Beginning Dec. 23, 2024, covered entities and their business associates must comply with stricter HIPAA privacy protections for reproductive health care. These new protections prohibit regulated entities from using or disclosing protected health information (PHI) related to lawful reproductive health care:
- For a criminal, civil or administrative investigation into (or proceeding against) a person in connection with reproductive health care; or
- To identify an individual, health care provider or other person for purposes related to such an investigation or proceeding.
In addition, regulated entities must obtain a valid attestation when a request is made to use or disclose PHI potentially related to reproductive health care for certain purposes to ensure that the use or disclosure is permissible.
Action Steps
Employers with self-insured health plans and employers with fully insured health plans that have access to PHI (other than certain limited types) should update their HIPAA policies and train affected members of their workforce on the new restrictions for PHI related to reproductive health care. Although the new privacy protections do not specifically require updates to business associate agreements, employers should review the terms of their agreements to determine if updates should be made. In addition, the U.S. Department of Health and Human Services has provided a model attestation form that employer-sponsored health plans may use to ensure a requested use or disclosure of PHI complies with the new privacy protections. Health plans must also update their HIPAA privacy notices for the new privacy protections, although they have until Feb. 16, 2026, to make these updates.
Related Blogs
Pharmacy
PUBLISHED
August 26th, 2025
WHAT LOOKS LIKE A PHARMACY BENEFIT SOMETIMES ISN’T: THE J-CODE CONUNDRUM
Chris Antypas
From what I’ve seen, more than three quarters of employers are facing at least one J-code issue. And because medically administered and infused drugs ...
Read More
Compliance
PUBLISHED
August 21st, 2025
Keeping Up with Compliance Quarterly—Q3 2025
DeAnn Deck
Keeping up with compliance developments can be difficult and time-consuming. This quarterly update highlights recent legal developments to help your organization stay on top ...
Read More
Benefits+
PUBLISHED
August 14th, 2025
Small Changes, Big Impact: Low-Cost Ways to Support Employees through Inflation
Julie Bingham
As inflation headlines re-emerge, many employers are contemplating shifts in their remote and hybrid work policies. Organizations are working hard to balance two competing ...
Read More
Compliance
PUBLISHED
August 8th, 2025
DOL Issues Updated Model Employer CHIP Notice
DeAnn Deck
The U.S. Department of Labor (DOL), through its Employee Benefits Security Administration (EBSA), has released a new model Employer CHIP Notice with information current ...
Read More
Benefits+
PUBLISHED
August 7th, 2025
How Employers Should Handle MLR Rebates
DeAnn Deck
The Affordable Care Act (ACA) established medical loss ratio (MLR) rules to help control health care coverage costs and ensure that enrollees receive value ...
Read More
Compliance
PUBLISHED
August 6th, 2025
ACA Affordability Percentage Will Increase for 2026
DeAnn Deck
The IRS released Revenue Procedure 2025-25 to index the contribution percentage in 2026 for determining the affordability of an employer’s health plan under the ...
Read More