by | April 25, 2025

Medical Privacy: When Your Records Become Evidence

Medical privacy laws like HIPAA fail to protect abortion seekers in post-Roe America. Learn what’s at stake and how to stay safe.
A doctor with a stethoscope in an illustration of medical privacy.

Your right to medical privacy for abortions—or any other medical care is covered by the Health Insurance Portability and Accountability Act (HIPAA). The main goal of this 1996 federal law was to protect patient privacy, but in a post-Dobbs era, we’re seeing the protection of our privacy dismantled in real time.

State prosecutors are already tracking medication shipments, demanding patient records from hospitals, and forcing doctors to report people seeking abortions. Some prosecutors target anyone searching for abortion services online. In Louisiana, a grand jury indicted Dr. Margaret Carpenter, a New York-based physician, for prescribing abortion pills via telemedicine to a minor in Louisiana, violating the state’s stringent abortion laws.

Lawmakers pushing these policies claim to respect medical privacy, but they only care about furthering an agenda that deprives people of their access to abortion and other reproductive healthcare. When it comes to reproductive healthcare, they will violate privacy, criminalize patients, and surveil medical decisions.

The 2025 DOGE data breaches expose how easily powerful institutions access and manipulate sensitive information. Reports indicate that DOGE operatives accessed sensitive information across multiple agencies, including the Office of Personnel Management and the U.S. Treasury.  If government agencies can’t protect private employment data, they won’t be able to protect patient records, abortion prescriptions, or digital footprints.

To make matters worse, HIPAA, the law that’s supposed to protect patients, offers no real defense against law enforcement in states where abortion is a crime.

Abortion bans turn medical records into evidence and turn doctors into informants. Abortion seekers and providers deserve more than loophole-ridden privacy laws. Without real protections, no one’s health data is safe.

HIPAA and the Illusion of Privacy

Lawmakers and healthcare providers assure patients that HIPAA protects their medical records, but in states where abortion is illegal, that’s no longer the case.

HIPAA was never designed to shield patients from law enforcement or politically motivated investigations. It’s only supposed to stop insurance companies and hospitals from sharing your data for marketing. In states where abortion is no longer legal, your access to certain kinds of healthcare is now a crime.

In those states, police and prosecutors can subpoena medical records, pharmacy logs, and even text messages, and HIPAA does not block these requests. If a hospital or clinic refuses to comply, the state can threaten them with legal action or force them to hand over patient data.

This is already happening. In Nebraska, authorities used private Facebook messages to prosecute a teenager and her mother for a self-managed abortion. They had no HIPAA protection. In Texas, a hospital reported a woman for an abortion-related complication, and the state launched an investigation. She died of her miscarriage due to delays in receiving medical care.

For decades, abortion opponents claimed they only wanted to overturn Roe v. Wade and return the issue to the states. Now, they are building surveillance systems to track, report, and prosecute people seeking care.

The DOGE Data Breaches: A Warning Shot

The DOGE data breaches expose a fundamental flaw in data security. If government agencies can be compelled to give up sensitive financial and employment information, they could also be forced to release medical records. It’s a sea change in how our government can collect and weaponize personal data

Abortion seekers are already under surveillance, but the DOGE breaches show us that even more extreme privacy violations are possible:

  • Federal agencies now have a roadmap for bypassing traditional data protection. If DOGE can access government financial records, what stops officials from accessing records at healthcare providers that receive government funding?
  • State governments could escalate cross-border abortion investigations. If anti-abortion officials learn how to exploit federal data systems, abortion seekers in legal states could be tracked, flagged, and even reported back to their home states.
  • Mass data collection is expanding. If law enforcement can analyze digital footprints for political investigations, abortion seekers aren’t just at risk in states with bans—they are at risk anywhere, at any time.

These breaches reveal what’s coming next. The future of abortion access will be shaped by who controls the data, and right now, that control is shifting into the hands of people determined to criminalize care.

Laws That Violate Your Privacy

Even outside of law enforcement investigations, anti-abortion states are finding ways to expose and penalize abortion seekers.

  • Pharmacies must report prescriptions. Some states require pharmacists to track and report who is getting abortion pills. For instance, CVS Pharmacy requires pharmacists in Alabama, Arkansas, Idaho, Oklahoma, and Texas to confirm the purpose of prescriptions for drugs like methotrexate and misoprostol, which can be used for abortion.
  • Period-tracking apps sell user data. These apps collect intimate health details, and many sell that information to third parties. In states with bans, authorities could access these records to identify suspected abortions.
  • Doctors and nurses face pressure to report patients. Some states, like Texas, have drafted laws that would criminalize healthcare providers who fail to report suspected abortions, forcing healthcare workers to choose between their patients and their own legal safety.

Washington lawmakers are making it easier for states to share medical surveillance data, setting new legal precedents that threaten abortion seekers everywhere.

Who Is Most at Risk?

Medical surveillance isn’t applied equally. Some people will always be more vulnerable than others.

  • Communities of Color. Our neighborhoods are already over-policed, and now we’re being targeted in medical settings. A 2022 report from the Human Rights and Gender Justice Clinic showed disproportionate pregnancy-related arrest rates for Black women in Florida and South Carolina.
  • Young people. Minors seeking abortion care are tracked through parental notification laws and school health services. These delays create barriers for minors that could lead to delays in seeking abortions.
  • Low-Income Patients. People relying on Medicaid or state-funded health programs may face greater government monitoring of their healthcare choices.

States with highly restrictive abortion laws have created an environment where anyone who seeks abortion care could be investigated, reported, or prosecuted—but those who are already marginalized face the highest risk.

What You Can Do

With the current laws, you must take extra steps to protect yourself when seeking an abortion. Healthcare providers and lawmakers have their own responsibilities to protect medical privacy.

Here’s what I recommend:

For Patients

  • Use encrypted messaging apps like Signal when discussing abortion care. Have in-person conversations when possible.
  • Turn off location tracking when researching abortion services.
  • Avoid using credit cards to purchase abortion pills or travel for care—cash and prepaid cards offer more protection.
  • Delete period-tracking apps and avoid entering personal health data online.

For Providers

  • Know your state’s reporting laws—and push back when possible.
  • Move to secure, encrypted platforms for patient communication.
  • Work with legal organizations that defend providers under surveillance.

For Lawmakers

  • Pass stronger federal privacy protections. HIPAA must be updated to protect abortion seekers.
  • Ban the sale of health data. Tech companies should not profit from reproductive surveillance.
  • Prohibit state-to-state abortion investigations. Medical records should not be used as evidence against patients.

Privacy Shouldn’t Depend on Your Zip Code

Abortion bans create a surveillance state where your pregnancy could be subject to prosecution.

No one should have to choose between medical care and legal safety. No one should have to delete a useful app or pay in cash to avoid being criminalized. And no one should accept a system that treats someone who has a miscarriage as a suspect.

Medical privacy isn’t just for people in certain states or with certain kinds of healthcare. It’s a human right. And if it’s not protected now, it won’t exist as we know it today.

If our lawmakers fail to act, we must take individual action. Protect your privacy. Defend your rights. And don’t let anyone tell you that your body, data, or decisions belong to the state.

About Dr. DeShawn

About Dr. DeShawn

Dr. DeShawn Taylor, a gynecologist, gender-affirming care provider, and reproductive justice advocate, has over 21 years' experience as an abortion provider, plus longer advocacy in reproductive healthcare. She leads the Desert Star Institute for Family Planning in Phoenix, Arizona, offering direct care, training, and advocacy to improve healthcare access. Dr. Taylor also serves as an associate clinical professor.