California SB 345 (Shield Act for Gender-Affirming Care)

What SB 345 actually does

SB 345 is the gender-affirming care version of AB 1242. Same shape. Same mechanics. Different protected class.

California LE agencies can't use California resources to help out-of-state investigations of people who received, provided, or assisted with gender-affirming care that's legal in California. The data-sharing piece is the same: California agencies can't share personal data with out-of-state LE in covered cases.

The bill was signed in 2024 and took effect January 1, 2025.

If you read AB 1242 first, this page will feel familiar. The legislature wrote SB 345 deliberately as a mirror statute, extending the AB 1242 framework to a second protected category. The training bulletins agencies issued treat them together, because they operate together.

Who it protects

The protected class:

• People in California who received gender-affirming care that's legal in California
• Providers of that care — physicians, nurses, mental health professionals, clinic staff
• People who assisted — drove someone, paid for care, scheduled appointments, provided lodging

What "gender-affirming care" covers under California law is broad. It includes medical, surgical, and mental health care related to gender identity. The statute is structured around what's legal in California, not what's legal in the requesting state.

For California LE personnel, the protection is the same shape as AB 1242: it doesn't shield you from doxxing. It limits your agency's obligations to share your records, or anyone else's records, across state lines in a covered case.

How to invoke

You don't, the same way you don't invoke AB 1242. There's no form. There's no portal. The statute operates as a restriction on your employer agency's behavior.

Practical scenarios:

1. Out-of-state subpoena on a covered case. Your records unit and legal advisor analyze it under SB 345 and decide whether to comply, comply in part, or move to quash.
2. Information request from a sister agency in another state. Your records unit applies the statute. If the request touches covered care, the answer is no.
3. Multi-state task force pulling data. Same analysis. Personal data on covered care isn't shared.

If a request comes in that seems to touch gender-affirming care, push it up to your supervisor and your agency's legal counsel. The statute is the legal hook they'll use.

Where it does and doesn't reach

Covered:

• Personal data held by CA LE agencies
• Out-of-state data-sharing requests on covered cases
• Investigations into gender-affirming care that's legal in California

Not covered:

• Data brokers. Spokeo, BeenVerified, Whitepages, Pipl — none of them are agencies. SB 345 doesn't touch them.
• Federal investigations. The statute is interstate state-to-state, not federal-to-state.
• Care that wasn't legal in California. The statute is structured around the legal-in-CA piece.
• Your personal address, phone, and family info in commercial databases. That's the broker layer, not the agency layer.

Why this matters for first responder privacy

SB 345 is the second California statute that restricts cop-to-cop data flow across state lines for a specific protected category. AB 1242 was the first. SB 345 made the pattern explicit: when California decides to protect a class of conduct, it's willing to constrain its own LE agencies' data-sharing behavior to back it up.

For first responder privacy specifically, that direction matters more than the specific topic. The legislature is comfortable saying "California agencies don't share personal data with out-of-state LE in these cases." The frame exists. The next time California decides to protect a class — for any reason — it has the template.

For your actual privacy exposure — home address, phone, family info, prior addresses circulating across hundreds of broker sites — SB 345 does nothing directly. The relevant tools there are the Delete Act and DROP platform, Vehicle Code §1808.4, and Government Code §6254.21.

How CA agencies were trained

Most CA agencies trained on SB 345 in early 2025, paired with AB 1242. The Culver City PD January 2025 training bulletin walks officers through both statutes side by side and lays out the operational picture.

Standard practice in those bulletins:

• Out-of-state requests on covered cases route to the agency's legal advisor, not the line.
• Don't volunteer information to out-of-state agencies on covered topics.
• Personal-data sharing across state lines in covered cases is prohibited.

If your agency hasn't issued specific training on SB 345 yet, the AB 1242 guidance applies — the analysis is the same, the protected category is different.

What we do

SB 345, like AB 1242, is agency-side. There's nothing an individual files. What we do is the broker side. We sweep 200-plus broker sites every two weeks, file opt-outs, and re-notice when a broker re-lists you. State-level agency restrictions close one path. We close the other.

For California first responders, the practical move is to submit a DROP request under the Delete Act and run a free scan to see what's still live in the broker layer.