KLS Keeping Law Simple Legislation in plain English

Straight-ahead summaries built from the official bill text. We keep the source links front and center and leave the decision up to you.

Back to California

AB-2448 • 2026

Medical information: confidentiality.

Medical information: confidentiality.

Abortion Crime Education Healthcare Labor Privacy
Passed Legislature

This bill passed both chambers and reached final enrollment, even if later executive action is not shown here.

Sponsor
Berman (A) , Bauer-Kahan
Last action
2026-06-09
Official status
From committee: Do pass and re-refer to Com. on HEALTH. (Ayes 7. Noes 1.) (June 8). Re-referred to Com. on HEALTH.
Effective date
Not listed

Plain English Breakdown

The bill's final status remains pending executive action.

Medical Information Privacy

The bill requires certain businesses to protect medical information related to gender affirming care, abortion and abortion-related services, and contraception by setting up rules and tools to keep this data safe and separate from other health records.

What This Bill Does

  • Requires specific companies that electronically store or manage sensitive healthcare data on behalf of providers to develop policies and procedures for security features such as limiting user access privileges and segregating medical information related to gender affirming care, abortion, and contraception.

Who It Names or Affects

  • Businesses that electronically store or manage sensitive healthcare data

Terms To Know

Confidentiality of Medical Information Act (CMIA)
A law in California that stops health care providers from sharing patient information without permission.
Sensitive services
Healthcare procedures or treatments like gender affirming care, abortion, and contraception.

Limits and Unknowns

  • Does not specify who will pay for the new security measures.
  • The bill has passed both chambers of the California Legislature but its final status is pending executive action.
  • It does not detail how to handle violations or penalties beyond existing laws.

Bill History

  1. 2026-06-09 California Legislative Information

    From committee: Do pass and re-refer to Com. on HEALTH. (Ayes 7. Noes 1.) (June 8). Re-referred to Com. on HEALTH.

  2. 2026-05-20 California Legislative Information

    Referred to Coms. on P., D.T., & C.P. and HEALTH.

  3. 2026-05-12 California Legislative Information

    In Senate. Read first time. To Com. on RLS. for assignment.

  4. 2026-05-11 California Legislative Information

    Read third time. Passed. Ordered to the Senate. (Ayes 55. Noes 16. Page 4992.)

  5. 2026-04-30 California Legislative Information

    Read second time. Ordered to third reading.

  6. 2026-04-29 California Legislative Information

    From committee: Do pass. (Ayes 10. Noes 2.) (April 29).

  7. 2026-04-20 California Legislative Information

    From committee: Do pass and re-refer to Com. on APPR. (Ayes 11. Noes 3.) (April 16). Re-referred to Com. on APPR.

  8. 2026-04-20 California Legislative Information

    Coauthors revised.

  9. 2026-04-08 California Legislative Information

    From committee: Do pass and re-refer to Com. on P. & C.P. (Ayes 12. Noes 3.) (April 7). Re-referred to Com. on P. & C.P.

  10. 2026-03-09 California Legislative Information

    Referred to Coms. on HEALTH and P. & C.P.

  11. 2026-02-21 California Legislative Information

    From printer. May be heard in committee March 23.

  12. 2026-02-20 California Legislative Information

    Read first time. To print.

Official Summary Text

AB 2448, as introduced, Berman.
Medical information: confidentiality.
Existing law, the Confidentiality of Medical Information Act (CMIA), generally prohibits a provider of health care, a health care service plan, or a contractor from disclosing medical information regarding a patient, enrollee, or subscriber without first obtaining an authorization, unless a specified exception applies. Existing law makes a violation of the CMIA that results in economic loss or personal injury to a patient punishable as a misdemeanor. Existing law requires specified businesses that electronically store or maintain medical information on the provision of sensitive services on behalf of a provider of health care, health care service plan, pharmaceutical company, contractor, or employer to develop capabilities, policies, and procedures, on or before July 1, 2024, to enable certain security features, including limiting user access privileges and segregating medical information
related to gender affirming care, abortion and abortion-related services, and contraception, as specified.
This bill would also require those specified businesses to enable the above-specified capabilities, policies, and procedures for those security features, as specified. Because the bill would expand the scope of an existing crime, it would impose a state-mandated local program.
The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.
This bill would provide that no reimbursement is required by this act for a specified reason.

Current Bill Text

Read the full stored bill text 
Download Bill PDF