The proposed bill establishes the "Reproductive Freedom and Gender-Affirming Care Health Data Privacy Act," which aims to enhance privacy protections for consumer health data specifically related to reproductive and gender-affirming care. It introduces comprehensive regulations regarding the collection, sharing, and selling of such data by regulated entities and small businesses. Key provisions include the requirement for clear and informed consent from consumers before their health data can be collected or processed, as well as the obligation for organizations to maintain a consumer health data privacy policy that outlines data categories, usage purposes, and third-party sharing.

The bill grants consumers rights to confirm whether their health data is being collected, shared, or sold, access such data, withdraw consent, and request deletion of their health data. It mandates that regulated entities and small businesses comply with these requests within specified timeframes. Additionally, the legislation prohibits deceptive practices in obtaining consent and the use of geofences around healthcare entities to track consumers.

Violations of the act are defined as deceptive trade practices, allowing for civil actions and enforcement by the attorney general. The bill includes exemptions for certain health information governed by existing federal laws, ensuring that it does not conflict with established privacy protections. The act is set to take effect upon passage.