Bill Text

Bill Information


PDF |Add To My Favorites |Track Bill | print page

AB-814 Personal information: contact tracing.(2021-2022)

SHARE THIS:share this bill in Facebookshare this bill in Twitter
Date Published: 07/08/2021 09:00 PM
AB814:v96#DOCUMENT

Amended  IN  Senate  July 08, 2021
Amended  IN  Assembly  May 24, 2021
Amended  IN  Assembly  April 21, 2021

CALIFORNIA LEGISLATURE— 2021–2022 REGULAR SESSION

Assembly Bill
No. 814

Introduced by Assembly Member Levine

February 16, 2021

An act to add Title 1.81.10 1.81.9 (commencing with Section 1798.600) to Part 4 of Division 3 of the Civil Code, relating to personal information.


LEGISLATIVE COUNSEL'S DIGEST


AB 814, as amended, Levine. Personal information: contact tracing.
Existing law, the Information Practices Act of 1977, prescribes a set of requirements, prohibitions, and remedies applicable to public agencies, as defined, with regard to their collection, storage, and disclosure of personal information.
Existing law, the California Consumer Privacy Act of 2018 (CCPA), grants a consumer various rights with respect to personal information, as defined, that is collected or sold by a business, as defined, including the right to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information.
This bill would, except as prescribed, prohibit data collected, received, or prepared for purposes of contact tracing from being used, maintained, or disclosed for any purpose other than facilitating contact tracing efforts. The bill would authorize a state or local health department to disclose, to the University of California or a nonprofit education institution conducting scientific research, data collected, received, or prepared for purposes of contact tracing only if certain requirements are met, including that the request for information is approved by the Committee for the Protection of Human Subjects for the California Health and Human Services Agency or an institutional review board. The bill would prohibit a correctional officer or an officer, deputy, employee, or agent of a law enforcement agency, as defined, from conducting contact tracing, except the bill would authorize an employee of a law enforcement agency to conduct contract tracing of employees of the same law enforcement agency. agency and would authorize a health care worker who is not a correctional officer to conduct contact tracing in a jail or prison. The bill would require all data collected, received, or prepared for purposes of contact tracing to be deleted within 60 days, except as prescribed.
Existing constitutional provisions require that a statute that limits the right of access to the meetings of public bodies or the writings of public officials and agencies be adopted with findings demonstrating the interest protected by the limitation and the need for protecting that interest.
This bill would make legislative findings to that effect.
The California Constitution requires local agencies, for the purpose of ensuring public access to the meetings of public bodies and the writings of public officials and agencies, to comply with a statutory enactment that amends or enacts laws relating to public records or open meetings and contains findings demonstrating that the enactment furthers the constitutional requirements relating to this purpose.
This bill would make legislative findings to that effect.
Vote: MAJORITY   Appropriation: NO   Fiscal Committee: YES   Local Program: NO  

The people of the State of California do enact as follows:


SECTION 1.Title 1.81.10 (commencing with Section 1798.600) is added to Part 4 of Division 3 of the Civil Code, to read:

SECTION 1.

 Title 1.81.9 (commencing with Section 1798.600) is added to Part 4 of Division 3 of the Civil Code, immediately following Section 1798.202, to read:

TITLE 1.81.9. Contact Tracing

1798.600.
 As used in this title:
(a) “Contact tracing” means identifying and monitoring individuals, through data collection and analysis, who may have had contact with an infectious person as a means of controlling the spread of a communicable disease.
(b) “Data” means measurements, transactions, determinations, locations, or other information, whether or not that information can be associated with a specific natural person.
(c) “Law enforcement agency” means any of the following:
(1) A police department.
(2) A sheriff’s department.
(3) A district attorney.
(4) A county probation department.
(5) A transit agency police department.
(6) A school district police department.
(7) The police department of any campus of any of the following:
(A) The University of California.
(B) The California State University.
(C) A community college.
(8) The Department of the California Highway Patrol.
(9) The Department of Justice.
(10) The Department of Corrections and Rehabilitation.

1798.601.
 (a) Data collected, received, or prepared for purposes of contact tracing shall not be used, maintained, or disclosed for any purpose other than facilitating contact tracing efforts.
(b) (1) Except as provided in paragraph (2), all data collected, received, or prepared for purposes of contact tracing shall be deleted within 60 days.
(2) This subdivision shall not apply to data in the possession of a local or state health department.
(c) A state or local health department may disclose, to the University of California or a nonprofit educational institution conducting scientific research, data collected, received, or prepared for purposes of contact tracing only if both the following are true:
(1) The request for information is approved by the Committee for the Protection of Human Subjects for the California Health and Human Services Agency or an institutional review board.
(2) The requirements described in subdivision (t) of Section 1798.24 are met.

(c)

(d) This section shall not apply to a provider of health care, as defined in Section 56.05, or to a provider’s business associate, as defined in Section 160.103 of Title 45 of the Code of Federal Regulations, to the extent the provider or business associate maintains the data collected, received, or prepared for purposes of contact tracing in the same manner as medical information governed by the Confidentiality of Medical Information Act (Part 2.6 (commencing with Section 56) of Division 1) or protected health information governed by the Health Insurance Portability and Accountability Act of 1996.

(d)This section

(e) Subdivisions (a) and (b) shall not apply to data used, maintained, or disclosed by an employer to the extent the use, maintenance, or disclosure of that data is necessary to comply with a state or local, state, or federal workplace health and safety law or regulation.

1798.602.
 (a) Except as provided in subdivision (b), a correctional officer or an officer, deputy, employee, or agent of a law enforcement agency shall not conduct contact tracing.
(b) (1) An employee of a law enforcement agency may conduct contact tracing of employees of the same law enforcement agency.
(2) A health care worker who is not a correctional officer may conduct contact tracing in a jail or prison.

1798.603.
 (a) A person may bring a civil action for a violation of this title to obtain injunctive relief.
(b) A prevailing plaintiff in a civil action brought pursuant to this section shall be awarded reasonable attorney fees.

SEC. 2.

  The Legislature finds and declares that Section 1 of this act, which adds Section 1798.601 to the Civil Code, imposes a limitation on the public’s right of access to the meetings of public bodies or the writings of public officials and agencies within the meaning of Section 3 of Article I of the California Constitution. Pursuant to that constitutional provision, the Legislature makes the following findings to demonstrate the interest protected by this limitation and the need for protecting that interest:
This act balances the right of the public to access relevant information about contact tracing efforts by public health entities while protecting the privacy rights of individuals whose data is collected for contact tracing purposes.

SEC. 3.

  The Legislature finds and declares that Section 1 of this act, which adds Section 1798.601 to the Civil Code, furthers, within the meaning of paragraph (7) of subdivision (b) of Section 3 of Article I of the California Constitution, the purposes of that constitutional section as it relates to the right of public access to the meetings of local public bodies or the writings of local public officials and local agencies. Pursuant to paragraph (7) of subdivision (b) of Section 3 of Article I of the California Constitution, the Legislature makes the following findings:
This act balances the right of the public to access relevant information about contact tracing efforts by public health entities while protecting the privacy rights of individuals whose data is collected for contact tracing purposes.