Assembly Bill A4983B

2023-2024 Legislative Session

Provides for the protection of health information

download bill text pdf

Sponsored By

Current Bill Status Via S158 - On Floor Calendar


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Delivered to Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions
Votes

Bill Amendments

co-Sponsors

2023-A4983 - Details

Law Section:
General Business Law
Laws Affected:
Add Art 42 §§1100 - 1107, Gen Bus L

2023-A4983 - Summary

Provides for the protection of health information; establishes requirements for communications to individuals about their health information; requires either written consent or a designated necessary purpose for the processing of an individual's health information.

2023-A4983 - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   4983
 
                        2023-2024 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 27, 2023
                                ___________
 
 Introduced  by  M.  of  A. L. ROSENTHAL -- read once and referred to the
   Committee on Science and Technology
 
 AN ACT to amend the general business law, in relation to privacy  stand-
   ards  for electronic health products and services and permissible data
   brokering
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. The general business law is amended by adding a new article
 42 to read as follows:
                                ARTICLE 42
                  ELECTRONIC HEALTH PRODUCTS AND SERVICES
 
 SECTION 1100. DEFINITIONS.
         1101. ELECTRONIC HEALTH PRODUCTS AND SERVICES; PRIVACY.
         1102. PRIVATE RIGHT OF ACTION.
         1103. ACTIONS THAT ARE HIPAA COMPLIANT.
   §  1100.  DEFINITIONS. FOR THE PURPOSES OF THIS ARTICLE, THE FOLLOWING
 TERMS SHALL HAVE THE FOLLOWING MEANINGS:
   1. "CONSENT" MEANS AN  ACTION  WHICH  (A)  CLEARLY  AND  CONSPICUOUSLY
 COMMUNICATES THE INDIVIDUAL'S VOLUNTARY AUTHORIZATION OF AN ACT OR PRAC-
 TICE;  (B) IS MADE IN THE ABSENCE OF ANY MECHANISM IN THE USER INTERFACE
 THAT HAS THE PURPOSE OR SUBSTANTIAL EFFECT OF OBSCURING, SUBVERTING,  OR
 IMPAIRING DECISION MAKING OR CHOICE TO OBTAIN CONSENT; AND (C) CANNOT BE
 INFERRED  FROM  INACTION. A REQUEST FOR CONSENT SHALL BE PROVIDED TO THE
 INDIVIDUAL IN A CLEAR AND CONSPICUOUS DISCLOSURE, APART FROM ANY PRIVACY
 POLICY, TERMS OF SERVICE, TERMS OF USE, GENERAL RELEASE, USER AGREEMENT,
 OR OTHER SIMILAR DOCUMENT, OF ALL INFORMATION MATERIAL TO THE  PROVISION
 OF CONSENT.
   2.  "DEACTIVATION"  MEANS  A USER'S DELETION, REMOVAL, OR OTHER ACTION
 MADE TO TERMINATE HIS OR HER USE OF  AN  ELECTRONIC  HEALTH  PRODUCT  OR
 SERVICE.

  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD01105-01-3
              

co-Sponsors

2023-A4983A - Details

Law Section:
General Business Law
Laws Affected:
Add Art 42 §§1100 - 1107, Gen Bus L

2023-A4983A - Summary

Provides for the protection of health information; establishes requirements for communications to individuals about their health information; requires either written consent or a designated necessary purpose for the processing of an individual's health information.

2023-A4983A - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  4983--A
 
                        2023-2024 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 27, 2023
                                ___________
 
 Introduced  by  M.  of  A.  L. ROSENTHAL,  CUNNINGHAM  --  read once and
   referred to the Committee  on  Science  and  Technology  --  committee
   discharged, bill amended, ordered reprinted as amended and recommitted
   to said committee
 
 AN  ACT  to amend the general business law, in relation to providing for
   the protection of health information

   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. The general business law is amended by adding a new article
 42 to read as follows:
                                ARTICLE 42
                  NEW YORK HEALTH INFORMATION PRIVACY ACT
 SECTION 1100. DEFINITIONS.
         1101. REQUIREMENTS FOR COMMUNICATIONS TO INDIVIDUALS.
         1102. LAWFULNESS OF PROCESSING REGULATED HEALTH INFORMATION.
         1103. INDIVIDUAL RIGHTS.
         1104. SECURITY.
         1105. SERVICE PROVIDERS.
         1106. EXEMPTIONS.
         1107. ENFORCEMENT.
   §  1100.  DEFINITIONS.  AS  USED  IN THIS ARTICLE, THE FOLLOWING TERMS
 SHALL HAVE THE FOLLOWING MEANINGS:
   1. "DEIDENTIFIED INFORMATION" MEANS INFORMATION THAT CANNOT REASONABLY
 BE USED TO INFER INFORMATION ABOUT, OR OTHERWISE BE LINKED TO A  PARTIC-
 ULAR INDIVIDUAL, HOUSEHOLD, OR DEVICE, PROVIDED THAT THE REGULATED ENTI-
 TY OR SERVICE PROVIDER THAT PROCESSES THE INFORMATION:
   (A)  IMPLEMENTS  REASONABLE  TECHNICAL  SAFEGUARDS  TO ENSURE THAT THE
 INFORMATION CANNOT BE  ASSOCIATED  WITH  AN  INDIVIDUAL,  HOUSEHOLD,  OR
 DEVICE;
   (B)  PUBLICLY  COMMITS TO PROCESS THE INFORMATION ONLY AS DEIDENTIFIED
 INFORMATION AND NOT ATTEMPT TO REIDENTIFY THE INFORMATION,  EXCEPT  THAT
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD01105-02-3
              

co-Sponsors

2023-A4983B - Details

Law Section:
General Business Law
Laws Affected:
Add Art 42 §§1100 - 1107, Gen Bus L

2023-A4983B - Summary

Provides for the protection of health information; establishes requirements for communications to individuals about their health information; requires either written consent or a designated necessary purpose for the processing of an individual's health information.

2023-A4983B - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  4983--B
 
                        2023-2024 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 27, 2023
                                ___________
 
 Introduced  by  M.  of  A.  L. ROSENTHAL,  CUNNINGHAM  --  read once and
   referred to the Committee  on  Science  and  Technology  --  committee
   discharged, bill amended, ordered reprinted as amended and recommitted
   to  said  committee  -- again reported from said committee with amend-
   ments, ordered reprinted as amended and recommitted to said committee

 AN ACT to amend the general business law, in relation to  providing  for
   the protection of health information
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. The general business law is amended by adding a new article
 42 to read as follows:
                                ARTICLE 42
                  NEW YORK HEALTH INFORMATION PRIVACY ACT
 SECTION 1100. DEFINITIONS.
         1101. REQUIREMENTS FOR COMMUNICATIONS TO INDIVIDUALS.
         1102. LAWFULNESS OF PROCESSING REGULATED HEALTH INFORMATION.
         1103. INDIVIDUAL RIGHTS.
         1104. SECURITY.
         1105. SERVICE PROVIDERS.
         1106. EXEMPTIONS.
         1107. ENFORCEMENT.
   § 1100. DEFINITIONS. AS USED IN  THIS  ARTICLE,  THE  FOLLOWING  TERMS
 SHALL HAVE THE FOLLOWING MEANINGS:
   1. "DEIDENTIFIED INFORMATION" MEANS INFORMATION THAT CANNOT REASONABLY
 BE  USED TO INFER INFORMATION ABOUT, OR OTHERWISE BE LINKED TO A PARTIC-
 ULAR INDIVIDUAL, HOUSEHOLD, OR DEVICE, PROVIDED THAT THE REGULATED ENTI-
 TY OR SERVICE PROVIDER THAT PROCESSES THE INFORMATION:
   (A) IMPLEMENTS REASONABLE TECHNICAL  SAFEGUARDS  TO  ENSURE  THAT  THE
 INFORMATION  CANNOT  BE  ASSOCIATED  WITH  AN  INDIVIDUAL, HOUSEHOLD, OR
 DEVICE;
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD01105-07-3
 A. 4983--B                          2
              

co-Sponsors

2023-A4983C - Details

Law Section:
General Business Law
Laws Affected:
Add Art 42 §§1100 - 1107, Gen Bus L

2023-A4983C - Summary

Provides for the protection of health information; establishes requirements for communications to individuals about their health information; requires either written consent or a designated necessary purpose for the processing of an individual's health information.

2023-A4983C - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  4983--C
 
                        2023-2024 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 27, 2023
                                ___________
 
 Introduced by M. of A. L. ROSENTHAL, CUNNINGHAM, REYES, DINOWITZ, SIMON,
   TAPIA,  SHIMSKY,  FAHY, BICHOTTE HERMELYN, EPSTEIN, BURDICK, McDONALD,
   BRAUNSTEIN,  SEAWRIGHT,  LUCAS,  STIRPE,  AUBRY,  GLICK,  KIM,  DILAN,
   TAYLOR,  SEPTIMO,  GONZALEZ-ROJAS, LEVENBERG, MITAYNES, ARDILA, THIELE
   -- read once and referred to the Committee on Science  and  Technology
   --  committee  discharged,  bill amended, ordered reprinted as amended
   and recommitted to said committee -- again reported from said  commit-
   tee  with  amendments, ordered reprinted as amended and recommitted to
   said committee -- recommitted to the Committee on Science and Technol-
   ogy  in  accordance  with  Assembly  Rule  3,  sec.  2  --   committee
   discharged, bill amended, ordered reprinted as amended and recommitted
   to said committee
 
 AN  ACT  to amend the general business law, in relation to providing for
   the protection of health information
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. The general business law is amended by adding a new article
 42 to read as follows:
                                ARTICLE 42
                  NEW YORK HEALTH INFORMATION PRIVACY ACT
 SECTION 1100. DEFINITIONS.
         1101. REQUIREMENTS FOR COMMUNICATIONS TO INDIVIDUALS.
         1102. LAWFULNESS OF PROCESSING REGULATED HEALTH INFORMATION.
         1103. INDIVIDUAL RIGHTS.
         1104. SECURITY.
         1105. SERVICE PROVIDERS.
         1106. EXEMPTIONS.
         1107. ENFORCEMENT.
         1108. CONTRACTS AND WAIVERS VOID AND UNENFORCEABLE.
   §  1100.  DEFINITIONS.  AS  USED  IN THIS ARTICLE, THE FOLLOWING TERMS
 SHALL HAVE THE FOLLOWING MEANINGS:
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD01105-14-4
              

co-Sponsors

2023-A4983D (ACTIVE) - Details

Law Section:
General Business Law
Laws Affected:
Add Art 42 §§1100 - 1107, Gen Bus L

2023-A4983D (ACTIVE) - Summary

Provides for the protection of health information; establishes requirements for communications to individuals about their health information; requires either written consent or a designated necessary purpose for the processing of an individual's health information.

2023-A4983D (ACTIVE) - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  4983--D
 
                        2023-2024 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 27, 2023
                                ___________
 
 Introduced by M. of A. L. ROSENTHAL, CUNNINGHAM, REYES, DINOWITZ, SIMON,
   TAPIA,  SHIMSKY,  FAHY, BICHOTTE HERMELYN, EPSTEIN, BURDICK, McDONALD,
   BRAUNSTEIN,  SEAWRIGHT,  LUCAS,  STIRPE,  AUBRY,  GLICK,  KIM,  DILAN,
   TAYLOR,  SEPTIMO, GONZALEZ-ROJAS, LEVENBERG, MITAYNES, ARDILA, THIELE,
   RAMOS -- read once and referred to the Committee on Science and  Tech-
   nology  --  committee  discharged,  bill amended, ordered reprinted as
   amended and recommitted to said committee -- again reported from  said
   committee  with amendments, ordered reprinted as amended and recommit-
   ted to said committee -- recommitted to the Committee on  Science  and
   Technology  in  accordance  with  Assembly Rule 3, sec. 2 -- committee
   discharged, bill amended, ordered reprinted as amended and recommitted
   to said committee -- reported and referred to the Committee  on  Codes
   --  reported  and referred to the Committee on Rules -- again reported
   from said committee with amendments, ordered reprinted as amended  and
   recommitted to said committee
 
 AN  ACT  to amend the general business law, in relation to providing for
   the protection of health information
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. The general business law is amended by adding a new article
 42 to read as follows:
                                ARTICLE 42
                  NEW YORK HEALTH INFORMATION PRIVACY ACT
 SECTION 1100. DEFINITIONS.
         1101. REQUIREMENTS FOR COMMUNICATIONS TO INDIVIDUALS.
         1102. LAWFULNESS OF PROCESSING REGULATED HEALTH INFORMATION.
         1103. INDIVIDUAL RIGHTS.
         1104. SECURITY.
         1105. SERVICE PROVIDERS.
         1106. EXEMPTIONS.
         1107. ENFORCEMENT.
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD01105-15-4
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.