How Private and Protected Is Virtual Reproductive Care?

Angela Lashbrook

July 13, 2022 at 12:03 PM·16 min read

While online telehealth visits surged during the pandemic, consumers now seeking remote reproductive health services face a number of privacy and legal challenges

By Angela Lashbrook

As COVID-19 spread around the world, patients and providers turned to telehealth en masse, with many accessing online healthcare for the first time. Abortion care began to follow a similar pattern in December 2021, when the Food and Drug Administration said it would allow people access to what’s known as medication abortion—where pills are used to induce an abortion—via a virtual consultation with a doctor. This move permanently waived an earlier rule that required an in-person visit.

Since then, abortion providers say demand for telehealth abortions—abortions facilitated remotely by a medical provider—has been on the rise, with many pregnant people attempting to turn to internet-based platforms dedicated to reproductive care. Now that the Supreme Court has overturned Roe v. Wade—many states have banned abortion outright, and hundreds of abortion clinics across the country are expected to shut down—that trend is likely to continue, experts say.

But the Supreme Court decision on Roe has also thrown online reproductive care into a state of confusion, with different types of online abortion providers subject to different rules and jurisdictions, leaving some virtual abortion care in a legal gray area.

That means many of the general privacy concerns associated with online healthcare could now also have potential legal consequences for consumers when it comes to reproductive care. In many states, getting miscarriage care or even doing research online about accessing an abortion could ultimately be used against a patient, their provider, or others who assist the patient in accessing care in states where abortion is restricted or outlawed, according to experts such as David Cohen, a professor at the Drexel University Thomas R. Kline School of Law in Philadelphia, and Mary Ziegler, a professor of law at the University of California, Davis, both leading experts on the laws behind reproductive care. And the federal laws governing the treatment of sensitive medical information might not provide much protection if someone knowingly or unknowingly breaks the law.

The gulf between federal and state rules around abortion care also seems to be widening. In a July 8 announcement, President Joe Biden directed the secretary of health and human services to find new ways to protect and expand access to medication abortion. The announcement called for agencies to look into additional strategies for bolstering privacy protections around reproductive care.

With so many people using telemedicine, here’s what you need to know generally about the privacy of sensitive health information and specifically as it now applies to telehealth abortion.

Jump to:
• How HIPAA Protects—and Doesn’t Protect—Telehealth Visits
• Legal Questions About Different Types of Telehealth Abortion Care
• How Laws Could Change and Further Affect Reproductive Telehealth Services
• Protecting Your Privacy When Seeking Medical Care Online

How HIPAA Protects—and Doesn’t Protect—Telehealth Visits

The primary law that governs the handling of medical data is the Health Insurance Portability and Accountability Act (HIPAA) of 1996. It sets out the rules insurers and providers must follow when handling personal data, but it doesn’t cover all medical conversations. HIPAA applies only to healthcare providers, health insurance companies, and certain other entities that handle medical information, such as medical billing services, so it doesn’t generally apply to internet searches or apps, and it won’t protect someone from a court order or subpoena. HIPAA prohibits these entities from disclosing private healthcare information—such as what medication you’re taking, what surgeries you’re scheduled for, and what diagnoses you’ve received—except in very specific situations.

That also applies when it comes to reproductive care. “If an abortion provider, including a telemedicine abortion provider, takes insurance and bills insurance electronically for at least one patient, then the telemedicine provider is a covered entity and must comply with HIPAA,” says Stacey Tovino, a professor of law at the University of Oklahoma College of Law in Norman and a leading expert on bioethics and health law. Even if they aren’t governed by HIPAA, licensed nurses and doctors who don’t take insurance must comply with local medical practice laws that require certain levels of patient confidentiality.

(Read more about what HIPAA covers and what it does not.)

But there are many ways that information about an abortion or other reproductive care can be disclosed that are not covered by HIPAA. Text messages and emails to friends or family, Google searches, location data, and other types of online data are generally not protected by any privacy laws, even if you’re discussing your health or other sensitive matters. Information from these types of searches and communications can be sold by tech companies or subpoenaed by law enforcement. However, in early July, Google announced that it won’t collect location data around abortion clinics, fertility centers, domestic violence shelters, and other sensitive healthcare facilities.

Now that Roe has been overturned, things will only get murkier. For someone who lives in a state where abortion is restricted or illegal, an online conversation with a doctor—even through a HIPAA-compliant program, such as Zoom for Healthcare—may be subject to law enforcement access. That’s the case regardless of what state the doctor is licensed to practice in.

“In general, if there’s a law in the state that requires people to notify officials if they suspect a crime occurred—you can see this with child abuse or other mandatory reporting laws—that’s an exception to HIPAA,” says Greer Donley, an associate professor at the University of Pittsburgh School of Law who studies reproductive care and abortion laws.

The Department of Health and Human Services recently published updated guidance on reproductive healthcare clarifying that HIPAA-regulated entities, such as doctors and nurses, are permitted to disclose protected health information only when presented with a court order or a warrant that’s enforceable in a court of law.

Legal Questions About Different Types of Telehealth Abortion Care

In addition to privacy questions, there are also now thorny legal questions around telehealth appointments for reproductive care. These issues are intertwined: When health data is not private or secure, it is easier for it to be used by prosecutors or investigators if someone is suspected of running afoul of state laws.

Online abortion providers generally separate into two types of care: conventional telehealth reproductive-care platforms that offer consultation with a medical professional before the pills for a medication abortion are prescribed, and “self-managed abortion,” in which someone seeks an abortion outside of a traditional healthcare setting via either medication, or other, more dangerous methods. The laws and rules governing access to these services vary from state to state, and it’s often not clear when and where the pursuit of online abortion care could be seen as criminal—or what the penalties might be.

Conventional telehealth providers include online-only platforms such as Abortion on Demand, Choix, and HeyJane, along with certain providers and clinics that offer in-person care as well, such as Planned Parenthood and some gynecologists.

A telehealth abortion appointment with one of these providers is similar to most other telehealth medical appointments: A patient consults with a provider via either videochat, phone call, or text message. The provider can then prescribe a regimen of two pills, mifepristone and misoprostol, which can be used to induce an abortion up to 11 weeks gestation (though some providers, including Abortion on Demand, Choix, and HeyJane, have earlier limits). The pills generally arrive in the mail within about a week of the appointment. If a patient is too far along to take abortion medication, the online provider will recommend that they make an in-person appointment with a gynecologist or other abortion provider to discuss their options, according to a spokesperson for Choix.

Conventional telehealth abortion may seem like an option for people in places where abortion is limited or illegal, but it generally isn’t. Even before Roe v. Wade was overturned, making most abortion illegal or soon to be illegal in many states, there were already 19 states that either limited or prohibited telehealth abortion care. Most telehealth abortion providers work within each state’s laws and don’t offer abortions to people who are in a state that prohibits telehealth abortion, such as Louisiana or Texas.

That’s because the rules that apply to the practice of medicine are based on where the patient is, not where the provider is. So a provider offering telehealth abortion to someone living in a state where it is illegal would not only face potential criminal liability but also risk losing their medical license, says Donley, the associate professor at the University of Pittsburgh School of Law.

In a self-managed abortion, someone seeking an abortion could obtain medication from a variety of sources, such as online pharmacies that are often based abroad, according to the abortion access website Plan C. The term “self-managed” also includes more dangerous methods of trying to induce abortion, such as buying drugs via unverified black market sources or using herbal remedies.

Self-managed abortions are technically not allowed in any state that outlaws abortion, and some explicitly ban the practice. But current laws primarily criminalize the providers of abortion care, not the recipients. And online operations that are located outside the U.S. are not subject to the jurisdiction of any U.S. states, so those abortion providers are operating in a legal loophole.

And then there are hybrid entities such as the European organization Aid Access, which operates somewhere between conventional telehealth and self-managed abortions. Aid Access doctors offer prescriptions for abortion pills without regard to the legal status of abortion where a patient lives.

The FDA has advised consumers against purchasing abortion pills over the internet or from foreign sources because those fall outside of the FDA’s regulatory oversight. Providers such as Aid Access also operate in a gray area when it comes to federal drug regulations because “the FDA doesn’t allow personal importation of drugs,” says Ziegler, the UC Davis professor who also wrote the book “Beyond Abortion: Roe v. Wade and the Fight for Privacy.” “At least until the present, the FDA also hasn’t pursued anyone for doing this, but in theory, that could change.”

How Laws Could Change and Further Affect Reproductive Telehealth Services

Now that Roe v. Wade has been overturned, approximately 26 states are expected to ban all abortion care, according to the Guttmacher Institute, a reproductive rights research and policy group. That means restrictive state laws may also soon go beyond policing providers, according to Donley at the University of Pittsburgh School of Law.

Anti-abortion organizations are already advising states on further restrictions that would enforce laws on people or groups offering advice to those seeking abortions, whether online or in person. The National Right to Life Committee, the largest anti-abortion group in the country, has drafted model legislation that would make it a crime to tell a person how to seek an abortion or to host a website providing information about where people can seek abortion medication in any state that chose to adopt the legislation.

Future laws, say Donley and Cohen at Drexel University, may also target the pregnant person—someone who obtains abortion pills online directly or via a service like Aid Access, for example. This is in part because of how difficult it is for states to enforce existing anti-abortion laws when online pharmacies and providers such as Aid Access are based overseas, according to Donley. While such providers might not be vulnerable to such state laws, people in states where abortion is illegal certainly are, and may find abortion-related searches or communications they thought were private used against them in a prosecution.

People with desired, but nonviable or medically dangerous pregnancies or miscarriage complications may find themselves targets of these laws as well. “It will become harder for patients to get care after an abortion or miscarriage, and they may be more fearful of doing so, depending on what activities a state law criminalizes,” says Allison Hoffman, a professor of law at the University of Pennsylvania Carey Law School who specializes in healthcare law and policy.

In certain states with extremely limited access to abortion, this already occurs, according to Drexel University’s Cohen. Patients “have had to fly while they’re in the middle of miscarriage to another state to get the care they need because no Texas provider will care for them,” he says. This is in part because some of the procedures done to help a patient experiencing a miscarriage “could be seen as an abortion,” he says.

Currently, there are no states that limit physically traveling across state lines for an abortion, including a telehealth abortion, though some states, such as Missouri and Arkansas, have signaled a desire to criminalize such activities. Both Biden and U.S. Attorney General Merrick Garland have asserted that based on “bedrock constitutional principles” people must remain free to travel for their reproductive healthcare. And according to Biden’s July 8 announcement, the attorney general will also provide “technical assistance to states affording legal protection to out-of-state patients.”

Protecting Your Privacy When Seeking Medical Care Online

Consumer Reports experts have consistently argued that patients deserve to have their medical information protected. “The laws protecting patient data are outdated and out of touch with consumers’ expectations of privacy,” says Justin Brookman, director of privacy and technology policy at Consumer Reports. “We need stronger protections for sensitive health data.” In the meantime, as the landscape continues to shift for reproductive health, here are important considerations for protecting your privacy when seeking any medical care online.

Use a HIPAA-Regulated App
Among the first things you generally should do to protect your medical privacy online is ensure that the app on which you’re conversing with a provider is required to comply with HIPAA. All healthcare providers who take insurance are bound by HIPAA, Tovino says. But some platforms sell data for marketing purposes, or have otherwise lax protections, and in those situations, personal data could be sold to data brokers and thus be easily accessible to law enforcement or anybody with the cash to buy the data.

In other words, your doctor is subject to HIPAA, but the platform on which you’re talking to them might not be. You can check this list to see if the platform your doctor uses is regulated under HIPAA (though keep in mind that the list, while extensive, is not comprehensive). If not, you can always ask your doctor to hop on the phone instead. (See our previous articles on HIPAA-compliant videochat programs and the limits of HIPAA.)

Set Up Online Privacy Tools
There are a variety of tools that can improve the privacy of any online activity. The Electronic Frontier Foundation, a privacy and technology nonprofit, recommends using private browsers, such as Firefox and the mobile-only DuckDuckGo. Using a VPN—or virtual private network—may offer some measure of privacy protection, too, because it obscures your IP address and prevents third parties from seeing what websites you visit or data you share. CR’s Brookman recommends considering the private browser Tor to minimize traces of what you’re looking for. Securing your router is another good step. The Department of Health and Human Services also provides some additional tips for securing personal data on your phone or tablet.

But it’s important to understand the limitations of all of these steps. “A VPN could shield your activity from your ISP [internet service provider], but now your VPN could know who you’re talking to,” Brookman says. For example, if your workplace provides your work computer with a VPN, your employer still has access to your browsing if it takes place on a work computer, he says. That’s one reason it’s important to do any sensitive medical searches or consultations on your own personal device, and if you’re going to use a VPN, choose one with ample privacy protections. Mullvad and IVPN are two good options, according to CR’s tests.

Understand The Risks of Searches and Conversations About Reproductive Care
“Users need to think of their laptops, phones, digital assistants, home cameras, etc., as open books on their activities,” says Anton Dahbura, PhD, the executive director of the Johns Hopkins University Information Security Institute in Baltimore. “Virtually anything users do or see on their devices can be tracked later, even if the user thinks that they deleted the information.”

That’s particularly important when it comes to online activity about reproductive care, where the laws can be tricky and confusing. “The average person with a smartphone who’s thinking about getting an abortion may Google ‘abortion near me’ or ‘where’s Planned Parenthood,’ or they may direct-message someone on Facebook or Instagram,” says Ziegler, professor of law at the University of California, Davis. Though common, that sort of activity is generally not private.

Abortion-related prosecutions that rely on internet search data have happened in at least one instance, when Latice Fisher, a Mississippi woman, was indicted for murder in 2018 after losing a pregnancy. “The inclusion of Ms. Fisher’s alleged internet search history related to her reproductive health as evidence of criminal intent will become standard protocol across the country once abortion is again criminalized,” Cynthia Conti-Cook, a tech fellow at the Ford Foundation, wrote in a 2020 paper published in the University of Baltimore Law Review.

If someone is texting, emailing, or calling their medical provider about any medical care, they may want to use separate applications for these communications rather than their regular email account, their phone’s built-in messaging app, and call service. A provider may be willing to converse via an encrypted app, such as Signal, for example. You can also use Signal to chat with friends or family, but “you still need to trust the person on the other end,” Brookman says. He also recommends selecting the option to automatically delete all messages after a certain period.

Some telehealth abortion providers, including Choix and Hey Jane, let patients request communication via encrypted messaging.

Consumer Reports is an independent, nonprofit organization that works side by side with consumers to create a fairer, safer, and healthier world. CR does not endorse products or services, and does not accept advertising. Copyright © 2022, Consumer Reports, Inc.

Yahoo Sports
Former MLB infielder, Little League World Series star Sean Burroughs dies at 43
The seven-year major leaguer collapsed while coaching his son's Little League game on Thursday.
Yahoo Sports
The best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’
The 2024 Yankees have rediscovered their bravado and hold the second-best record in the AL, thanks in large part to the superstar outfielder.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Yahoo Finance
How rich homebuyers are avoiding high mortgage rates
Homebuyers with means are turning to an old strategy to get around a new crop of high mortgage rates: all-cash deals.
Autoblog
Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)
Trucks aren't known for being fuel efficient, though times are changing. These are the trucks with the best gas mileage in various segments.
Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.
Yahoo Sports
Tight end rankings for fantasy football 2024
The Yahoo Fantasy football analysts reveal their first tight end rankings for the 2024 NFL season.
Yahoo Sports
Golf’s moment of truth is here, and the sport is badly flailing
Nonexistent negotiations and missed opportunities for reconciliation between the PGA Tour and LIV Golf have the sport stuck in place.
Yahoo Finance
Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'
Ryan says he would be writing in a Republican candidate instead of voting for Donald Trump.
Yahoo Sports
2024 Fantasy Football Mock Draft, 1.0
The Yahoo Fantasy football crew got together for their very first mock draft of 2024. Andy Behrens recaps the results.
Yahoo Finance
Bud Light sales still falling as Modelo, Coors fight to keep their gains
The competition among beer giants is still brewing.
Engadget
The best budgeting apps for 2024
Budgeting apps can help you keep track of your finances, stick to a spending plan and reach your money goals. These are the best budget-tracking apps available right now.
Yahoo Sports
Is Pacers coach Rick Carlisle right to be upset about officiating in Knicks series and a big-market bias?
Indiana's head coach refused to blame the officiating following Game 1, then looked at the high road two days later and went a step away from nuclear.
Yahoo Sports
Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful
Teams have made their big splashes in free agency and made their draft picks, it's time for you to do the same. It's fantasy football mock draft time. Some call this time of year best ball season, others know it's an opportunity to get a leg up on your competition for when you have to draft in August. The staff at Yahoo Fantasy did their first mock draft of the 2024 season to help you with the latter. Matt Harmon and Andy Behrens are here to break it all down by each round and crush some staff members in the process.
Yahoo Sports
Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap
Jake Mintz & Jordan Shusterman discuss the Padres-Marlins trade that sent Luis Arraez to San Diego, as well as recap all the action from this weekend in baseball and send birthday wishes to hall-of-famer Willie Mays.
Yahoo Sports
Please save 'Inside the NBA'
Appreciate 'Inside the NBA' while it's still here, because if this goes away, there may never be anything as good again.
Yahoo Finance
Social Security just passed Medicare as the government's most pressing insolvency risk
An annual government report offered a glimmer of good news for Social Security and a jolt of good news for Medicare even as both programs continue to be on pace to run dry next decade.
Yahoo Finance
Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts
The average 30-year fixed mortgage rate edged back toward 7% this week but remains elevated, prompting housing experts to revise their forecasts for the rest of 2024.

News

Life

Entertainment

Finance

Sports

New on Yahoo

How Private and Protected Is Virtual Reproductive Care?

How HIPAA Protects—and Doesn’t Protect—Telehealth Visits

Legal Questions About Different Types of Telehealth Abortion Care

How Laws Could Change and Further Affect Reproductive Telehealth Services

Protecting Your Privacy When Seeking Medical Care Online

Recommended Stories

Former MLB infielder, Little League World Series star Sean Burroughs dies at 43

The best RBs for 2024 fantasy football, according to our experts

Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’

The FDIC change that leaves wealthy bank depositors with less protection

How rich homebuyers are avoiding high mortgage rates

Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

Tight end rankings for fantasy football 2024

Golf’s moment of truth is here, and the sport is badly flailing

Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'

2024 Fantasy Football Mock Draft, 1.0

Bud Light sales still falling as Modelo, Coors fight to keep their gains

The best budgeting apps for 2024

Is Pacers coach Rick Carlisle right to be upset about officiating in Knicks series and a big-market bias?

Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

Please save 'Inside the NBA'

Social Security just passed Medicare as the government's most pressing insolvency risk

Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts