Why HIPAA doesn’t always protect abortion information

Last month, the Supreme Court ruled to overturn the Roe v. Wade case Concerns have been raised that data collected by technology companies and clinics could be used to criminally prosecute people. Those who seek an abortion or experience a miscarriage.

Federal law known as Health Insurance Interoperability and Accountability Act, or HIPAAAlthough it protects patient privacy, healthcare providers may be forced to disclose patient data under special circumstances such as subpoenas and court orders.

There is also a wealth of consumer-generated data that is not considered subject to HIPAA and can be used as court evidence for those allegedly seeking an abortion that violates state law and their providers.Legal experts say: Search history, text messages, location data, and time tracking apps may all be used in court In some cases, this is already the case.

Some technology companies, Google And menstrual cycle tracking app FloHas announced steps to better protect user reproductive health-related data. Consumer data security relies heavily on the whims of the services used in the absence of federal digital privacy laws.

Still, some states, including California and Illinois, have already enacted digital privacy laws that help protect consumer data more generally. Additional state-level proposals are specifically aimed at protecting reproductive health data. Connecticut Reproductive Freedom Defense Act.. The bill could help close the HIPAA gap, but parliamentarians continue to promote national privacy protection.

This is an overview of some current laws and proposals that may protect the information of pregnant people both inside and outside the Internet.

Health Insurance Portability and Accountability Act (HIPAA)

Contents: HIPAA Is a federal patient privacy law passed in 1996 that prohibits healthcare providers and insurance companies from disclosing patient information. It is overseen by the Civil Rights Bureau within the Department of Health and Human Services.

In general, HIPAA does not allow abortion clinics or healthcare providers to reveal to law enforcement authorities whether a person has had an abortion. Abortion clinics that report patient information to others violate HIPAA if state law prohibits abortion but does not “explicitly require” people to report it.

Information not protected by HIPAA: HIPAA cannot resolve all privacy concerns related to reproductive rights.according to Recent guidance issued by HHSThe law allows abortion clinics to disclose persons who have had an abortion in response to a court order or summon. This can become even more common in the post-low era.

HIPAA applies only to certain types of businesses and professionals. Only health insurance companies, healthcare providers, data clearinghouses, and business associates can be regulated.

HIPAA cannot protect some patient information collected by anti-abortion organizations that seek to attract and redirect abortion seekers, such as so-called crisis pregnancy centers.According to, there are about 2,500 centers nationwide Map of Crisis Pregnancy CenterA project led by scholars at the University of Georgia.

What it does: The My Body, My Data Act Is a federal privacy proposal for companies that collect reproductive health information. Unless the data is “strictly required” to provide the service or product requested by the user, the company must obtain the user’s consent before collecting, retaining or disclosing reproductive health data. In addition, the enterprise must delete the user’s information upon request. The Federal Trade Commission has the authority to enforce regulations.

The gap it fills: Although HIPAA is primarily targeted at healthcare providers, the bill focuses on the regulation of technology companies and apps that collect assisted reproductive technology data.

D-Calif Rep. Sara Jacobs, co-sponsor of the bill, said: Washington post At present, without such a law, “right-wing nonprofits would [to] Buy all this data from various menstrual tracking apps to identify all users who are “should be pregnant now but not pregnant”.

How likely are you to pass? In an interview with Post, Jacobs seemed to admit that the bill is unlikely to become federal law, given Republicans’ opposition to increased abortion protection. But she said the federal bill could inspire and model state-level behavior.

What it does: this Federal billSenator Elizabeth Warren, D-Mass. , And those introduced in June by other Democrats, ban data brokers from selling locations and medical data.

The bill will empower FTC to enforce standards for the sale of health and location information. It will also empower the Attorney General and individuals of the state to sue alleged violations. The bill also promises to provide FTC with $ 1 billion in funding over the next decade to carry out its work, including the enforcement of the law.

The gap it fills: While the My Body and My Data Act deal primarily with the collection of health data, the Warren bill focuses on regulating the sale of location data.The suggestion came later Deputy reported it Data brokers such as SafeGraph sold location data for people who visited the abortion clinic.

How likely are you to pass? The bill will probably require some Republicans to be on board to get a chance to pass, given the party’s general opposition to expanding abortion protection.

What it does: This bill, Introduced by Democratic State Congressman Mary Joe Daley in MayThe so-called Crisis Pregnancy Center, prohibits disclosure of private health information collected without explicit permission.

The gap it fills: Recent reports highlight the data risks associated with visiting a crisis pregnancy center... Some pregnant people seeking an abortion are unaware that the center may not provide abortion services and instead try to discourage visitors from ending their pregnancy.

MPs called on Google to make it clearer to consumers Such centers, which often have websites designed to look like abortion clinic websites, do not offer abortions. These centers are often not licensed health care providers and offer free services and are not bound by federal health and privacy laws. Reported timeBased on a conversation with a privacy lawyer.

The Pennsylvania bill could make it difficult for these anti-abortion centers to disclose information that would otherwise apply to this unprotected area.

How effective is it? The bill allows clinics to disclose private health information without permission, even if they need to comply with national, state, or local laws, or court orders and investigations. This can compromise the effectiveness of the protection.

Sanctuary State Law and Proposals

What they do: These types of bills, passed or introduced in some Democratic home states, make it easier for pregnant women seeking abortions outside their own country to protect information within so-called sanctuary states. So, for example, if a Texas person seeks an abortion in Connecticut, it can be difficult for Texas authorities to obtain information about the procedure.

Laws vary slightly from state to state. In general, these types of bills do not require a particular agency or provider in a state to hand over sensitive reproductive health information to another state seeking to prosecute an suspicion of abortion under its own law. The purpose is to.

Which states have them: Two such proposals that have already been signed by the Governor of the Democratic Party Connecticut Reproductive Freedom Defense Act When New Jersey Act of Parliament Bill 3975 / Senate Bill 2633..

A similar bill California, Massachusetts When New York..

The gap they will fill: As of July 7, nine states have already outlawed abortion, and four states could soon pass a law banning abortion, according to the report. Politico.. Many people in these states may choose to have an abortion service in safe harbor states such as Connecticut, but they still face legal risks in their home states.

This means that this type of law may protect travelers from the liability to receive such services in states with statutory abortion services and protection laws from states that have outlawed abortion. ..

How effective are they? While these laws protect information about legal proceedings in the state in which they exist, patients living in states with restricted abortion laws may have medical records retained elsewhere. It should be noted that there is.

“Imagine you’re in Alabama, come to Connecticut and have an abortion, and then see another doctor in Alabama. We’ll see more and more your medical records may bring you back to Alabama. I’m in the world. “Kali Zubzikki, Professor of Health Law, University of Connecticut Law School, I told Verge.

In addition, some measures include certain exceptions that may allow the passing of information. For example, New Jersey law allows exceptions under valid court orders or when abuse of children or the elderly is suspected in good faith. But in the latter case, New Jersey’s legal assisted reproductive technology services should not be considered abuse.

See: Bipartisan lawmakers discuss a new framework for privacy law