In the wake of the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, many individuals and organizations have expressed uncertainty about the protection afforded to data stored on health apps, including cycle trackers. As a result, the U.S. Department of Health & Human Services Office for Civil Rights (OCR) has issued guidance on multiple issues concerning the collection and sharing of personal health data. Recently, they issued guidance clarifying the extent to which information collected by cycle trackers and other health apps is protected. The OCR also provided tips for individuals wishing to protect the data stored on their personal devices or potentially shared with third parties.
Key Takeaway: Most importantly, the OCR made clear that the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA) generally do not protect the privacy or security of your health information when it is stored on your personal mobile device. Those rules protect the privacy and security of your medical and other health