Senate Bill 1119 aims to enhance the protection of nonpublic personal health information for individuals seeking services from unregulated pregnancy centers, which are defined as facilities that do not provide or refer for abortions or emergency contraception. The bill mandates that these centers cannot disclose any individual's nonpublic personal health information without obtaining explicit written or electronic authorization from the individual. The authorization must include specific details such as the identity of the individual, a description of the information to be disclosed, the parties involved, the purpose of the disclosure, and the duration of the authorization, which cannot exceed 24 months. Additionally, the centers are required to inform individuals that they are not covered entities under federal privacy regulations.

The bill also establishes provisions for data breach notifications, requiring unregulated pregnancy centers to inform individuals if their personal information has been accessed by unauthorized persons. It prohibits discrimination against individuals who choose not to grant authorization for information disclosure and mandates that any authorizations and revocations be retained for six years. Violations of these requirements are classified as unfair and deceptive trade practices under current law. Overall, the bill seeks to ensure that individuals' privacy is respected and protected in the context of pregnancy-related services.