TEXAS JUN 22, 2025 · InsureAI Wire

Texas Enacts AI Governance Laws for Healthcare

Texas signed two AI governance laws in June 2025 that affect healthcare providers and, by extension, insurers and health plans operating in the state. Governor Greg Abbott signed HB 149, the Texas Responsible Artificial Intelligence Governance Act, on June 22, 2025, and signed SB 1188 on June 20, 2025. The two laws take effect on different dates and impose different obligations, but together they create a new compliance environment for AI use in healthcare decisions.

HB 149 establishes a broad statewide framework for responsible AI use across the public sector and selected private-sector applications, including healthcare. It requires healthcare providers to disclose to patients when AI is used in diagnosis or treatment, with the disclosure made before or at the time of interaction except in emergencies. The law also prohibits the use of AI with the specific intent to discriminate based on protected characteristics, though it clarifies that disparate impact alone is not enough to prove discriminatory intent. Enforcement authority rests with the Texas attorney general, who can impose civil penalties. HB 149 took effect on January 1, 2026.

SB 1188 is narrower and more technical. It allows licensed practitioners to use AI to support diagnosis and treatment planning, but requires that the provider act within the scope of licensure, review AI-generated records, and make the ultimate medical decision. The law also imposes a strict data localization mandate, prohibiting the physical offshoring of electronic medical records. That requirement applies to providers and their third-party vendors or cloud service providers. SB 1188 took effect on September 1, 2025.

For insurers, the immediate relevance is indirect but real. Health plans that use AI in utilization management, prior authorization, or care coordination are not directly regulated as healthcare providers under these laws, but the expectations they create are shaping the broader legal environment. A state that requires physician review of AI-generated records and patient disclosure of AI use in diagnosis is likely to ask similar questions about AI use in insurance decisions. Texas has already enacted separate limits on AI as the sole basis for adverse health insurance determinations.

Carriers should also note the enforcement design. The Texas attorney general has civil penalty authority under HB 149, and SB 1188’s data localization rule applies to vendors. That means both internal AI governance and vendor contracts need to account for Texas-specific requirements. If a vendor hosts AI-processed medical records offshore, the arrangement may violate SB 1188 regardless of whether the insurer itself is the covered provider. Carriers should review their cloud hosting, business associate agreements, and data processing addendums for Texas-covered records.

The broader lesson is that states are moving beyond general AI principles to sector-specific rules. Texas has chosen healthcare as its first detailed target, and insurers should expect the same approach to spread to underwriting, claims, and distribution. Building a governance program that can accommodate state-by-state rules is becoming a necessity, not a luxury. Carriers should also consider whether their AI disclosures and review processes are consistent across states, because inconsistency creates compliance gaps and litigation exposure.

For a framework on managing AI governance across jurisdictions, see our guide to AI governance in insurance.

Free · Weekly

This moved on the wire first

Every state and NAIC action that matters, in one weekly dispatch. Free, sourced, no spam.

Free weekly · No spam · Unsubscribe anytime

Information aggregation and analysis, not legal advice. See our disclaimer.