Florida Health Information Storage Changes Taking Effect on July 1, 2023

Foreign Interests in the health care provider environment have generally meant ownership interests of persons from outside of the state in which the healthcare provider operates, rather than foreign countries.  Thus, it would be easy to miss the healthcare provisions in the recent Florida legislative bill that was signed into law on May 8, 2023, entitled Interests of Foreign Countries (CS/SB 264).  

Governor DeSantis signed legislation, effective on July 1, 2023, that changed Section 408.051 of the Florida Statutes to add a new Section 3 that requires that a health care provider that utilizes a certified electronic health record technology to ensure that all patient information, when stored in an offsite physical or virtual environment, including third-party or subcontracted computer facilities or an entity providing cloud computing services, is physically maintained in the continental United States or its territories or Canada.

Although some states have certain data storage rules tied to Medicaid that restrict storage in foreign countries, Florida’s new law would affect all payors within the State of Florida. 

Additionally, the new legislation adds a very broad definition of “health care provider” to include most health care practitioners licensed by the Department of Health, entities regulated by Florida’s Agency for Health Care Administration (AHCA), pharmacies, continuing care facilities and more. 

As health care entities look to their data storage needs, it will be increasingly important to review both Federal and State guidelines when choosing EHR and data storage needs.