Sponsors (41)
The bill increases privacy and convenience for online contact-lens transactions by requiring HIPAA‑level transmission and email encryption and by clarifying rules on automated calls, but it also raises compliance and legal burdens for sellers and may slow some automated verification workflows.
Online buyers of contact lenses (including uninsured individuals) can send prescriptions electronically and must have PHI emailed in encrypted form, improving convenience for refills/purchases and reducing risk of accidental medical-data disclosure.
Sellers and prescribers face clearer rules because prerecorded/artificial-voice calls are not treated as 'direct communication,' reducing regulatory ambiguity and easing compliance for online contact-lens sellers.
Small and online contact-lens sellers must implement HIPAA‑compliant transmission systems and email encryption, creating new compliance costs that could raise consumer prices or reduce small-seller competitiveness.
Tying these requirements to HIPAA standards introduces legal complexity and potential liability for sellers who previously fell outside HIPAA, increasing regulatory risk and compliance uncertainty for online sellers.
Narrowing 'direct communication' to exclude prerecorded/artificial-voice calls could make automated prescription-verification workflows harder to use, potentially delaying order fulfillment for patients who rely on quick refills.
Based on analysis of 2 sections of legislative text.
Requires online contact-lens sellers to offer a HIPAA-compliant electronic method and encrypt emails with protected health information; narrows what counts as direct communication.
Introduced July 2, 2025 by H. Morgan Griffith · Last progress July 2, 2025
Makes targeted changes to the federal contact-lens prescription verification rules so online sellers must provide a HIPAA-compliant electronic way for patients to send their contact lens prescriptions and must encrypt any protected health information sent by email. It also tightens the law’s wording about what counts as a "direct communication" by excluding calls that use artificial or prerecorded voices and reorganizes seller language for clarity.