When exploring medical privacy issues, it's very useful to have an overview of the laws that affect control and privacy of medical information. We encourage you to read our legal overview.
Mandated and permissive abortion reporting
All but four states1 and the District of Columbia require abortion facilities to report on abortions that they perform. These reports can hold sensitive information about people seeking abortion services, but who receives these reports and who has access to them later?
Generally, state departments of public health collect the reports, although in some states they may go to the department of vital statistics. Reporting this information to the Centers for Disease Control (CDC) is permissive, not mandatory, but the majority of states do report. The CDC aggregates the data into annual Abortion Surveillance Reports.
In California such data as the state collects is not reported publicly.
California may also be unique in having a Reproductive Privacy Act, which says that "every individual possesses a fundamental right of privacy with respect to personal reproductive decisions." Also, well before that act’s passage, courts relied on California’s constitutional right to privacy in upholding the right of patients insured by Medicaid to obtain an abortion, and the right of minors to have an abortion without parental consent.
Abortion reporting forms
State reporting forms require different information, which may or may not include method of payment, complications, reason for the procedure, whether the fetus was viable, and whether other state requirements for counseling, parental involvement, or trans-vaginal ultrasound were met. The Guttmacher Institute has a summary of required information by state. A typical state reporting form looks like this one, from Nebraska.
While the reporting form does not include the patient’s name, the demographic data is so extensive that it would not take great skill to identify the individual, particularly in a small town. Along with the facility where the procedure was performed and the name of the physician, all forms ask for the patient’s age, race, ethnicity, marital status, and number of previous live births.
Abortion reports present a conundrum in the health information legal scheme. An abortion facility may or may not be a covered entity under the Health Insurance Portability and Accountability Act (HIPAA), depending on whether it transmits any health information electronically. If a facility is covered, the information in an abortion report is probably Protected Health Information (PHI), and also probably needs to meet HIPAA de-identification standards.2 If so, the reports are not properly de-identified because they generally ask for information about a geographic subdivision smaller than a state—that is, the county where the patient resides.
Public records requests and abortion reporting
The possibility that state abortion reports can be re-identified without difficulty is significant because the forms may be subject to disclosure as public records under state sunshine or freedom of information laws. This makes them fodder in the continuing pro-choice/anti-abortion battles, with violation of patients’ privacy as collateral damage. Two recent news stories highlight the problems involved.
In one instance, an anti-abortion activist in Seattle filed a public records request with the state Department of Health for abortion reports from six clinics. When the Department’s attorneys determined that the state’s public records law required it to release information about patients’ city of residence, age, ethnicity, abortion history, and the date and location of each abortion, Planned Parenthood and other clinics requested and were granted a temporary order to prohibit the release of information specific to a particular clinic and to prevent patients’ hometowns or dates of treatment from being disclosed. Further action is pending in state superior court.
Similarly, Operation Rescue instigated a hearing with the New Mexico Medical Board into the conduct of a doctor who performed a late-term abortion that resulted in complications. The medical board panel conducting the investigation has the authority to subpoena patient records with or without a patient's consent, and is exempt from HIPAA. Because the Medical Board is a state agency, its proceedings are public. Transcripts from the hearing where a Medical Board prosecutor accused the abortion doctor of gross negligence resulted in disclosure of the patient’s detailed treatment information, mental state, religion, city of residence, and family status, although not her name. The doctor was exonerated in February 2013, almost two years after the abortion was performed.
Protecting abortion records
It’s not clear what more could be done to de-identify state abortion-report data, while still enabling it to generate what are considered necessary public health statistics. In the case of legal proceedings, however, it's worth considering closed hearings, with transcripts redacted or kept confidential to protect the privacy of patients.
The Guttmacher Institute tracks sexual and reproductive health issues worldwide—for women as well as men. You can find U.S.-specific information concerning abortion in Guttmacher’s State Policies in Brief: Abortion Reporting Requirements, and California-specific information in State Facts About Abortion: California.
The U.S. Department of Health and Human Services has a "Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule."
- 1. Exceptions are California, New Jersey, and New Hampshire. Maryland has not collected abortion data since 2006.
- 2. Data are considered de-identified according to HIPAA if either (1) an experienced expert determines that the risk that certain information could be used to identify an individual is "very small" and documents and justifies the determination, or (2) the data do not include any of the following eighteen identifiers (of the individual or his/her relatives, household members, or employers) which could be used alone or in combination with other information to identify the subject: names, geographic subdivisions smaller than a state (including zip code), all elements of dates except year (unless the subject is greater than 89 years old), telephone numbers, FAX numbers, email address, Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, certificate/license numbers, vehicle identifiers including license plates, device identifiers and serial numbers, URLs, internet protocol addresses, biometric identifiers, full face photos and comparable images, and any unique identifying number, characteristic or code; note that even if these identifiers are removed, the Privacy Rule states that information will be considered identifiable if the covered entity knows that the identity of the person may still be determined.