“The best time to take strong data protection measures would be during the day Dobbs leaked out. The second best time is now,” said Matthew Courtland, a senior fellow at Data For Progress, referring to the title of the Supreme Court decision last month that ended the constitutional right to abortion. “This is a pressing issue of life and death for millions of Americans. And, frankly, the administration cannot afford to wait any longer.”

The growing concern comes amid broader disenchantment with a number of key Democratic constituencies, including young voters, professional activists and many of the party’s lawmakers. They are alarmed by what they call the White House’s inadequate response to the court’s decision – both in tone and substance.

When it comes to data privacy, the focus is on HIPAA, the 1996 law that governs the privacy of personal health information, and how the Biden administration can strengthen its regulatory efforts by using the Federal Trade Commission’s broad powers to combat “unfair and deceptive » practices of online data tracking companies.

With Congress deadlocked on privacy rights, “the Biden administration needs to do what it can for health privacy right now, such as maximizing HIPAA enforcement and issuing stronger guidelines,” said Justin Sherman, senior research associate at Duke University. Sanford School of Public Policy.

Instead of showing impotence — Becerra said last week that there is “no magic bullet” to restoring abortion rights — the Biden administration could be more vocal about the importance of strong privacy laws, Sherman said.

Sherman is not alone. Activists and advocates from groups like the Electronic Privacy Information Center, the Surveillance Technology Oversight Project and the American College of Obstetricians and Gynecologists weigh in. Democrats in Congress have proposed legislation that, while facing significant hurdles to pass, will increase pressure on Biden.

Progressive sensor. Elizabeth Warren (D-Mass), Bernie Sanders (I-Vt.) and Ron Wyden (D-Ore.) have introduced Senate legislation prohibit companies from selling health and location data. Rep. Sarah Jacobs (state of California) has a house bill it would limit the non-HIPAA health data companies can collect and give the FTC new enforcement responsibilities.

Wyden called the prosecutors’ ability to access abortion information a “five-alarm crisis” and “womb surveillance.”

HIPAA “wiggle room”

No state has yet introduced a law that threatens criminal prosecution of people who have an early abortion. But some states have vague abortion laws, and legal experts told POLITICO that cases are possible. Current laws target abortion clinics.

The data that prosecutors can use falls into two categories: health information covered by HIPAA and information collected by websites and apps.

The administration issued the guidelines last month which cover protection for both datasets. It says data covered by HIPAA is protected from routine disclosure, but not necessarily from court order.

When faced with such an order, an abortion clinic would be permitted, but not required, to disclose the information. But the guidelines did not provide complete peace of mind for providers or people who perform abortions.

“It clearly explains, explains and defines how the rules work. It’s not a perfect solution,” added Kirk Nahra, a privacy lawyer at the law firm WilmerHale. “There’s still room for wiggle room in the rules.”

A section of the HIPAA regulations allows providers to disclose protected health information without an individual’s consent if doing so is evidence of a crime against the provider’s property. The provision is intended to cover situations where, for example, a patient assaults a nurse, Nahra said, but could apply to abortions.

Changing that would require a lengthy rulemaking process from the administration. The White House said Friday that HHS would consider further action on HIPAA, but did not elaborate. Biden also said the Justice Department would recruit lawyers to help patients and providers on a pro bono basis.

Privacy advocates are pressing Biden to help patients and providers avoid lawsuits. Eleni Manis, director of research at the Surveillance Technology Oversight Project, said the administration should ban abortion providers from sharing their patients’ health information.

“Their proper role is as guardians to protect the sanctity of the doctor-patient relationship, not as prosecutors,” Manis said.

In addition to introducing legislation, Democrats in Congress are lobbying the administration directly. Sen. Michael Bennett Colorado and Nevada Catherine Cortez Masta wrote Becerra last week urging him to update HIPAA rules to prevent clinics from sharing health information with abortion law enforcement.

The issue could not be more urgent,” Masto said in a statement to POLITICO. “I am considering every option to implement stronger patient privacy protections.”

Online data exchange

Other data that could be relevant to prosecution, such as web searches, location history and correspondence with abortion providers, are more vulnerable, the HHS guidance acknowledged. The administration has suggested that people seeking abortions turn off the sharing of information with websites and apps as a temporary solution.

“Ultimately, the best way to protect your health and personal information from being collected and transmitted by your personal cell phone or tablet without your knowledge is to limit what personal information you send and store on or through your device,” the guidance says.

Privacy advocates were unhappy, noting that it puts the onus on people, not tech companies and lawmakers, for inaction.

While the administration urged Congress to take action, its messages did not include a push for data privacy legislation that could make Democrats reluctant to pass a compromise bill.

“Comprehensive privacy legislation is beneficial for a number of reasons, one of which is that it protects people seeking reproductive health services,” said John Davison, senior counsel at the Electronic Privacy Information Center. “This should be part of the response to the privacy threats faced in the post-roe deer world”.

Especially without some encouragement from Biden, Congress is unlikely to get anything done anytime soon. House Subcommittee on Energy and Commerce bipartisan legislation approved it would limit the data that Internet companies and data brokers can collect and store and require firms to obtain customer consent to share their health information last month, but the bill faces major hurdles because some Democrats say it doesn’t go far enough.

The administration said Friday that Biden had asked the Federal Trade Commission to take action to protect patient privacy. A person familiar with the White House’s plans, who spoke on condition of anonymity to disclose them to POLITICO, said Biden wants the agency to crack down on websites and apps that engage in “unfair or deceptive practices related to reporting, tracking, sharing or selling personal information, including confidential health-related information.”

Becerra said the administration is considering its options: “If there’s something we can do, we’ll find it and do it.”

But the FTC has limited resources that can blunt its influence.

“Regulation is not just about having a law on the books, it’s about having people who can enforce it,” Sherman said. “In the case of the FTC, we need a lot more funding for the privacy people there.”

Whatever the regulatory and legislative hurdles, abortion rights advocates say they would like to see Biden at least use his bully pulpit more forcefully to push those who own patient data to change their collection practices.

In a speech on Friday, Biden discussed his concerns about data brokers selling information that could be used by law enforcement, but stopped short of going after tech companies or asking Congress to take action.

“The press gathered in front of me probably knows more about this than I do,” Biden said. “I’m not a technical person. I’m studying.”

Others have more specific ideas. Writing for STAT First Opinion, Eric Perakslis of the Duke Clinical Research Institute said hospitals should stop sharing data for commercial research purposes as long as it can allow prosecutors to obtain it.

And Google this month said it would delete location data on abortion clinic visits, perhaps evidence that such a strategy could trigger voluntary changes in data collection practices.

“The only responsible thing to do is to emphasize that the decision is not in the hands of pregnant women,” Manis said.


Previous articlePreview: Austrian Grand Prix – track guide, prediction, race preview
Next article“All Bad” star Aaron Paul hits the beach in Whitstable