Bill
Bill > SF2397
IA SF2397
IA SF2397A bill for an act relating to a public entity's purchase or collection of health information from an entity not subject to the federal Health Insurance Portability and Accountability Act.
summary
Introduced
02/19/2026
02/19/2026
In Committee
02/19/2026
02/19/2026
Crossed Over
Passed
Dead
Introduced Session
91st General Assembly
Bill Summary
This bill prevents a public agency from purchasing or collecting health information from an entity that is not subject to the federal Health Insurance Portability and Accountability Act of 1996, regardless of whether the entity has secured approval from an individual to share the individual’s health information. The bill defines health information and public agency.
AI Summary
This bill establishes new protections for consumer health information by preventing a public agency, which is defined as a government entity, from purchasing or collecting health information from any entity that is not subject to the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA is a federal law that sets standards for protecting sensitive patient health information, and this bill clarifies that "health information" will be defined according to HIPAA's regulations. Importantly, this prohibition applies even if the entity has obtained an individual's permission to share their health information, meaning public agencies cannot circumvent these new rules by getting consent from individuals.
Committee Categories
Health and Social Services
Sponsors (4)
Last Action
Subcommittee: Sweeney, Trone Garriott, and Webster. S.J. 331. (on 02/19/2026)
Official Document
bill text
bill summary
Loading...
bill summary
Loading...
bill summary
| Document Type | Source Location |
|---|---|
| State Bill Page | https://www.legis.iowa.gov/legislation/BillBook?ga=91&ba=SF2397 |
| BillText | https://www.legis.iowa.gov/docs/publications/LGI/91/attachments/SF2397.html |
Loading...