A new Health Insurance Portability and Accountability Act (HIPAA) privacy rule went into effect on June 25, that prohibits the disclosure of protected health information related to lawful reproductive health care in certain situations. Employers, as covered entities under HIPAA, must comply with the rule by Dec. 23.
Under the previous HIPAA privacy regulations, healthcare providers were allowed, but not required, to share patients’ reproductive health information with law enforcement. Such information could include contraception use, pregnancy- related care—including miscarriage and abortion—as well as infertility treatment.
The Biden administration issued the new rule after hearing concerns from providers that patients’ records could be unlawfully sought when they travel out of state to obtain reproductive care, especially after the Supreme Court overturned Roe v. Wade in June 2022. Several states instituted abortion restrictions and bans following the decision, causing some patients to cross state lines for care.
What the New Rule Covers
The new HIPAA reproductive health privacy rule aims to better protect patient confidentiality and prevent medical records from being used against those legally obtaining or providing reproductive care.
However, the rule does not:
- Cover reproductive health information when the services obtained were illegal
- Cover data outside of HIPAA protections, like location information or health details stored on personal devices
- Apply unless the care was lawfully obtained in a state where it is legal.
Required Signed Attestations
Under the new regulations, if a HIPAA-covered entity like an employer receives a request for protected health information potentially involving reproductive care, they must get a signed attestation stating the data will not be utilized for prohibited reasons.
Valid attestations must be provided on a standalone form, not attached to other documents when disclosing information for:
- Health oversight activities
- Judicial and administrative proceedings
- Law enforcement purposes
- Releases to coroners and medical examiners.
The Office for Civil Rights plans to publish a model attestation form to aid compliance ahead of the Dec. 23 deadline.
For more Employee Benefits resources, contact INSURICA today.
Copyright © 2024 Smarts Publishing. This is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice.Â
About the Author
Share This Story
Related Blogs
OSHA Announces Top 10 Violations for 2025
OSHA recently revealed its top 10 most frequently cited standards in the 2025 fiscal year using preliminary data. This information is valuable for businesses of all kinds, as it helps them identify common exposures that affect their workforce and gives them the information they need to plan their compliance programs.
Cyber Hygiene for Schools: Teaching Digital Safety to Students
Cyber hygiene for schools is more important than ever in today’s digital learning environment. Teaching digital safety to students not only protects their personal information but also strengthens overall school cybersecurity. With increasing online access in classrooms, cyber hygiene for schools must become a routine part of curriculum planning and student behavior expectations.
Mental Health Benefits Go Mainstream: What Employers Need to Know
Once considered a niche offering or a reactive add-on, mental health benefits have now moved to the center of the employee experience. In 2025, nearly half of U.S. employers offer some form of mental health support beyond traditional EAPs—a sharp rise from just 30% in 2023. This shift isn’t just cultural; it’s strategic.