Laws & Statutes NY NY-A-01456
A-01456
NY · State · USA
NY
USA
● Pending
Proposed Effective Date
2025-03-10
New York Assembly Bill 1456 — An Act to amend the insurance law, in relation to the use of artificial intelligence for utilization review
Requires health insurers, Article 43 corporations, and HMOs in New York to notify insureds and enrollees on their websites about whether they use AI-based algorithms in utilization review. Requires these entities to submit AI algorithms and training datasets to the Department of Financial Services for bias certification against protected characteristics and adherence to evidence-based clinical guidelines. Requires clinical peer reviewers to review individual clinical records before issuing adverse determinations when AI algorithms are initially used in utilization review. Enforcement is exclusively by the Superintendent of Financial Services, with fines up to $5,000 per violation ($10,000 for willful violations) and license sanctions. No private right of action is created.
Passage Likelihood
Low
Chamber No passage
Committee No action
Majority party Yes
Bipartisan No
Prior session None
Legislative History
2025-01-09 committee referral referred to insurance
2026-01-07 committee referral referred to insurance
Mapped Requirements
HC-01 Healthcare AI Decision Restrictions
Official Sources
Full Text
Entry Last Reviewed
2026-03-28
AI generated
Summary

Requires health insurers, Article 43 corporations, and HMOs in New York to notify insureds and enrollees on their websites about whether they use AI-based algorithms in utilization review. Requires these entities to submit AI algorithms and training datasets to the Department of Financial Services for bias certification against protected characteristics and adherence to evidence-based clinical guidelines. Requires clinical peer reviewers to review individual clinical records before issuing adverse determinations when AI algorithms are initially used in utilization review. Enforcement is exclusively by the Superintendent of Financial Services, with fines up to $5,000 per violation ($10,000 for willful violations) and license sanctions. No private right of action is created.

Enforcement & Penalties
Enforcement Authority
Superintendent of Financial Services, in consultation with the Commissioner of Health and the Commissioner of Education as applicable. Enforcement is agency-initiated at the superintendent's discretion. No private right of action is created. Penalties may include license suspension or revocation, refusal to issue a new license for up to one year, and fines. The superintendent is directed to promulgate all rules and regulations necessary for implementation.
Penalties
Administrative penalties at the superintendent's discretion: up to $5,000 per violation or $10,000 per willful violation. Aggregate fine cap of $500,000 per calendar year for insurers, corporations under Article 43, and HMOs; $100,000 per calendar year for clinical peer reviewers. Additional remedies include suspension or revocation of license and refusal to issue a new license for up to one year. Penalties are in addition to any other remedies or penalties under any other applicable law.
Who Is Covered
Compliance Obligations 3 obligations · click obligation ID to open requirement page
HC-01 Healthcare AI Decision Restrictions · HC-01.6 · Deployer · Healthcare
Insurance Law § 338(b)
Plain Language
Health insurers, Article 43 corporations, and HMOs must publicly disclose on their websites whether or not they use AI-based algorithms in their utilization review process. This is a blanket transparency obligation — entities must affirmatively state both the use and the lack of use of such algorithms. The disclosure must be posted on the entity's accessible Internet website, making it available to all insureds and enrollees. The superintendent is directed to require compliance through rulemaking.
Statutory Text
(b) The superintendent shall require all insurers authorized to write accident and health insurance in this state, corporations organized pursuant to article forty-three of this chapter, and a health maintenance organization certified pursuant to article forty-four of the public health law to notify insureds and enrollees about the use or lack of use of artificial intelligence-based algorithms in the utilization review process on the accessible Internet website of such insurer authorized to write accident and health insurance in this state, corporation organized pursuant to article forty-three of this chapter, or health maintenance organization certified pursuant to article forty-four of the public health law.
HC-01 Healthcare AI Decision Restrictions · HC-01.7 · Deployer · Healthcare
Insurance Law § 338(c)
Plain Language
Health insurers, Article 43 corporations, and HMOs must submit both their AI-based algorithms and their training datasets to the Department of Financial Services for review and certification. The department must establish a certification process verifying that the algorithms and training data minimize the risk of bias across enumerated protected characteristics (race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability) and adhere to evidence-based clinical guidelines. This is a dual obligation: the entity must submit materials, and the department must certify them. Submission covers both algorithms currently in use and those planned for future use. Entities should anticipate that ongoing submissions may be required as algorithms and training data evolve.
Statutory Text
(c) Every insurer authorized to write accident and health insurance in this state, corporation organized pursuant to article forty-three of this chapter, and health maintenance organization certified pursuant to article forty-four of the public health law shall submit the artificial intelligence-based algorithms and training data sets that are being used or will be used in the utilization review process to the department. The department shall implement a process that allows the department to certify that these artificial intelligence-based algorithms and training data sets have minimized the risk of bias based on the covered person's race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability and adhere to evidence-based clinical guidelines.
HC-01 Healthcare AI Decision Restrictions · HC-01.2 · Professional · Healthcare
Insurance Law § 338(d)
Plain Language
When a utilization review process initially uses AI-based algorithms, a clinical peer reviewer must personally open and review the individual's clinical records or data and document that review before issuing any adverse determination. This ensures that AI-generated initial assessments do not result in denials without individualized human clinical review. The obligation falls on the clinical peer reviewer personally — they cannot rely solely on the AI algorithm's output when making an adverse determination. The documentation requirement creates an audit trail confirming individualized review occurred.
Statutory Text
(d) A clinical peer reviewer who participates in a utilization review process for an insurer authorized to write accident and health insurance in this state, a corporation organized pursuant to article forty-three of this chapter, and a health maintenance organization certified pursuant to article forty-four of the public health law that initially uses artificial intelligence-based algorithms for a utilization review shall open and document the utilization review of the individual clinical records or data prior to issuing an adverse determination.