A new Health Insurance Portability and Accountability Act (HIPAA) privacy rule went into effect on June 25, that prohibits the disclosure of protected health information related to lawful reproductive health care in certain situations. Employers, as covered entities under HIPAA, must comply with the rule by Dec. 23.
Under the previous HIPAA privacy regulations, healthcare providers were allowed, but not required, to share patients’ reproductive health information with law enforcement. Such information could include contraception use, pregnancy- related care—including miscarriage and abortion—as well as infertility treatment.
The Biden administration issued the new rule after hearing concerns from providers that patients’ records could be unlawfully sought when they travel out of state to obtain reproductive care, especially after the Supreme Court overturned Roe v. Wade in June 2022. Several states instituted abortion restrictions and bans following the decision, causing some patients to cross state lines for care.
What the New Rule Covers
The new HIPAA reproductive health privacy rule aims to better protect patient confidentiality and prevent medical records from being used against those legally obtaining or providing reproductive care.
However, the rule does not:
- Cover reproductive health information when the services obtained were illegal
- Cover data outside of HIPAA protections, like location information or health details stored on personal devices
- Apply unless the care was lawfully obtained in a state where it is legal.
Required Signed Attestations
Under the new regulations, if a HIPAA-covered entity like an employer receives a request for protected health information potentially involving reproductive care, they must get a signed attestation stating the data will not be utilized for prohibited reasons.
Valid attestations must be provided on a standalone form, not attached to other documents when disclosing information for:
- Health oversight activities
- Judicial and administrative proceedings
- Law enforcement purposes
- Releases to coroners and medical examiners.
The Office for Civil Rights plans to publish a model attestation form to aid compliance ahead of the Dec. 23 deadline.
For more Employee Benefits resources, contact INSURICA today.
Copyright © 2024 Smarts Publishing. This is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice.Â
About the Author
Share This Story
Related Blogs
New Compliance Rules Ahead: What the OBBB Means for Your Benefits Team
Signed into law by President Trump on July 4th, the “One Big Beautiful Bill” (OBBB) is already making waves in tax policy and Social Security headlines. But for employee benefits administrators, the bill quietly ushers in key updates that will reshape plan design, compliance, and employee communication in the months ahead.
Putting HR Technology to Work: How INSURICA Clients Gain an Edge with OutSail
Payroll errors that hit the general ledger, open-enrollment portals that freeze at midnight, new hires juggling four log-ins on day one - when HR technology falters, the ripple effects reach every corner of the organization. Yet most employers still rely on a patchwork of legacy systems chosen under deadline pressure.
CPR and AED Training for School Staff: A Life-Saving Back-to-School Priority
As students return to campus, it’s important for school administrators to assess more than just academics and operations. One critical area that deserves attention is CPR and AED training for school staff. Ensuring your employees are prepared to respond to cardiac emergencies can save lives—and now is the perfect time to make it a priority.