HB 1089 -- Nonpublic Personal Health Information

Sponsor:  Bishop

This bill prohibits the selling or any disclosure of nonpublic
personal health information to a third party for the purpose of:
(1) marketing a product or service; (2) making employment
decisions; (3) determining credit worthiness; or (4) maliciously
causing harm to the person.  The bill does not apply in cases
where the person cannot be identified from the information or
when disclosure of this information is necessary to comply with
any other law or court order.  A person may provide written
authorization for the disclosure of his or her information, which
will be valid for two years.  The bill exempts consumer reporting
agencies, debt collectors, and businesses that are providing this
information as part of the sale or merger of a business.

Insurance entities are deemed to be in compliance with the bill
upon either:  (1) demonstrating a good faith effort to comply
with federal privacy rules; or (2) complying with model
legislation adopted by the National Association of Insurance
Commissioners.

The Department of Insurance will enforce the bill regarding
insurance entities who may be sued for unfair trade practices.
All other violators will be prosecuted by the state agency with
primary regulatory authority over the person or, if there is
none, the Attorney General.  Persons in violation may be fined up
to $500 for each violation.  These fines will be paid into the
School Fund.

The provisions of the bill will become effective January 1, 2005.

Missouri House of Representatives
92nd General Assembly, 2nd Regular Session
Last Updated September 23, 2004 at 11:14 am