HomeBrowse Bills

Industries

HealthcareHR & HiringFinancial ServicesEducationGovernmentAgribusiness

Guides

Indiana AI LawsAI Hiring LawsCompliance ChecklistIllinois AI Act

Compliance

Framework GuideSOC 2ISO 27001ISO 42001NIST AI RMFCompare FrameworksCost ComparisonVendor VettingLawmakersData CentersGovernanceAbout
Risk Check
ILIntroduced

HB 3494

HEALTH DATA PRIVACY ACT

High Risk

Creates new compliance requirements or restricts common AI uses. Action needed.

TL;DR

Illinois HB 3494, introduced by Rep. Mary Beth Canty and a large group of Democratic co-sponsors, creates a new Health Data Privacy Act regulating how companies collect, use, and share consumer health data. While the bill text is sparse in the summary provided, similar state laws (like Washington's My Health My Data Act) typically restrict AI-driven health data processing, require explicit consumer consent, and ban the sale of health information without authorization.

Read the Full Bill Text

How This Might Impact Your Business

Consumer-facing health apps, wellness platforms, and fitness trackers operating in Illinois would likely need explicit opt-in consent before collecting or sharing health data, including AI-inferred health information.

Digital advertising and adtech companies could lose the ability to target Illinois users based on health-related signals (pregnancy, mental health, chronic conditions) without specific authorization.

Retailers and pharmacies that infer health conditions from purchase data using AI or analytics may fall under the law's scope, even if they aren't traditional healthcare providers.

Health AI vendors selling to Illinois consumers (symptom checkers, mental health chatbots, period trackers) would need new consent flows, data maps, and likely a published consumer health data privacy policy.

Following the pattern of similar laws, expect a private right of action under the Illinois Consumer Fraud Act, meaning class-action lawsuit exposure on top of Attorney General enforcement.

HIPAA-covered entities and data are typically exempt, but the gap between HIPAA coverage and consumer health apps is exactly what this bill targets.

Status is early (just introduced with co-sponsors being added), so terms, thresholds, and effective dates can still shift significantly.

What Should You Do

1

Ask your data and product teams to inventory every data point that could be considered 'consumer health data,' including AI-inferred signals like mood, fertility, or fitness status.

2

Have legal review your current consent flows and privacy policy against Washington's My Health My Data Act, which is the likely template; gaps there are gaps here.

3

If you run digital advertising targeting Illinois consumers, flag any health-adjacent audience segments with your media team and ad partners now.

4

Assign someone to track HB 3494 through the Illinois House Health Care Licenses or Privacy committee and report back on amendments, effective dates, and any small-business carve-outs.

5

Budget for potential 2026 compliance work, including consent management updates, vendor contract revisions, and a consumer rights request process.

Who It Affects

HealthcareHR & HiringFinancial ServicesAgribusiness
Digital Health and Wellness AppsHealthTech and AI DiagnosticsAdTech and Digital AdvertisingRetail and PharmacyConsumer IoT and WearablesHealth Insurance and Benefits Tech

Sponsors

Mary Beth Canty (Democratic)Ann Williams (Democratic)Anne Stava (Democratic)Kelly Cassidy (Democratic)Barbara Hernandez (Democratic)Camille Lilly (Democratic)Kam Buckner (Democratic)Tracy Katz Muhl (Democratic)Maura Hirschauer (Democratic)Will Guzzardi (Democratic)Theresa Mah (Democratic)Janet Yang Rohr (Democratic)Margaret Croke (Democratic)Nabeela Syed (Democratic)Lilian Jiménez (Democratic)Dee Avelar (Democratic)Kevin Olickal (Democratic)Anna Moeller (Democratic)Laura Faver Dias (Democratic)Katie Stuart (Democratic)Marcus Evans (Democratic)Rita Mayfield (Democratic)Diane Blair-Sherlock (Democratic)Jen Gong-Gershowitz (Democratic)Robyn Gabel (Democratic)Lisa Davis (Democratic)Mike Crawford (Democratic)Justin Slaughter (Democratic)Norma Hernandez (Democratic)Jay Hoffman (Democratic)Lisa Hernandez (Democratic)Stephanie Kifowit (Democratic)Nicolle Grasse (Democratic)Dan Didech (Democratic)

Status Timeline

introduced

Added Co-Sponsor Rep. Daniel Didech

May 30, 2026

AI-generated analysis for informational purposes only. Not legal advice. Always consult a qualified attorney for legal guidance.

Need help preparing your team for AI compliance?

Talk to LaunchReady about AI Training

Get the Weekly AI Law Roundup

Plain-English summaries of the AI laws that matter for your business. Every Monday. Free.

No spam. Unsubscribe anytime.