Federal and State Health Laws
This page lists state and federal health laws. The list is not comprehensive, but provides a good overview of the protections provided patients in California.
- The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients’ rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections.
HIPAA Security Rules:
- Under Title II of GINA, it is illegal to discriminate against employees or applicants because of genetic information. Title II of GINA prohibits the use of genetic information in making employment decisions, restricts employers and other entities covered by Title II (employment agencies, labor organizations and joint labor-management training and apprenticeship programs - referred to as "covered entities") from requesting, requiring or purchasing genetic information, and strictly limits the disclosure of genetic information.
Confidentiality of Medical Information Act – Civil Code § 56.10-56.16:
- This law protects the privacy of medical information by limiting disclosures of providers of health care, health care service plans, and contractors.
Disclosures of lab for prenatal care: determination of rhesus (Rh) blood type – Health & Safety Code §125105:
- A blood specimen obtained as per 125080, shall be submitted to a laboratory to determine rhesus blood type and the results shall be reported to physician, surgeon, or other person providing prenatal care or attending the woman at the time of delivery, and to the woman tested. A blood specimen as per 125080 shall also be submitted to a laboratory to determine the presence of hepatitis B surface antigen and HIV virus. Both results shall be reported to the physician, surgeon, or other person who ordered the test and who shall inform the woman tested. The blood specimen and test results obtained per Health & Safety Code 125085 shall be confidential and not disclosed, unless otherwise provided by law; no person shall be compelled to provide test results pursuant to 125080 or 125085
Consent by patient for lab results via internet or other electronic means must be consistent with CMIA – Health & Safety Code §123148:
- If the patient requests, a health care provider shall provide the results of the laboratory test to the patient in written or oral form. Consent must be obtained to deliver results via electronic means. Electronic delivery or results shall be consistent with applicable federal law or state law. HIV antibody test, hepatitis infection tests, abusing the use of drugs, and tests related to routinely processed tissues revealing malignant results may not be conveyed by electronic means, unless the specific requirements of subdivision (f) of Health & Safety Code section 123148 are met. Test results and health information may not be used for commercial purpose without patient consent.
Mandated Blood Testing and Confidentiality to Protect Public Health –Health & Safety Code § 120975-121020:
- This law protects the privacy of individuals who are the subject of blood testing for antibodies to the probable causative agent of acquired immune deficiency syndrome (AIDS). No person shall be compelled to provide information in any civil, criminal, administrative, legislative or other proceedings that would reveal the identity of any individual who is the subject of an HIV blood test. Exceptions are provided in Health & Safety Code 1603.1, 1603.3 and 121022.