Businesses Grappling With Post-Roe Data Privacy Questions

Business owners, health platform providers, and employers are in the process of analyzing a host of thorny data privacy questions that loom now that the US Supreme Court has overturned Roe v. Wade.

Jessica Davis, Senior Editor

July 1, 2022

7 Min Read
Klaus Ohlenschlaeger via Alamy Stock Photos

The implications of the US Supreme Court overturning its own longstanding precedent set in the Roe v. Wade case that legalized abortion 50 years ago will be most harshly felt by people who have the potential to become pregnant. However, there are also ramifications across businesses as well. Those who have the potential to become pregnant -- about half the population between the ages of approximately 12 and 50 -- is impacted. That means half the consumers, half the employees, and many business owners.

Here's a look at what several businesses are doing in response to the ruling.

Period Tracking App Ups Privacy Controls

Co-founder of Bellabeat, Urška Sršen, says that her company will roll out the strongest data protection available in a menstrual cycle tracking app in July in the form of a new private encryption key in response to the Supreme Court’s decision. The Y Combinator company formed in 2014 to fill a niche in the wearable market with the Leaf health tracker specifically targeted to women’s health, including reproductive cycle tracking and mindfulness, and they’ve also added the standard set of wearable tracking capabilities such as readiness, heart rate, heart rate variability, and other metrics. The company now has 8 million users globally, with most of them in the United States.

urska_for_informaCP.jpeg

“The conversations we have had internally in the team are literally surreal, like it’s a dystopian situation,” Sršen says. “Now after a week of contemplation and really calming down, we are constantly thinking about the worst-case scenarios, but I think what women are afraid of right now is extreme situations.”

When the Supreme Court decision came down and privacy advocates started recommending that people delete their period tracking apps to protect themselves from law enforcement in states that outlawed abortion, it was an alarming development for a company that offers such tracking, and not just because of the potential impact to the business.

“Right now, there’s no other tools [besides apps] that help them in the same way to track and map their cycles, and also plan their reproductive health, and life and future,” Sršen says. “So it’s concerning that women could lose access to these kinds of tools.”

However, she notes that data has not been targeted as a means of investigation or enforcement against in other countries where abortion is illegal, such as Poland. Of course, in the European Union, she says, all the data in user apps are protected by GDPR, “so in Europe it’s virtually impossible for any individual law body or a court to extort data from a company, especially sensitive private data.”

In addition, even in the US, which lacks a national data privacy law, app data may not be the easiest path for law enforcement to follow if they are looking to build a case against a person seeking abortion or aiding someone seeking abortion.

That’s especially true as Bellabeat rolls out the new private key encryption. It may be more annoying for people who menstruate to use, requiring passwords each time a user accesses the app, but it will ensure that no one -- not even Bellabeat itself -- will have access to the data, which will live in an encrypted state in the cloud.

Healthcare Platform Providers

As a provider of a healthcare platform to healthcare providers, Yosi Health is at the forefront of providing healthcare data privacy and security. Thus far the company has focused attention on ensuring protection for patient data with controls such as encrypted channels for EMR systems. However, the Supreme Court ruling poses a new threat to the confidentiality of patient data.

hari-cp.jpg

“We believe this is a watershed moment for everyone involved in providing health care to people, and we should come together to figure out a framework for data management,” says Yosi CEO Hari Prasad. “Right now law enforcement could come after companies. We would strongly support any initiative for legislators to collaborate with tech platforms to create a framework.”

HIPAA does not protect patient medical information from law enforcement, according to the Electronic Frontier Foundation, and with many different abortion laws across the country and no laws protecting patient data or tech platforms, law enforcement can target tech companies to access patient data, Prasad says.

Prasad notes that state laws may allow prosecutors to seek warrants for information from third-party companies, leaving tech platforms for health data open to be targeted. Currently, Yosi Health operates in 49 of the 50 states, and it is among many different tech companies that offer platforms for health care providers.

“This is why we strongly believe that the legislators and tech companies need to come together to establish and make sure there’s a framework that exists for the appropriate patient information with the patient’s consent,” Prasad says.

But it’s still early days. “This is pretty new in terms of a renewed concern for privacy,” he says. “Patients’ data privacy is important to us.”

Bloomberg reported this week that President Biden was drafting a letter to ask the US Federal Trade Commission to shield medical records related to abortion and data collected by health and period tracking apps. This includes location-tracking services. Bloomberg also reported that the US Department of Health and Human Services issued guidance telling healthcare providers that they are not required, and they are often prohibited from disclosing private healthcare information related to abortion and other sexual and reproductive healthcare.

Protecting Employees

Some businesses were quick to step up to support their employees after the Supreme Court ruling by providing workers with an additional benefit of covering abortion-related travel expenses.

Even as some states in the country enacted trigger laws to outlaw abortion in their jurisdictions immediately when the court ruling was issued, companies including Apple, Amazon, Google, Meta, Microsoft, Salesforce, and Uber were among those that came out with policies to cover travel expenses for employees seeking abortions in states where it remains legal.

But the move to cover these expenses brings to light another data privacy concern for employees, employers, and companies. Can that employee data be legally seized by law enforcement looking to find out about certain employee travel?

On June 24, after the Supreme Court issued its ruling, Salesforce CEO Marc Benioff tweeted: “I believe CEOs have a responsibility to take care of their employees -- no matter what. Salesforce moves employees when they feel threatened or experience discrimination. To our Ohana -- we always make sure you have the best benefits & care, & we will always have your back. Always.”

When asked for additional details about how the plan would be implemented to protect employee privacy, a spokesperson said that the company would not be commenting beyond Benioff’s tweet.

A spokesperson from EBay told TechCrunch that the company had expanded benefits for travel reimbursement so employees and beneficiaries can be reimbursed to travel in the US for access to abortion treatment if it is not available locally. To preserve privacy and confidentiality, the process will be managed through the company’s healthcare carriers, effectively shielding EBay from the risks that would come from knowing about that kind of sensitive employee data.

What to Read Next:

Roe v. Wade and the New, Murky Data Privacy Morass

What Federal Privacy Policy Might Look Like If Passed

Connected Healthcare Takes Huge Leap Forward

About the Author

Jessica Davis

Senior Editor

Jessica Davis is a Senior Editor at InformationWeek. She covers enterprise IT leadership, careers, artificial intelligence, data and analytics, and enterprise software. She has spent a career covering the intersection of business and technology. Follow her on twitter: @jessicadavis.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights