WeVote

Bill

Bill

HB 949

Relating to an employee's right to privacy of personal health information; providing a civil penalty.

89th Legislature (2025) Introduced by Steve Toth

Texas bill creates civil penalties for employers who improperly access, disclose, or use employees' personal health information without authorization.

Referred to s/c on Workforce by Speaker
0
WeVote Research Nonpartisan
Bill Summary · HB 949

Legislative bill overview

HB 949 establishes protections for employee privacy regarding personal health information in Texas. The bill creates a civil penalty framework for employers who improperly access, disclose, or use employee health data without authorization.

Why is this important

Employee health privacy is increasingly vulnerable as employers expand wellness programs, health monitoring, and data collection practices. This legislation addresses the gap between federal protections (like HIPAA, which doesn't cover most employers) and state-level privacy safeguards, giving workers recourse if employers mishandle sensitive medical information.

Potential points of contention

  • Scope and definition disputes: What constitutes "personal health information" and which employer practices are legitimately permitted versus prohibited remains unclear without seeing the full bill language
  • Business compliance burden: Employers may argue the civil penalty framework creates liability concerns and administrative costs, particularly for small businesses unfamiliar with health data handling requirements
  • Enforcement and damages: Questions about who can sue (employees only, or third parties?), damage thresholds, and whether penalties adequately deter violations without being punitive enough to drive behavioral change

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.