Beginning Dec. 23, 2024, covered entities and their business associates must comply with stricter HIPAA privacy protections for reproductive health care. These new protections prohibit regulated entities from using or disclosing protected health information (PHI) related to lawful reproductive health care:
- For a criminal, civil or administrative investigation into (or proceeding against) a person in connection with reproductive health care; or
- To identify an individual, health care provider or other person for purposes related to such an investigation or proceeding.
In addition, regulated entities must obtain a valid attestation when a request is made to use or disclose PHI potentially related to reproductive health care for certain purposes to ensure that the use or disclosure is permissible.
Action Steps
Employers with self-insured health plans and employers with fully insured health plans that have access to PHI (other than certain limited types) should update their HIPAA policies and train affected members of their workforce on the new restrictions for PHI related to reproductive health care. Although the new privacy protections do not specifically require updates to business associate agreements, employers should review the terms of their agreements to determine if updates should be made. In addition, the U.S. Department of Health and Human Services has provided a model attestation form that employer-sponsored health plans may use to ensure a requested use or disclosure of PHI complies with the new privacy protections. Health plans must also update their HIPAA privacy notices for the new privacy protections, although they have until Feb. 16, 2026, to make these updates.
Related Blogs
Protecting Employees’ Medical Information in the Workplace
Employers obtain employees’ medical information for various reasons, such as verifying a reasonable accommodation request, certifying leave or confirming eligibility for disability benefits. At ...
Read More
Systematic Workplace Wellness is the Key to Beating Burnout
The modern American workforce is grappling with significant work-related stress. A recent study from the American Psychological Association found that 77 percent or more ...
Read More
What’s good for the environment may not be good for your 401(k) participants
We’ve had a number of questions from clients about adding environmental, social and governance (ESG) investments in their retirement plan. To date, the law ...
Read More
Medicare Part D Disclosures due by March 1, 2025 for Calendar Year Plans
Group health plan sponsors are required to complete an online disclosure form with the Centers for Medicare & Medicaid Services (CMS) on an annual ...
Read More
Balancing Progress with Nonprofit Executive Compensation
The median executive pay for nonprofits has risen steadily since 2018. However, due to disparities within the sector, the prominence of short and long-term ...
Read More
New Colorado FAMLI Rules Include Employer Penalties
The new rules address the coordination of FAMLI with other benefits and establish penalties for violations. The Colorado Department of Labor and Employment recently ...
Read More