Summary
Regulates payors’ use of AI and automated decision tools in utilization management by requiring qualified clinical decision-making, individual clinical-context review, fairness and non-discrimination, auditability, written AI oversight policies, periodic review, limits on secondary patient-data use, and protections against AI-related harm.
Healthcare Implications
One of the strongest payer-facing health-AI laws. Health plans and insurers must keep human clinical oversight over medical-necessity decisions, prevent discriminatory or group-data-only determinations, make AI policies available, support regulator audits, limit patient-data reuse, and avoid AI practices that harm enrollees.
Operational Implications
- AI may not supplant healthcare provider decisionmaking; medical-necessity determinations made only by licensed physician or licensed healthcare professional competent to evaluate specific clinical issues.
- AI determinations must be based on enrollee's medical history, individual clinical circumstances, other relevant medical records; may not rely solely on group dataset.
- AI must not discriminate directly or indirectly against enrollees; must be fairly and equitably applied including in accordance with HHS regulations and guidance.
- AI must be open to inspection for audit or compliance reviews by the department; director includes review of compliance as part of periodic medical surveys.
- AI performance, use, and outcomes periodically reviewed and revised to maximize accuracy and reliability.
- Disclosures pertaining to use and oversight of AI must be contained in written policies and procedures.
- Patient data used in AI may not be used beyond intended and stated purpose. AI must not directly or indirectly cause harm to enrollee. Willful violation by HCSP is a crime.