SB1188 – Electronic Health Record Requirements

TXLawState

Date Passed

6/20/2025

Effective Date

9/1/2025

Summary

Sets requirements for electronic health records maintained by covered entities in Texas. Requires EHRs containing patient information to be physically maintained in the United States or a U.S. territory, restricts access to EHR information, requires administrative, physical, and technical safeguards, prohibits storing credit score or voter-registration status in an EHR, permits health care practitioners to use AI for diagnostic purposes only within scope of practice and with review of AI-created records, requires patient disclosure of diagnostic AI use, requires specified EHR fields for biological sex and sexual development disorders, and requires EHR-embedded algorithms or decision-assistance tools to include recorded biological sex for treatment-decision support.

Healthcare Implications

Directly affects providers, EHR vendors, cloud vendors, and health systems operating in Texas. Covered entities must review EHR hosting arrangements, access controls, record templates, AI diagnostic-support workflows, patient disclosure practices, and EHR-embedded decision-support tools. The law creates civil-penalty, injunctive-relief, and disciplinary-action exposure for repeated or serious violations.

Operational Implications

  • Covered entities must ensure EHRs containing patient information are physically maintained in the United States or a U.S. territory, including EHRs stored by third-party computing facilities or cloud-service providers; this storage rule applies beginning January 1, 2026.
  • Covered entities must ensure EHRs include an option to record specified metabolic-health and diet communications, exclude credit score and voter-registration information, include specified fields for biological sex and sexual development disorder information, and ensure EHR-embedded algorithms or decision-assistance tools used for treatment decisions include recorded biological sex.
  • Health care practitioners using AI for diagnostic purposes, including recommendations on diagnosis or treatment based on a patient's medical record, must act within scope of practice, review AI-created records consistent with Texas Medical Board standards, and disclose the use of that technology to patients.

Impact Level

Medium

Keywords

Privacy & Data; Clinical Quality & Efficacy; Transparency & Governance; Safety & Risk

Stakeholders

Providers & Health Systems; Developers & Vendors; Patients & Public; Regulators & Government
View Original Source