Compare Versions


Bill PDF |Add To My Favorites | print page

SB-456 California Consumer Privacy Act of 2018.(2017-2018)



Current Version: 08/24/18 - Amended Assembly

Compare Versions information image


SB456:v94#DOCUMENT

Amended  IN  Assembly  August 24, 2018
Amended  IN  Assembly  August 20, 2018
Amended  IN  Assembly  June 19, 2017
Amended  IN  Senate  April 26, 2017
Amended  IN  Senate  March 23, 2017

CALIFORNIA LEGISLATURE— 2017–2018 REGULAR SESSION

Senate Bill
No. 456


Introduced by Senator Pan
(Coauthor: Assembly Member Gonzalez Fletcher)

February 16, 2017


An act to add Section 14087.326 to the Welfare and Institutions Code, relating to Medi-Cal. An act to amend Section 1798.145 of the Civil Code, relating to personal information.


LEGISLATIVE COUNSEL'S DIGEST


SB 456, as amended, Pan. Medi-Cal managed care: federally qualified health centers and rural health clinics: services that follow the patient. California Consumer Privacy Act of 2018.
Existing law, the California Consumer Privacy Act of 2018, commencing on January 1, 2020, grants a consumer various rights with regard to personal information relating to that consumer that is held by a business, including the right to request a business to delete any personal information about the consumer collected by the business, and requires the business to comply with a verifiable consumer request to that effect, unless it is necessary for the business or service provider, defined as an entity processing information on behalf of a business, to maintain the customer’s personal information in order to carry out specified acts. The act requires a business that collects personal information about a consumer to disclose, on its Internet Web site or in its online privacy policy or policies, the consumer’s right to delete that personal information. Under existing law, the act does not apply to protected health information that is collected by a covered entity, as specified.
This bill would additionally provide an exception to the requirements of the act for medical information or protected health information that is collected by a covered entity or business associate, for a provider of health care or a covered entity to the extent the information relates to health care services, and for information collected as part of a clinical trial, as specified. The bill would define various terms for these purposes.

Existing law provides for the Medi-Cal program, which is administered by the State Department of Health Care Services and under which qualified low-income persons receive health care benefits. The Medi-Cal program is, in part, governed and funded by federal Medicaid provisions. Existing law provides that federally qualified health center (FQHC) services and rural health clinic (RHC) services, as defined, are covered benefits under the Medi-Cal program, to be reimbursed, to the extent that federal financial participation is obtained, to providers on a per-visit basis. “Visit” is defined as a face-to-face encounter between a patient of an FQHC or RHC and specified health care professionals. Existing law requires a managed care entity to offer subcontracts to FQHCs and RHCs in the relevant service area, as a condition of obtaining a contract with the department.

This bill would authorize a willing and qualified FQHC or RHC to enter into an agreement with a public or private entity to provide services that follow the patient and to receive reimbursement from the public or private entity for the services rendered under the agreement. The bill would prohibit the department from recouping payment authorized under this agreement from the FQHC or RHC, as specified. The bill would describe those entities eligible to contract with an FQHC or RHC under the bill, and would define “services that follow the patient” as services that are not reimbursable on a per-visit basis pursuant to a specified provision, that promote continuity of care and contribute to overall patient wellness, as specified. The bill would specify that compensation paid to a federally qualified health center or rural health clinic pursuant to the agreement would be supplemental to, and separate from, the federally qualified health center’s or rural health clinic’s prospective payment rate, and not subject to reconciliation or reduction, as specified. The bill would prohibit an FQHC or RHC that bills an entity for services that follow the patient from seeking reimbursement or attempting to obtain payment for a service billed pursuant to the specified per-visit billing provision, but would not preclude the FQHC or RHC from billing a visit under that provision and a service provided pursuant to the bill on the same day. The bill would make legislative findings and declarations related to this measure.

Vote: MAJORITY   Appropriation: NO   Fiscal Committee: YESNO   Local Program: NO  

The people of the State of California do enact as follows:


SECTION 1.

 Section 1798.145 of the Civil Code, as added by Section 3 of Chapter 55 of the Statutes of 2018, is amended to read:

1798.145.
 (a) The obligations imposed on businesses by this title shall not restrict a business’s ability to:
(1) Comply with federal, state, or local laws.
(2) Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities.
(3) Cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith believes may violate federal, state, or local law.
(4) Exercise or defend legal claims.
(5) Collect, use, retain, sell, or disclose consumer information that is deidentified or in the aggregate consumer information.
(6) Collect or sell a consumer’s personal information if every aspect of that commercial conduct takes place wholly outside of California. For purposes of this title, commercial conduct takes place wholly outside of California if the business collected that information while the consumer was outside of California, no part of the sale of the consumer’s personal information occurred in California, and no personal information collected while the consumer was in California is sold. This paragraph shall not permit a business from storing, including on a device, personal information about a consumer when the consumer is in California and then collecting that personal information when the consumer and stored personal information is outside of California.
(b) The obligations imposed on businesses by Sections 1798.110 to 1798.135, inclusive, shall not apply where compliance by the business with the title would violate an evidentiary privilege under California law and shall not prevent a business from providing the personal information of a consumer to a person covered by an evidentiary privilege under California law as part of a privileged communication.
(c) (1) This act title shall not apply to protected or health information that is collected by a covered entity governed any of the following:
(A) Medical information governed by the Confidentiality of Medical Information Act (Part 2.6 (commencing with Section 56 of Division 1)) or governed 56) of Division 1) or protected health information that is collected by a covered entity or business associate governed by the privacy, security, and breach notification rules issued by the federal United States Department of Health and Human Services, Parts 160 and 164 of Title 45 of the Code of Federal Regulations, established pursuant to the Health Insurance Portability and Availability Accountability Act of 1996. For 1996 (Public Law 104-191) and the Health Information Technology for Economic and Clinical Health Act (Public Law 111-5).
(B) A provider of health care governed by the Confidentiality of Medical Information Act (Part 2.6 (commencing with Section 56) of Division 1) or a covered entity governed by the privacy, security, and breach notification rules issued by the United States Department of Health and Human Services, Parts 160 and 164 of Title 45 of the Code of Federal Regulations, established pursuant to the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191), to the extent the information relates to health care services.
(C) Information collected as part of a clinical trial subject to the Federal Policy for the Protection of Human Subjects, also known as the Common Rule, pursuant to good clinical practice guidelines issued by the International Council for Harmonisation or pursuant to human subject protection requirements of the United States Food and Drug Administration.
(2) For purposes of this subdivision, the definition definitions of “medical information” and “provider of health care in Section 56.05 shall apply and the definitions of “business associate, “covered entity,” and “protected health information” and “covered entity” from the federal privacy rule in Section 160.103 of Title 45 of the Code of Federal Regulations shall apply.
(d) This title shall not apply to the sale of personal information to or from a consumer reporting agency if that information is to be reported in, or used to generate, a consumer report as defined by subdivision (d) of Section 1681a of Title 15 of the United States Code, and use of that information is limited by the federal Fair Credit Reporting Act (15 U.S.C. Sec. 1681 et seq.).
(e) This title shall not apply to personal information collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act (Public Law 106-102), and implementing regulations, if it is in conflict with that law.
(f) This title shall not apply to personal information collected, processed, sold, or disclosed pursuant to the Driver’s Privacy Protection Act of 1994 (18 U.S.C. Sec. 2721 et seq.), if it is in conflict with that act.
(g) Notwithstanding a business’ obligations to respond to and honor consumer rights requests pursuant to this title:
(1) A time period for a business to respond to any verified consumer request may be extended by up to 90 additional days where necessary, taking into account the complexity and number of the requests. The business shall inform the consumer of any such extension within 45 days of receipt of the request, together with the reasons for the delay.
(2) If the business does not take action on the request of the consumer, the business shall inform the consumer, without delay and at the latest within the time period permitted of response by this section, of the reasons for not taking action and any rights the consumer may have to appeal the decision to the business.
(3) If requests from a consumer are manifestly unfounded or excessive, in particular because of their repetitive character, a business may either charge a reasonable fee, taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request and notify the consumer of the reason for refusing the request. The business shall bear the burden of demonstrating that any verified consumer request is manifestly unfounded or excessive.
(h) A business that discloses personal information to a service provider shall not be liable under this title if the service provider receiving the personal information uses it in violation of the restrictions set forth in the title, provided that, at the time of disclosing the personal information, the business does not have actual knowledge, or reason to believe, that the service provider intends to commit such a violation. A service provider shall likewise not be liable under this title for the obligations of a business for which it provides services as set forth in this title.
(i) This title shall not be construed to require a business to reidentify or otherwise link information that is not maintained in a manner that would be considered personal information.
(j) The rights afforded to consumers and the obligations imposed on the business in this title shall not adversely affect the rights and freedoms of other consumers.

SECTION 1.

The Legislature finds and declares all of the following:

(a)Improved patient outcomes and lower costs in the Medi-Cal program can be achieved through providing “services that follow the patient” which refers to services rendered outside the face-to-face visit between a patient and a provider, and the purpose of these services is to support access to and coordination with other medical and non-medical care entities.

(b)There are many state and local initiatives currently underway to expand opportunities for “services that follow the patient” and improve the Medi-Cal delivery system. Examples include the Whole Person Care pilot program, which is a component of the Medi-Cal 2020 Demonstration Project Act, the Diabetes Prevention Program, the California Medication Assisted Treatment (MAT) Expansion Project, and an array of programs developed and supported by Medi-Cal managed care plans and counties.

(c)Many of these programs seek to leverage the primary care provider to coordinate and provide “services that follow the patient”.

(d)Federally Qualified Health Centers (FQHCs) and Rural Health Clinics (RHCs) provide medically necessary services to a large population of Medi-Cal beneficiaries in California that participate in state and local initiatives that are rooted in the spirit of programs supporting “services that follow the patient”.

(e)Currently, FQHCs and RHCs face administrative barriers that limit their ability to access opportunities to actively serve patients and provide “services that follow the patient” due to the prospective payment system (PPS) reconciliation process.

(f)Under existing federal law, FQHCs and RHCs are not prohibited from entering into agreements with other service providers and entities to render services that are of the nature of “services that follow the patient”. Nevertheless, due to unclear state guidance and policy regarding the treatment of payments for these services outside of the PPS rate, clinics experience barriers that hinder or limit their ability to receive payment for certain services rendered under agreements with other entities.

(g)The State Department of Health Care Services has not provided guidance to FQHCs and RHCs regarding reimbursement policies related to “services that follow the patient.” Therefore, for patients who utilize FQHCs or RHCs as their primary care providers, “services that follow the patient” may not be readily accessible to them.

SEC. 2.Section 14087.326 is added to the Welfare and Institutions Code, to read:
14087.326.

(a)A willing and qualified federally qualified health center (FQHC) or rural health clinic (RHC) may enter into an agreement with a public or private entity to provide services that follow the patient, as described in this section, and the FQHC and RHC may receive reimbursement from the public or private entity for the services rendered under the agreement. To the extent authorized under federal law, the department shall not recoup payment issued under this agreement from the FQHC or RHC. A public or private entity eligible to contract with an FQHC or RHC pursuant to an agreement described in this section shall include, but not be limited to, any of the following:

(1)A managed care health plan.

(2)A county.

(3)A health care district.

(4)A community-based organization.

(5)An individual health care or social services provider whose activities under this section comply with the individual’s scope of practice or certification.

(b)As used in this section, “services that follow the patient” means services that are not reimbursable pursuant to Section 14132.100, that promote continuity of care and contribute to overall patient wellness. These services include an array of services provided to eligible Medi-Cal beneficiaries under the following programs:

(1)The Medi-Cal 2020 Waiver Whole Person Care pilot program, as authorized under Section 14184.60 and pursuant to the Medi-Cal 2020 Demonstration Project Act, as described in Article 5.5 (commencing with Section 14184).

(2)The Diabetes Prevention Program, as authorized under Article 4.11 (commencing with Section 14149.9).

(3)The California Medication Assisted Treatment (MAT) Expansion Project.

(4)The Chronic Care Management program, which was established by the Centers for Medicare and Medicaid Services.

(5)Any other programs that provide services to Medi-Cal enrollees that are otherwise non-reimbursable under the Medi-Cal program, and are approved by the department.

(c)Compensation paid to an FQHC or RHC pursuant to an agreement described in this section shall be supplemental to, and separate from, its prospective payment rate and shall not be subject to a reconciliation pursuant to Section 14087.325, or to any reduction.

(d)An FQHC or RHC that bills an entity in subdivision (a) for services that follow the patient may not seek reimbursement or attempt to obtain payment from the department or an entity for a service billed pursuant to Section 14132.100.

(e)This section does not preclude an FQHC or RHC from billing a visit under Section 14132.100 and a service under this section on the same day.