Fertility and surrogacy issues are deeply personal. Many people don’t want their most sensitive information posted somewhere on the Internet. Recently, California legislators passed a pair of bills that will help protect the reproductive and sexual health information of patients.
The bills include an update to the Confidentiality of Medical Information Act (CMIA) that extends existing privacy protections to reproductive and sexual health information in the context of the Internet and mobile applications. The CMIA is California’s version of the more familiar federal Health Insurance Portability and Accountability Act, or HIPAA. The new measures will have important effects on digital services that track certain health information, and could ease the minds of many patients who would like to keep some of their most intimate information private.
When the new bills go into effect next year, they will make clear that CMIA’s definition of “medical information” that must be kept private includes “reproductive or sexual health information” that is collected by certain health-oriented digital services.
The changes will also classify these digital services as health care providers, meaning that they must follow the same requirements as doctors and clinics with regards to maintaining their users’ privacy. These services will face penalties if they misuse health data, including by selling it or using it for marketing unless they have the consent of the user.
California’s changes follow a recent move by the Biden administration to strengthen reproductive health information privacy under HIPAA. The Department of Health and Human Services recently published its intention to pass a new rule that would prohibit a wide variety of entities within the health care industry from disclosing patients’ reproductive care information.