New Jersey Enacts New Restrictions on Health Care Facilities’ Use of Patient Data
On March 25, 2026, New Jersey enacted A4070, which restricts health care facilities’ collection and disclosure of certain patient information, including immigration status, citizenship status, place of birth, Social Security number and individual taxpayer identification number.
Under the law, a health care facility may not request or collect the listed information unless collection is necessary to provide safe and appropriate care, required by state or federal law or necessary to assess eligibility for or administer a public service, benefit, or program. The law clarifies that it does not prevent a facility from maintaining a complete medical record in accordance with HIPAA.
The law also limits disclosure of the listed information. Disclosure is permitted only in limited circumstances, including where required by law, pursuant to a valid judicial order or judicial warrant or with the patient’s knowing written consent. The Department of Health, in consultation with the Attorney General, must develop a standard consent form for such disclosures.
A health care facility that knowingly obtains, discloses or uses covered information for a purpose not permitted by the statute is subject to enforcement by the Department of Health, including in connection with licensure. Patients and their representatives may also file complaints with the Department. These provisions take effect on April 1, 2027.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。