Laws & Statutes NY NY-A-01456
A-01456
NY · State · USA
NY
USA
● Pending
Proposed Effective Date
2025-03-10
New York Assembly Bill A01456 — An Act to amend the insurance law, in relation to the use of artificial intelligence for utilization review
NY A 1456 would require health insurers, Article 43 corporations (e.g., Blue Cross/Blue Shield plans), and HMOs certified under New York Public Health Law to notify insureds and enrollees on their websites about whether they use AI-based algorithms in utilization review. Covered entities must submit their AI algorithms and training datasets to the Department of Financial Services for bias certification. Clinical peer reviewers must independently review individual clinical records before issuing an adverse determination when AI algorithms are initially used in utilization review. The Superintendent of Financial Services enforces the law with fines of up to $5,000 per violation ($10,000 per willful violation), license suspension or revocation, and aggregate annual fine caps. No private right of action is created.
Passage Likelihood
Low
Chamber No passage
Committee No action
Majority party Yes
Bipartisan No
Prior session None
Legislative History
2025-01-09 committee referral referred to insurance
2026-01-07 committee referral referred to insurance
Mapped Requirements
HC-01 Healthcare AI Decision Restrictions
Official Sources
Full Text
Entry Last Reviewed
2026-04-01
AI generated
Summary

NY A 1456 would require health insurers, Article 43 corporations (e.g., Blue Cross/Blue Shield plans), and HMOs certified under New York Public Health Law to notify insureds and enrollees on their websites about whether they use AI-based algorithms in utilization review. Covered entities must submit their AI algorithms and training datasets to the Department of Financial Services for bias certification. Clinical peer reviewers must independently review individual clinical records before issuing an adverse determination when AI algorithms are initially used in utilization review. The Superintendent of Financial Services enforces the law with fines of up to $5,000 per violation ($10,000 per willful violation), license suspension or revocation, and aggregate annual fine caps. No private right of action is created.

Enforcement & Penalties
Enforcement Authority
The Superintendent of Financial Services has enforcement authority, exercised at the Superintendent's discretion in consultation with the Commissioner of Health and the Commissioner of Education as applicable. Enforcement is agency-initiated. Penalties include license suspension or revocation, refusal to issue a new license for up to one year, and monetary fines. No private right of action is created.
Penalties
Fine of not more than $5,000 per violation; fine of not more than $10,000 per willful violation. Aggregate fines on a single insurer, Article 43 corporation, or HMO capped at $500,000 per calendar year. Aggregate fines on a single clinical peer reviewer capped at $100,000 per calendar year. Additional remedies include suspension or revocation of license and refusal to issue a new license for up to one year. Penalties are in addition to any other remedies or penalties under any other applicable law.
Who Is Covered
Compliance Obligations 5 obligations · click obligation ID to open requirement page
HC-01 Healthcare AI Decision Restrictions · HC-01.6 · Deployer · Healthcare
Insurance Law § 338(b)
Plain Language
Health insurers, Article 43 corporations, and HMOs must publicly disclose on their websites whether or not they use AI-based algorithms in their utilization review processes. This is a blanket disclosure obligation — the entity must affirmatively state either that it uses or does not use such algorithms. The disclosure must be posted on the entity's publicly accessible website and must be directed to insureds and enrollees.
Statutory Text
(b) The superintendent shall require all insurers authorized to write accident and health insurance in this state, corporations organized pursuant to article forty-three of this chapter, and a health maintenance organization certified pursuant to article forty-four of the public health law to notify insureds and enrollees about the use or lack of use of artificial intelligence-based algorithms in the utilization review process on the accessible Internet website of such insurer authorized to write accident and health insurance in this state, corporation organized pursuant to article forty-three of this chapter, or health maintenance organization certified pursuant to article forty-four of the public health law.
HC-01 Healthcare AI Decision Restrictions · HC-01.7 · Deployer · Healthcare
Insurance Law § 338(c)
Plain Language
Covered insurers, Article 43 corporations, and HMOs must submit their AI-based algorithms and training datasets used in utilization review to the Department of Financial Services. The Department must then implement a certification process to verify that the algorithms and training data have minimized the risk of bias across enumerated protected characteristics (race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability) and that they adhere to evidence-based clinical guidelines. This is both a regulatory filing obligation on the covered entity and a mandate on the Department to create a bias certification regime. Entities must submit algorithms currently in use and those planned for future use.
Statutory Text
(c) Every insurer authorized to write accident and health insurance in this state, corporation organized pursuant to article forty-three of this chapter, and health maintenance organization certified pursuant to article forty-four of the public health law shall submit the artificial intelligence-based algorithms and training data sets that are being used or will be used in the utilization review process to the department. The department shall implement a process that allows the department to certify that these artificial intelligence-based algorithms and training data sets have minimized the risk of bias based on the covered person's race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability and adhere to evidence-based clinical guidelines.
HC-01 Healthcare AI Decision Restrictions · HC-01.1HC-01.2 · Professional · Healthcare
Insurance Law § 338(d)
Plain Language
When a utilization review initially uses AI-based algorithms, a clinical peer reviewer must independently open and review the individual patient's clinical records or data — and document that review — before issuing any adverse determination. This means AI output alone cannot be the final word on a denial; a qualified clinical peer must examine the individual's actual clinical information and create a documented record of having done so. The obligation falls on the clinical peer reviewer personally, not just the insurer. This effectively ensures human review of individualized clinical data is a prerequisite to any AI-informed adverse determination.
Statutory Text
(d) A clinical peer reviewer who participates in a utilization review process for an insurer authorized to write accident and health insurance in this state, a corporation organized pursuant to article forty-three of this chapter, and a health maintenance organization certified pursuant to article forty-four of the public health law that initially uses artificial intelligence-based algorithms for a utilization review shall open and document the utilization review of the individual clinical records or data prior to issuing an adverse determination.
Other · Healthcare
Insurance Law § 338(e)(1)-(2)
Plain Language
This provision establishes the penalty framework for violations of Section 338 but creates no independent compliance obligation. Penalties are imposed at the Superintendent's discretion and include license suspension/revocation, refusal to issue new licenses, and fines up to $5,000 per violation or $10,000 per willful violation, with aggregate annual caps of $500,000 for insurers/HMOs and $100,000 for clinical peer reviewers. These penalties supplement any other applicable law.
Statutory Text
(e) (1) A violation of the provisions of this section shall be subject to one or more of the following penalties at the discretion of the superintendent, in consultation with the commissioner of health and the commissioner of education as applicable: (i) Where a violation is made by an insurer authorized to write accident and health insurance in this state, a corporation organized pursuant to article forty-three of this chapter, or a health maintenance organization certified pursuant to article forty-four of the public health law: (A) Suspension or revocation of license; (B) Refusal, for a period not to exceed one year, to issue a new license; (C) A fine of not more than $5,000 for each violation of this section; or (D) A fine of not more than $10,000 for each willful violation of this section. Fines imposed pursuant to the provisions of this subparagraph on a single insurer authorized to write accident and health insurance in this state, a corporation organized pursuant to article forty-three of this chapter, or a health maintenance organization certified pursuant to article forty-four of the public health law shall not exceed five hundred thousand dollars in aggregate during a calendar year. (ii) Where a violation is made by a clinical peer reviewer: (A) Suspension or revocation of license; (B) Refusal, for a period not to exceed one year, to issue a new license; (C) A fine of not more than $5,000 for each violation of this section; or (D) A fine of not more than $10,000 for each willful violation of this section. Fines imposed pursuant to the provisions of this subparagraph on a single clinical peer reviewer shall not exceed one hundred thousand dollars in aggregate during a calendar year. (2) Penalties pursuant to the provisions of this subsection shall be in addition to any other remedies or penalties that may be imposed under any other applicable law.
Other · Healthcare
Insurance Law § 338(f)
Plain Language
This provision directs the Superintendent to promulgate implementing regulations. It creates no compliance obligation on insurers, HMOs, or clinical peer reviewers — it is a directive to the regulator. Future regulations may impose additional obligations, but this subsection itself does not.
Statutory Text
(f) The superintendent shall promulgate all rules and regulations necessary for the implementation of this section.