Skip to Main Content

Reproductive Health Care has New HIPAA Privacy Guidance

Wednesday, July 27, 2022
Margaret Bastick

The U.S. Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization, which allows states to regulate and prohibit abortion has resulted in new guidance from the Department of Health and Human Services (HHS). The HHS has recently issued new guidance regarding HIPAA’s privacy protections for reproductive health care.

The guidance focuses on health care providers’ obligation under the HIPAA Privacy Rule to safeguard the privacy of patients’ protected health information (PHI) related to reproductive health care, including abortions.

HIPAA Compliance Key Features

  • Health care providers may disclose an individual’s PHI, without an authorization, only as expressly permitted or required by the HIPAA Privacy Rule.
  • Providers may disclose PHI in certain situations when required by law, for law enforcement purposes and to avert a serious threat to health or safety.
  • Health care providers are not required to disclose PHI to third parties, however.

Permitted Disclosures

According to HHS, the HIPAA Privacy Rule permits but does not require health care providers to disclose PHI without an individual’s authorization in certain situations where the disclosure is required by another law, for law enforcement purposes or to avert a serious threat to health or safety.

According to HHS, in the absence of a mandate enforceable in a court of law, the Privacy Rule does not permit health care providers to report a patient’s abortion to law enforcement. HHS also notes that it would be inconsistent with professional standards of ethical conduct to make a disclosure of PHI to law enforcement regarding an individual’s interest, intent or prior experience with reproductive health care.

The new guidance provides examples of different scenarios that may arise in states where abortion care is restricted or prohibited. It encourages health care providers to seek legal advice if they are unsure about their HIPAA compliance obligations.

Privacy of Health Information on Cell Phones

In addition, HHS released guidance for individuals addressing the extent to which private medical information is protected on personal cellphones and tablets. It also provides tips for safeguarding this information when using health information apps, such as menstrual cycle trackers.

Material posted on this website is for informational purposes only and does not constitute a legal opinion or medical advice. Contact your legal representative or medical professional for information specific to your legal or medical needs.