Dobbs Protecting Your Privacy and Healthcare Information
The Dobbs decision opened the conversation to the security of your private privacy healthcare information that we all assumed was secure. We have all been made aware of securing our company’s web infrastructure and firming up its variabilities. The weak link that remains involves our personal lives.
Our family’s cell phones, computers, laptops, note pads, i-pads, gaming things if they’re web-connected, and Alexa, right? Then we have electric cars, and homes, you get the picture. Last, let’s not forget our healthcare privacy.
1-Where a state law prohibits abortion but
- does not expressly require that a hospital report an individual for terminating her pregnancy,
- The Privacy Rule would not permit disclosure of the individual’s PHI to law enforcement under the “required by law” provision.
2-The Privacy Rule Permits Does Not Require the disclosure of PHI
PHI, for law enforcement purposes “pursuant to the process and as otherwise required by law.”
- If a law enforcement official requests records of abortion, but
- there is no Court Order or other Mandate Enforceable in the court of law,
- the Privacy Rule would Not Permit the Disclosure.
3- For disclosures permitted “to avert a serious threat to the health or safety of the individual or the public,”
HHS guidance provides this example.
- A woman informs her health care provider,
- in a state that bans abortion,
- about her intent to seek an abortion in another state where abortion is legal.
- The Privacy Rule would not permit the disclosure of the woman’s PHI to law enforcement
- “to avert a serious threat to the health or safety of the individual or the public,”
- because the woman’s statement tied to pregnancy loss does not constitute such a threat.
- The guidance observes, moreover, that
- the disclosure of such PHI would generally
- increase the risk of harm to the individual and
- detrimentally affect the patient-physician relationship and
- would therefore conflict with professional ethical standards.
- the disclosure of such PHI would generally
- Can technology platforms be prevented from scraping databases to find the patients who had abortions out of state?
4- Protect your medical information when using health information apps (e.g., period trackers, and others).
- Some red states monitor period tracking or fertility apps to
- try and identify women who are planning to
- or already have had an abortion.
- As Missouri has already done this, digital rights experts warn:
- (1) keep digital footprints protected,
- (2) No google and social media, only use:
- (3) privacy-focused browsers like DuckDuckGo or Firefox Focus, and
- (4) recommend using end-to-end encrypted messaging apps like Signal or
- WhatsApp to keep calls and messages private (these apps also offer timed auto-delete features for messages).
5- In summary, none of this looks promising, but here it is:
- Patient Privacy and Reproductive Health Data in the Dobbs Aftermath
- Second, the FTC warns companies
- not to make misleading claims that they “anonymize” or “aggregate” sensitive data to try to placate customers who might otherwise have concerns about their privacy.
- Finally, the Commission points to several recent cases it has brought against companies that misuse customers’ data, without parental consent,
- What can you do to protect yourself, but will we?
- data encryption,
- username ID and
- password, and
- two-factor authentication,
- together can be used to help ensure the confidentiality of information.
- But nothing is perfect, so you must keep your passwords updated.
- Personal Data Examples: Credit card or personnel number of a person, account data, number plate, appearance, customer number, or address.
- Sensitive Information Examples: Social security number, Birthdate/place, Home/Mobile phone number, Home address, Medical Records, Bank Account Numbers, IP address, Passwords, Gender, and Ethnicity.
HIPAA: applies to Healthcare providers and Healthcare Plans.
Safeguard: “protects health Information” or “PHI.”
- Steps you can take to decrease how your cell phone or tablet collects and shares your health and other personal information, such as where you go and what you do, without your knowledge.
- Avoid, downloading unnecessary or random apps, especially those that are “free.”
- ” giving any app permission to access your device’s location data, other than (e.g., navigation and traffic apps).
- turn off the location services on your personal cell phone or tablet.
- consider using communication apps, mobile web browsers, and search engines that are recognized as supporting increased privacy and security.
If you believe that your (or someone else’s) health privacy rights have been violated, at
(800) 368-1019, TDD toll-free: (800) 537-7697, or by emailing: OCRMail@hhs.gov https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf