SB 890

ON MARCH 13, 2025, THE SENATE ADOPTED AMENDMENT #1 AND PASSED SENATE BILL 890, AS AMENDED. AMENDMENT #1 rewrites the bill to, instead, make the fol lowing revisions to present law:  Removes the provision prohibiting the following reports, test results, and any other related results from be ing disclosed by a designated entit y to a patient as part of the patient's electronic health record until 72 hours after the results are finalized, unless the healthcare provider directs the release of the results before the end of that period: (i) p athology reports or radiology reports that have a reasonable likelihood of showing a finding of new or recurring malignancy; (ii) tests that could reveal genetic markers; (iii) a positive HIV test, except that this law does not prevent the disclosure of HIV test results, including viral load and CD4 count test results, to a patient living with HIV by secure internet website or other electronic means if the patient has previously been informed about the results of a positive HIV test; or (iv) presence of antigens indicating a hepatitis infection.  In addition to other application programming interfaces (API) required by law to be established and maintained by a health insurance entity for the benefit of all insureds and contracted providers , requires a health insurance entity to also establish and maintain for such purpose (i) a provider access API and (ii) a prior authorization API.  Removes the provision requiring the p atient access API, the provider directory API, and the payer-to-payer exchange API required by law to be established and maintained by a health insurance entity to be established in accordance with standards published in a final rule issued by the federal centers for medicare and medicaid services and published in the Federal Register, and to align with federal effective dates, including enforcement delays and suspensions, issued by the federal centers for medicare and medicaid services.  For the p atient access API, the provider directory API, the payer-to-payer exchange API, the provider access API , and the prior authorization API required to be established and maintained by a health insurance entity, requires such entity to establish and maintain each API for its insured and providers at the earliest date CMS requires any of its regulated plan or product types to establish and maintain the same API.