Justin Sherman reports:
The leak of the draft decision overturning Roe v. Wade has prompted numerous stories about the privacy of health data. For instance, Vice reported that data broker SafeGraph was collecting and selling the GPS locations of people who visited abortion clinics—in many cases, likely without their knowledge. There have also been numerous concerns raised about period tracking apps and other technologies that could enable surveillance of and even violence against those seeking medical care.
Most Americans assume that the Health Insurance Portability and Accountability Act, known as HIPAA, and other health privacy laws prevent entities like their doctor from sharing sensitive personal information—and that’s true. Health care providers are covered under HIPAA’s privacy rules.
But companies outside the narrow scope of HIPAA, from data brokers to period tracking apps, can legally sell Americans’ health-related information, and they do, from a list of your surgical procedures to your mental health conditions.
Well, okay, that’s not quite accurate as stated. Not all health care providers are covered by HIPAA. You need to read the regulation to understand what type of entities are considered “covered entities” under HIPAA. But in any event, do read the rest of the article at Slate.
h/t, Matt Fisher