REPRODUCTIVE HEALTH PRIVACY
Strengthens patient control and segregation of abortion and gender dysphoria data in electronic health networks, restricting cross-border sharing.
Strengthens patient control and segregation of abortion and gender dysphoria data in electronic health networks, restricting cross-border sharing.
Title (as amended): Reproductive Health Records Privacy Act
Purpose and intent
- Establishes a robust privacy framework to protect electronic health information related to abortion, abortion-related health care services, and gender dysphoria.
- Aims to restrict cross-border disclosure of protected health information (PHI) and require segregation of sensitive data within electronic health networks (EHNs).
Key definitions (Section 5)
- Abortion: Defined using the Reproductive Health Act’s definition.
- Abortion-related health care services: Encompasses all medical, behavioral health, mental health, surgical, diagnostic, preventive, rehabilitative, or supportive care related to an abortion.
- Electronic health network (EHN): Entities providing software/services that facilitate electronic exchange of health information or developers of certified health information technology.
- Protected health information (PHI): Includes
- Abortion and abortion-related health care data (including associated CPT/HCPCS codes and related services).
- Specific medical diagnosis codes for abortion-related conditions (e.g., complications, elective termination, mifepristone, etc.).
- Medical diagnosis codes related to gender dysphoria.
- Patient: Any person receiving care in Illinois.
Key provisions
1) Segregation and restricted disclosure of PHI (Section 10)
- EHNs must prevent outside disclosure of PHI related to abortion, abortion-related health care, and gender dysphoria, except for:
- Technical support
- Quality assurance
- Billing/adjudication of claims
- Disclosure to a specific treating provider or to a parent/guardian with consent, as permitted by state law
- EHNs must have capabilities to:
- Filter/restrict PHI in disclosures
- Parse restricted codes and convey non-prohibited information
- Allow patient consent to share PHI with a specific treating provider
- Prohibition on notifying external entities that PHI has been segregated from a patient’s record
- Department of Public Health may adopt rules to implement these provisions
- Fees to comply with this section must align with federal standards (45 CFR 171.302)
- This section does not apply to ordinary health care providers
2) Patient control over sharing PHI (Section 15)
- Patients may direct that PHI related to abortion/abortion-related care be shared (in whole or in part) with a specific treating provider outside Illinois via an EHN.
- Patients may revoke prior sharing directives.
- EHNs must provide meaningful information about patient rights to direct sharing.
- Participation in sharing decisions by EHN participants cannot be conditioned on the patient’s disclosure choice.
3) Violations and enforcement (Section 20)
- Individuals aggrieved by a violation of the Act by an EHN may sue.
- Remedies include actual damages, injunctive relief, and reasonable attorney’s fees and costs, plus other relief as appropriate.
Other structural elements
- Severability: Provisions are severable.
- Effective date: July 1, 2027.
Administrative and procedural context
- The amendment ( Amendment No. ) replaces the text after the enacting clause with the above.
- The bill has an existing history in committee and floor actions, with multiple co-sponsors and amendments filed in April 2026.
- The bill is targeted at electronic health information networks and health IT systems that manage sensitive reproductive health data.
Potential impact and who is affected
- Affects electronic health networks and health IT systems, health care providers that participate in cross-state data exchanges, and patients seeking abortion-related or gender dysphoria-related care.
- Strengthens patient control over sensitive PHI and imposes segregation/disclosure constraints to limit cross-border data sharing.
- May influence how abortion and gender dysphoria data is coded, stored, and transmitted (codes listed in PHI definition).
- Creates potential for legal action against EHNs failing to comply, with damages and attorney’s fees available to plaintiffs.
Key dates and timelines
- Filed: February 5, 2026
- Amended and reported through committees in April 2026
- AMENDED text specifies an effective date of July 1, 2027
Notes for readers
- The act focuses on privacy protection for highly sensitive reproductive health information within electronic exchanges.
- It balances patient privacy with limited, explicitly permitted disclosures for care coordination, billing, QA, and technical support.
- The Department of Public Health would have regulatory authority to implement and enforce the Act.
Compiled from official sources — confirm details with the bill’s official record.
Sign in to ask a question.