The Artificial Intelligence in Healthcare Services Bill, signed into law by Governor Gavin Newsom, imposes new requirements on California healthcare providers that use generative artificial intelligence tools to generate patient communications.
This law introduces new guardrails for California healthcare providers that deploy GenAI to reach their patients and is part of a broader effort by California to regulate the rapidly growing generative artificial intelligence (GenAI) sector. Developers of GenAI tools intended for use by healthcare providers in California will need to be mindful of the new legislation and may need to coordinate with their healthcare provider clients to support compliance with these new requirements.
The Artificial Intelligence in Healthcare Services Bill (AB 3030)[1] requires that a disclaimer be provided for AI-generated patient communications regarding patient clinical information to state that the information was created using GenAI and provide clear instructions on how the patient may contact a human healthcare provider. Specifically, the law applies to any California “health facility, clinic, physician’s office, or office of a group practice” that uses GenAI to generate "written or verbal patient communications pertaining to patient clinical information.”
Such GenAI communications from healthcare providers must further provide clear instructions on how a patient may contact a human healthcare provider, employee of the facility, or another appropriate person.
Notably, AB 3030’s requirements apply to each GenAI-generated communication pertaining to clinical information with a patient, regardless of whether the patient has been contacted previously with a GenAI communication. AB 3030 also includes specific requirements on the placement of the disclaimer in written, audio, and video communications.
Under AB 3030, only specific GenAI communications require a disclaimer and/or instructions for contacting an appropriate human. Most importantly, if a communication is “read and reviewed by a human licensed or certified healthcare provider” before being disseminated, AB 3030 does not apply. The law also does not impact GenAI communications unrelated to patient client information, such as communications for appointment scheduling or billing.
The Medical Board of California and the Osteopathic Medical Board of California possess jurisdiction over physicians who violate AB 3030. These boards anticipate creating a process for reporting complaints on their respective websites, although the implementation date for this reporting process remains unknown. Licensed clinics and health facilities that violate AB 3030 would be subject to the enforcement mechanisms described at Chapters 1 and 2 of Article 3 of the California Health and Safety Code.
AB 3030 follows a flurry of government activity in the AI space, including
It is also consistent with the recommendations of the American Medical Association’s “Principles for Augmented Intelligence Development, Deployment, and Use” that advocates for transparency and disclosure when using AI-enabled tools.
AB 3030 appears to be an attempt to balance the positive impact that GenAI can have in reducing providers’ burdens and increasing efficiency by recording digital notes, optimizing operational processes, and automating laborious tasks (as these GenAI tools fall outside of AB 3030’s scope) with the potential risks of implementing GenAI in direct patient care activities.
These new requirements have implications for both GenAI developers and healthcare providers in California that currently use or are considering using GenAI tools. Developers that service the California healthcare industry may need to update or modify their GenAI tools to meet the new disclaimer and instruction requirements for AI-generated patient communications. Healthcare providers in California using or considering using GenAI tools should perform sufficient diligence to ensure compliance with these new requirements.
The legal landscape affecting GenAI and other digital health technologies is continually evolving, and healthcare remains a highly regulated space. Both healthcare providers and digital health developers should ensure that they remain up to date on new legislation regulating, reimbursing, or even potentially restricting the use of GenAI—and related technologies in the healthcare industry.
This includes not only state requirements, such as the new California legislation and state medical board requirements, but also federal laws and regulations, such as those imposed by federal Food and Drug Administration, the Centers for Medicare and Medicaid Services, and the Office for Civil Rights in the context of federal cybersecurity and data protections laws.
Morgan Lewis lawyers guide and provide strategic counseling for healthcare providers and developers of artificial intelligence, machine learning, and other health tech tools, assisting them in assessing, anticipating, and navigating regulatory and legal changes, with experience in the regulation of GenAI and other digital health technologies at both the federal and state levels.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following:
[1] Codified at Chapter 2.13 (commencing with Section 1339.75) of Division 2 of California’s Health and Safety Code.