Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

California: Bill relating to health information signed by Governor and becomes law

On September 27, 2023, Assembly Bill 352 on Health information was signed by the California Governor and became law.


The Act outlines requirements for businesses that electronically store or maintain medical information on the provision of sensitive services on behalf of a provider of health care, health care service plan, pharmaceutical company, contractor, or employer to develop capabilities, policies, and procedures.

Key requirements

The Act stipulates that covered businesses, in specific circumstances, must develop capabilities, policies, and procedures, on or before July 1, 2024, to, among other things:

  • limit user access privileges to information systems that contain medical information related to sensitive services only to those persons who are authorized to access specified medical information;
  • prevent the disclosure, access, transfer, transmission, or processing of medical information related to sensitive services to persons and entities outside of California;
  • segregate medical information related to sensitive services from the rest of the patient's record; and
  • provide the ability to automatically disable access to segregated medical information related to sensitive services by individuals and entities in another state.

Furthermore, the Act establishes specific rules around the disclosure, transmission, transfer, sharing, or granting of access to medical information that would identify an individual in relation to abortion.

You can read the Act here and view its history here.