured approval from an individual to share the individual’s health information. The bill defines health information and public agency.

AI Summary

This bill establishes new protections for consumer health information by preventing a public agency, which is defined as a government entity, from purchasing or collecting health information from any entity that is not subject to the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA is a federal law that sets standards for protecting sensitive patient health information, and this bill clarifies that "health information" will be defined according to HIPAA's regulations. Importantly, this prohibition applies even if the entity has obtained an individual's permission to share their health information, meaning public agencies cannot circumvent these new rules by getting consent from individuals.

Committee Categories

Health and Social Services

Sponsors (4)

Last Action

Subcommittee: Sweeney, Trone Garriott, and Webster. S.J. 331. (on 02/19/2026)

bill text


bill summary

Loading...

bill summary

Loading...
Loading...