Research shows the vast majority of American patients are worried about their private medical data being inappropriately shared or sold.
We worry for good reason: The United States is a global outlier for lacking baseline digital privacy protections.
Earlier this year, federal lawmakers proposed the American Privacy Rights Act (APRA), a bipartisan proposal to establish first-time national standards for consumer data privacy.
Advocates across the spectrum have been weighing in with concerns about the bill, which is a normal part of the legislative process.
One particular concern caught my eye: Anti-abortion lawmakers claimed the bill would “threaten ‘pro-life’ organizations in possession of client health information.”
They are talking about unregulated pregnancy centers, aka anti-abortion “crisis pregnancy centers” (CPCs). These centers collect our sensitive health data but don’t have to comply with medical, safety, or privacy standards like legitimate medical providers.
Of course, anti-abortion activists don’t want us to know this while we’re sharing our information, which is why they work so very hard to appear to be legitimate medical providers despite typically not providing medical services.
Unregulated anti-abortion CPCs have even posted fake confidentiality clauses. According to an urgent new report in Ms. Magazine, hundreds of unregulated CPCs use HIPAA language despite not being regulated by the law.
As an HHS spokesperson recently told NBC News, “A crisis pregnancy center that provides services for free and does not bill health insurance does not meet the definition of a covered entity under HIPAA and therefore the HIPAA Privacy, Security, and Breach Notification Rules (‘HIPAA Rules’) do not apply.”
Meanwhile, the anti-abortion activists that run these unregulated pregnancy centers target and collect information from children as young as 13 years old.
No one outside the CPC industry seems to know what these anti-abortion activists do with our information, who they share it with, or where it’s stored.
What we do know is that the CPC industry recklessly posted private health information to the open internet.
A public complaint concerning anti-abortion collection of our data was filed in Pennsylvania.
In April, watchdog organization Campaign for Accountability (CfA) filed public complaints in several states, including Pennsylvania and New Jersey, calling for an investigation into the CPC industry’s data collection and privacy practices.
The Pennsylvania complaint urges Attorney General Michelle Henry to investigate if Options Women’s Center in Scranton has violated Pennsylvania’s Unfair Trade Practices and Consumer Protection Law by engaging in deceptive or unfair trade practices, and whether OWC violated the prohibitions against intentional or negligent misrepresentation.
Per the complaint, OWC is not licensed or regulated by the state’s Department of Health and doesn’t list medical staff on its website, but “presents itself as a traditional medical clinic, featuring images of medical equipment and professionals wearing medical attire.”
OWC is, however, affiliated with anti-abortion groups CareNet and Heartbeat International – the anti-abortion organization that posted client information on YouTube.
More from the complaint:
“By claiming its services are ‘confidential,’ that the clinic complies with HIPAA, and that those who believe the confidentiality of their data has been compromised can file a complaint with HHS, none of which is accurate, OWC appears to be engaging in an act or a practice that has the ‘capacity or tendency to deceive,’ in violation of the UTPCPL.”
We deserve to be protected from the unregulated collection, storage, and potential sharing of our personal health data, especially when the data is obtained through misleading assurances of legal confidentiality.
Are you worried you gave your private information to an unregulated anti-abortion pregnancy center?
If you have recently gone to a pregnancy center or chatted online with a pregnancy help service, you should check if it was a legitimate medical provider regulated by HIPAA or anti-abortion activists collecting your information without a legal obligation to keep it confidential.
If you aren’t sure, you can ask us by emailing info@womenslawproject.org.
If you believe you have received misleading or false information about pregnancy-related resources and services provided in Pennsylvania, including related to privacy, the Office of Attorney General encourages you to fill out a complaint form.
You can fill out the form anonymously.
If you have questions or need help, get in touch with us.
