Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

HHS.gov
  • About HHS
  • Programs & Services
  • Grants & Contracts
  • Laws & Regulations
  • HIPAA for Individuals
  • Filing a Complaint
  • HIPAA for Professionals
  • Newsroom

Breadcrumb

  1. HHS
  2. HIPAA Home
  3. For Professionals
  4. Special Topics
  5. HIPAA and Reproductive Health
  • HIPAA for Professionals
  • Regulatory Initiatives
  • Privacy
    • Summary of the Privacy Rule
    • Guidance
    • Combined Text of All Rules
    • HIPAA Related Links
  • Security
    • Summary of the Security Rule
    • Security Guidance
    • Cyber Security Guidance
  • Breach Notification
    • Breach Reporting
    • Guidance
    • Reports to Congress
    • Regulation History
  • Compliance & Enforcement
    • Enforcement Rule
    • Enforcement Process
    • Enforcement Data
    • Resolution Agreements
    • Case Examples
    • Audit
    • Reports to Congress
    • State Attorneys General
  • Special Topics
    • HIPAA and COVID-19
    • HIPAA and Reproductive Health
    • HIPAA and Telehealth
    • HIPAA and FERPA
    • Mental Health & Substance Use Disorders
    • Research
    • Public Health
    • Emergency Response
    • Health Information Technology
    • Health Apps
  • Patient Safety
    • Statute & Rule
      • PSQIA Statute
      • Patient Safety Rule
    • Enforcement
    • Guidance
  • Covered Entities & Business Associates
    • Business Associate Contracts
    • Business Associates
  • Training & Resources
  • FAQs for Professionals
  • Other Administrative Simplification Rules

HIPAA and Reproductive Health

OCR has issued a notice of proposed rulemaking and guidance on the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule (Privacy Rule) and the privacy of individuals’ protected health Information (PHI) relating to abortion and other sexual and reproductive health care.

Notice of Proposed Rulemaking on the HIPAA Privacy Rule and Reproductive Health Care

On April 12, 2023, OCR issued a Notice of Proposed Rulemaking (NPRM) to strengthen the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule protections by prohibiting the use or disclosure of protected health information (PHI) to identify, investigate, prosecute, or sue patients, providers and others involved in the provision of legal reproductive health care, including abortion. HHS has heard from patients, providers, and organizations representing thousands of individuals that this change was needed to protect patient-provider confidentiality and prevent private medical records from being used against them merely for seeking, obtaining, providing, or facilitating lawful reproductive health care. Today’s announcement coincides with the convening of President Biden’s Task Force on Reproductive Health Care, aimed at protecting reproductive rights, including access to abortion care, following the Supreme Court’s decision overturning Roe v. Wade.

Protecting patient health information and privacy has taken on critical importance, and in the wake of unprecedented attacks against women’s reproductive rights. Following the Supreme Court decision, President Biden signed Executive Order 14076, directing HHS to consider ways to strengthen the protection of sensitive information related to reproductive health care services and bolster patient-provider confidentiality. This proposed rule is a result of that directive:

  • Read the Press Release
  • Read the Fact Sheet
  • Lea la hoja informativa en español
  • Read the NPRM

Guidance on the HIPAA Privacy Rule and Disclosures of Information Relating to Reproductive Health Care

OCR issued guidance explaining how the Privacy Rule permissions for disclosing PHI without an individual’s authorization for purposes not related to health care, such as disclosures to law enforcement officials, are narrowly tailored to protect the individual’s privacy and support their access to health care, including abortion care.  This Guidance:

  • Reminds HIPAA covered entities and business associates that they can use and disclose PHI, without an individual’s signed authorization, only as expressly permitted or required by the Privacy Rule.
  • Explains the Privacy Rule’s restrictions on disclosures of PHI when required by law, for law enforcement purposes, and to avert a serious threat to health or safety.
  • Read the Guidance

Protecting the Privacy and Security of Your Health Information When Using Your Personal Cell Phone or Tablet

OCR issued guidance for individuals about protecting the privacy and security of their health information when using their personal cell phone or tablet.  This guidance explains that, in most cases, the HIPAA Privacy, Security, and Breach Notification Rules do not protect the privacy or security of individuals’ health information when they access or store the information on personal cell phones or tablets. This guidance also provides tips about steps an individual can take to decrease how their cell phone or tablet collects and shares their health and other personal information without the individual’s knowledge.  This Guidance:

  • Explains how to turn off the location services on Apple and Android devices.
  • Identifies best practices for selecting apps, browsers, and search engines that are recognized as supporting increased privacy and security.
  • Read the guidance
Content created by Office for Civil Rights (OCR)
Content last reviewed April 14, 2023
Back to top
  • Contact HHS
  • Careers
  • HHS FAQs
  • Nondiscrimination Notice
  • HHS Archive
  • Accessibility
  • Privacy Policy
  • Viewers & Players
  • Budget/Performance
  • Inspector General
  • Web Site Disclaimers
  • EEO/No Fear Act
  • FOIA
  • The White House
  • USA.gov
  • Vulnerability Disclosure Policy

Sign Up for Email Updates

Receive the latest updates from the Secretary, Blogs, and News Releases.

Sign Up
HHS Logo

HHS Headquarters

200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-877-696-6775​