On June 26, 2024, California Attorney General Rob Bonta sent letters to eight major pharmacy chains and five health data companies reminding them of their obligations to conform to the new California law concerning protected health information related to reproductive care. Companies receiving letters include CVS, Walgreens, Walmart, Kroger, and Rite Aid.
New requirements of the California Confidentiality of Medical Information Act (CMIA), under Assembly Bill 352 (2023), effective July 1, 2024, provide additional protections for confidential patient information. Law enforcement cannot gain access to information concerning patients’ reproductive health or gender-affirming care without a warrant. In addition, pharmacies and health data companies are prohibited from disclosing patients’ abortions to anyone from another state without the patient’s consent. These companies must also enable security features to segregate and protect data concerning abortion, contraception, and gender-affirming care.
Attorney General Bonta spoke out to reinforce compliance with these new requirements, stressing that protecting patient information “is now more imperative than ever.” The letters asked these companies to provide the Attorney General with their policies demonstrating their compliance with AB 352 by July 31, 2024.