Is Your Medical Chatbot Legal Under California AB 3030? (2026)

A medical chatbot is legal under California AB 3030 only if (a) it clearly tells the patient the message was generated by AI and (b) it provides clear instructions for contacting a human healthcare provider — unless a licensed clinician reviews and approves each AI-generated message before it reaches the patient, in which case the disclaimer requirement does not apply.

Below is a plain-English California AB 3030 medical chatbot law summary for 2024–2026, the human-review exemption explained, common carve-outs, and a 2-minute compliance check you can run on your own product right now.

California AB 3030 medical chatbot law summary (2024–2026)

AB 3030 took effect January 1, 2025. It adds Section 1339.75 to the California Health and Safety Code and applies to any health facility, clinic, physician's office, or group practice that uses generative AI to produce written or verbal patient communications pertaining to clinical information. The law is administered by the Medical Board of California (MBC); the bill text and history are tracked at CalMatters Digital Democracy.

When AB 3030 applies to your medical chatbot

It applies if all four are true:

• The chatbot communicates with patients in California.
• It uses generative AI (LLMs, GPT-class models, Claude, Gemini, etc.).
• The output discusses clinical information — health status, diagnoses, treatment, lab results, prescriptions — not just scheduling or billing.
• The chatbot is operated by, or on behalf of, a California-licensed health facility, clinic, physician's office, or group practice.

When AB 3030 does NOT apply (the carve-outs)

• Human-reviewed communications. If a licensed clinician reads, edits, and approves the AI-generated message before it reaches the patient, the AB 3030 disclaimer requirement is waived for that message.
• Purely administrative messages. Appointment scheduling, reminders, billing, and other non-clinical communications fall outside AB 3030 (though AB 489 may still apply).
• Standalone consumer apps. A wellness or symptom-checker app that is not deployed by or on behalf of a California-regulated provider is outside AB 3030. Other laws (FTC, AB 489, unauthorized-practice-of-medicine) can still apply.

The two core legal requirements

1. AI disclosure

The chatbot must clearly tell the patient the communication was AI-generated. Per MBC guidance, the disclosure must be visible throughout the interaction — not buried in a Terms of Service or onboarding popup. Acceptable language example: "This message was generated by artificial intelligence. To speak to a member of our care team, call [number] or click [link]."

2. Human fallback

The chatbot must provide clear, accessible instructions for reaching a human healthcare provider — typically a phone number, secure-messaging link, or "Talk to a human" button that is persistently visible.

The human-review exemption (the most important nuance)

AB 3030 explicitly waives the disclosure requirement if a licensed or certified human clinician reviews and approves the AI message before it is sent. Per Duane Morris, this means many AI-assisted physician inboxes (where a doctor reviews each draft) are compliant without a separate disclaimer — but the review must be substantive. A 2-second rubber-stamp on a queue of 500 drafts is not the kind of review regulators have in mind.

Quick checklist: is your chatbot legal under AB 3030?

Run through these eight questions. If you answer "no" to any of #1–#3, your chatbot likely violates AB 3030.

1. Is the chatbot operated by or for a California health facility, clinic, or physician practice?
2. Does it generate clinical content (not just scheduling/billing)?
3. Does it use generative AI (LLMs)?
4. Does the patient see a clear, persistent statement that the message is AI-generated?
5. Is the AI disclosure visible throughout the chat — not buried in a footer or ToS?
6. Is there an obvious way to reach a human provider (phone, escalation button, secure message)?
7. If you're relying on the human-review exemption, does a licensed clinician actually review and approve each message before it goes out?
8. Have you removed any AB 489 violations (titles like "Dr.", "Nurse", clinical attire on avatars)?

Common pitfalls that make a medical chatbot illegal

• Hidden disclosure. "AI" badge in the corner is not "clear and prominent." A plain-language sentence in the chat is.
• Dr.-style persona. Naming the bot "Dr. Dave" or giving it a white coat — separately violates AB 489 and is treated as deceptive trade practice.
• No escalation path. Forcing patients into an AI-only loop violates the "instructions for contacting a human" requirement.
• Rubber-stamp review. Claiming the human-review exemption while clinicians click "approve" on hundreds of drafts per minute will not survive an audit.
• Treating clinical questions as administrative. If the chatbot tells a patient "your blood pressure looks normal," that's clinical — even if you originally built it for scheduling.

How AB 3030 compares to AB 489

AB 3030 and AB 489 work together. AB 489 is broader: it covers any AI (not just generative) and requires disclosure for any patient-facing AI in healthcare. AB 3030 is narrower but stricter: it targets generative AI in clinical communications and adds the human-review exemption. A compliant medical chatbot in California typically satisfies both — see the California Medical AI Law Guide for the integrated checklist, or the AB 3030 vs SB 942 comparison if you also handle AI-generated medical images.

Authoritative sources

• Medical Board of California — GenAI Notification Requirements
• CA Legislative Information — AB 3030 (official bill text)
• CalMatters Digital Democracy — AB 3030 tracker
• Duane Morris — California Passes Novel Law Governing Generative AI in Healthcare
• Mintz — California Health Care Legislative Update: Winter 2024