The domino effect of the US Supreme Court ruling in Dobbs v. Jackson Women’s Health Organization has called on the Federal Office of Health and Human Services (HHS) to strengthen the basic principles of data protection compliance. HHS has issued guidance to educate providers and patients about what protected health information (PHI) is and under what circumstances it may be shared or disclosed to third parties.
This summer, in the wake of the decision that overturned Roe v. Calf, President Joe Biden and HHS Secretary Xavier Becerra called for action to protect access to abortion, pregnancy complications and other services related to sexual and reproductive health care. In response, the HHS Office for Civil Rights (OCR) has issued new guidance for patients and their providers on how laws like HIPAA protect PHI from disclosure to third parties and the extent to which that information is protected on personal digital devices.
The central theses:
- Federal and state regulations should prioritize the obligation to privacy and the right of individuals to access health care, including across state lines.
- Concerns about lawmakers’ scrutiny of period trackers, other health apps, payment records, and even browsing data can be allayed by disabling location services and choosing apps, browsers, and search engines that support user security and privacy.
As part of the guidance, HHS indicated that its Office of Civil Rights (OCR) would make investigations of data breaches a priority for enforcement.