Updates from Assembly Bill 352 and Senate Bill 345 take effect on July 1, 2024
Effective July 1, 2024, certain businesses handling medical information on sensitive services must develop security policies for data related to gender-affirming care, abortion, abortion-related services, and contraception. Health care providers, plans, contractors, or employers are also prohibited from sharing medical information for investigations or inquiries from other states or federal agencies regarding lawful abortions unless authorized by existing law.
How electronic data can be exchanged for sensitive services
As of January 31, 2024, data for abortion and abortion-related services must be omitted from data exchanged via health information exchanges (HIEs) and may not be transmitted to California HIEs. As of July 1, 2024, data for gender-affirming care must be omitted from data exchanged via HIEs and may not be transmitted to California HIEs.
The following requirements adapted from Assembly Bill 3521 apply to physicians and other health care providers:
- A business, as described in Section 56.06 of the California Civil Code, that electronically stores or maintains medical information on the provision of sensitive services, including, but not limited to, on an electronic health record system or electronic medical record system, on behalf of a provider of health care, health care service plan, pharmaceutical company, contractor, or employer, shall develop capabilities, policies, and procedures, on or before July 1, 2024, to enable all of the following:
- Limit user access privileges to information systems that contain medical information related to gender affirming care, abortion and abortion-related services, and contraception only to those persons who are authorized to access specified medical information.
- Prevent the disclosure, access, transfer, transmission, or processing of medical information related to gender affirming care, abortion and abortion-related services, and contraception to persons and entities outside of the state of California in accordance with this part.
- Segregate medical information related to gender affirming care, abortion and abortion-related services, and contraception from the rest of the patient’s record.
- Provide the ability to automatically disable access to segregated medical information related to gender affirming care, abortion and abortion-related services, and contraception by individuals and entities in another state.
Legally protected health care activity includes, but is not limited to:
- Reproductive health care services,
- Gender-affirming health care services, and
- Gender-affirming mental health care services.
Sensitive Services include, but are not limited to:
- Services related to mental/behavioral health,
- Sexual and reproductive health,
- Sexually transmitted infections,
- Substance use disorder,
- Gender affirming care, and
- Intimate partner violence.
How reproductive privacy affects providers and others1
AB 352 requires physicians and other health care providers to incorporate and/or adhere to the following changes:
- Specified businesses (as referenced in 56.06) that store or maintain medical information regarding sensitive services must develop specific policies, procedures and capabilities that protects sensitive information.
- Health care service plans, providers and others may not cooperate with any inquiry or investigation from any individual, outside state, or federal agency that would identify an individual that is seeking, obtaining, or has obtained an abortion or related services that are lawful in California. Exceptions may be authorized if the individual has provided authorization for the disclosure.
- The exchange of health information related to abortion and abortion-related services is excluded from automatically being shared on the California Health and Human Services Data Exchange Framework.
Additional impacts of SB 345
- Prohibits healing arts boards from denying an application for a license, or from imposing discipline on a licensee, on the basis of a civil judgment, criminal conviction or disciplinary action in another state if that judgment is based solely on the application of another state’s law that interferes with a person right to receive sensitive services.
- Updates the practice of nurse-midwifery to include care for common gynecologic conditions and (when certified by a physician or surgeon) to furnish or order Schedule II and III controlled substances as specified.
- Prohibits a person or business from collecting, using, disclosing, or retaining the personal information of a person who is physically located at or within a precise geolocation of a family planning center.
- Repeals current state provisions that:
- Prohibit an abortion from being performed upon an unemancipated minor unless they have first given written consent to the abortion and also has obtained the written consent of one parent or legal guardian.
- Provide specified judicial procedures when consent of a parent or guardian cannot be obtained by the pregnant unemancipated minor.
- Updates gendered language throughout, and references to “unborn child” have been changed to “fetus”.
Additional information
Access any of the assembly bills referenced in this communication:
Relevant sections of the Wellcare Provider Manual have been revised to reflect the information contained in this update as applicable. The manual is available online at wellcare.com/California/Providers/Medicare.
If you have questions regarding the information contained in this update, contact 1-866 999 3945.
- 1Information taken or derived from Assembly Bill 352, Senate Bill 345.
