Following the overturning of Roe v. Wade in a 5-4 decision by the U.S. Supreme Court, and a 6-3 decision to uphold a Mississippi abortion ban, the question of privacy and security of patient data is now in the spotlight. And some bad actors may try to weaponize this data.
“The value of reproductive health data is going to skyrocket,” said Bethany Corbin, a lawyer at Nixon Gwilt who works with femtech companies. “Health data is already valued more than credit card data and now that states are criminalizing abortion, there’s a higher incentive for a hacker to go after your organization’s data.”
The Guttmacher Institute estimates that 26 states will move quickly to ban abortion, and 13 states have trigger laws that will go into effect soon after today’s ruling, limiting access to abortion after a certain number of weeks. The bans would mean sensitive patient data, such as interactions with a telehealth provider to obtain abortion drugs, could pose a threat to an organization or an individual if it gets into the wrong hands.
A hacker may be incentivized to extort a patient and expect a ransom if they obtain data that shows they are guilty of breaking state law, Corbin said.
Lawmakers earlier this week introduced the “My Body, My Data Act” to protect personal health data in response to the leaked draft opinion on Roe.
Sens. Ron Wyden (D-OR), Mazie Hirono (D-HI), and U.S. Rep. Sara Jacobs (D-CA) introduced the act. “It is just common sense that data brokers, tech companies and advertisers shouldn’t be able to put personal, sensitive information on the public auction block for anyone with a credit card,” Wyden said in a news release.
Today, Wyden underscored the need for data security in his reaction to the final Roe decision.
“Furthermore, the Congress must pass legislation protecting people’s data so their web searches, text messages and location tracking aren’t weaponized against them,” Wyden said in a news release. “Technology companies must take immediate steps to limit the collection and retention of customer data so that they don’t become tools of persecution.”
He has also co-sponsored the Health and Location Data Protection Act with Sen. Elizabeth Warren (D-MA), legislation that bans data brokers from what he calls “uterus surveillance,” and would apply to such technology as period tracking apps.
The cybersecurity security threats emerging from Roe’s overturning not only affect individuals, there are also ramifications for employers.
For those employers who’ve vowed to protect abortion access for their employees, including several large companies such as Yelp, CitiGroup, and Apple, this means navigating tricky state by state regulations.
“It’s easy to say in theory you’ll provide abortion benefits, but what does it mean? Will an individual travel to the nearest state, or three states away where care is better and how will they let their employer know? There’s a potential privacy risk here,” Corbin said. “I think there’s going to be a lot of challenges to figure out how to offer this benefit.”
Even with the challenges, she predicts offering abortion access is a benefit that companies will use to set themselves apart when they’re trying to attract employees in this competitive, job-seekers’ economy. She believes offering an abortion benefit would be safer through an employee sponsored health plan because patient data would be protected by HIPAA.
Several states have already considered themselves a safe haven, offering abortions to those from other states, but laws on interstate abortions have yet to be determined.
In a statement from NYC Health & Hospitals President and CEO Mitchell Katz, MD, the hospital will continue providing abortion access to anyone.
“We will do whatever it takes to accommodate patients from near and far. And we will take the necessary steps to protect the safety and security of our patients and the health care professionals who provide these services,” Katz said.
Pro-life group, the Susan B. Anthony List, celebrated the overturning and said in a statement that an “entirely new pro-life movement begins today.” The SBA List continued, “We are ready to go on offense for life in every single one of those legislative bodies, in each statehouse and the White House. Over the next few years we will have the opportunity to save hundreds of thousands, even millions of lives by limiting the horror of abortion in many states.”
Yet the organization whose main stakeholders swear and take oath to preserve life issued a sharp statement that contrasts deeply with the avowed right-to-lifers.
“The American Medical Association is deeply disturbed by the U.S. Supreme Court’s decision to overturn nearly a half century of precedent protecting patients’ right to critical reproductive health care—representing an egregious allowance of government intrusion into the medical examination room, a direct attack on the practice of medicine and the patient-physician relationship, and a brazen violation of patients’ rights to evidence-based reproductive health services. States that end legal abortion will not end abortion—they will end safe abortion, risking devastating consequences, including patients’ lives.”
Photo: anyaberkut, Getty Images