Millions of women use reproductive health applications (or “apps”) to track menstrual cycles, ovulation, and pregnancy. These apps provide women that use the rhythm method for birth control and women seeking to become pregnant access to more accurate information about their reproductive systems. To accurately track a user’s reproductive cycles, many health apps need the users to share highly sensitive and personal health data. This sensitive data is generally stored and may include dates of ovulation, conception, pregnancy start, and pregnancy end, if applicable. Needless to say, reproductive health app developers manage and maintain a data platform that contains some of the most sensitive and private information about their customers.
The highly sensitive and private customer information contained in reproductive health apps has been thrust to the forefront of the evolving landscape of abortion laws in the United States. The U.S. Supreme Court (“SCOTUS”) decision to overturn Roe v. Wade authorizes states to limit, restrict, and criminalize abortion. As many as half of all U.S. states have some form of an abortion ban in effect, or one that is expected to take effect in the near future, due to the SCOTUS decision. These abortion ban laws are frequently referred to as “trigger laws.” State laws that criminalize abortion could have an immediate impact on how reproductive health apps implement and enforce personal health data security measures (i.e., privacy policies and procedures).
Read the alert here.