New Yorkers Deserve Stronger Health Data Protections Now—Governor Hochul Can Make It Happen

EFF update
1 month ago

With the rise of digital surveillance, securing our health data is no longer just a privacy issue—it's a matter of personal safety. In the wake of the Supreme Court's reversal of Roe v. Wade and the growing restrictions on abortion and gender-affirming care, protecting our personal health data has never been more important. And in a world where nearly half of U.S. states have either banned or are on the brink of banning abortion, unfettered access to personal health data is an even more dangerous threat.

That’s why EFF joins the New York Civil Liberties Union (NYCLU) in urging Governor Hochul to sign the New York Health Information Privacy Act (A.2141/S.929). This legislation is a crucial step toward safeguarding the digital privacy of New Yorkers at a time when health data is increasingly vulnerable to misuse.

Why Health Data Privacy Matters

When individuals seek reproductive health care or gender-affirming care, they leave behind a digital trail. Whether through search histories, email exchanges, travel itineraries, or data from period-tracker apps and smartwatches, every click, every action, and every step is tracked, often with little or no consent. And this kind of data—however collected—has already been used to criminalize individuals who were simply seeking health care

Unlike HIPAA, which regulates 'covered entities'—providers of treatment, payors/insurers—who are part of the traditional health care system and their ‘business associates,’ this bill would expand its reach to cover a broad range of 'new' entities. These include data brokers, tech companies, and others in the digital ecosystem, who can access and share this sensitive health information. The result is a growing web of entities collecting personal data, far beyond the scope of traditional health care providers.

For example, in some states, individuals have been investigated or even prosecuted based on their digital data, simply for obtaining abortion care. In a world where our health choices are increasingly monitored, the need for robust privacy protections is clearer than ever. The New York Health Information Privacy Act is the Empire State’s opportunity to lead the nation in protecting its residents.

What Does the Health Information Privacy Act Do?

At its core, the New York Health Information Privacy Act would provide vital protections for New Yorkers' electronic health data. Here’s what the bill does:

  • Prohibits the sale of health data: Health data is not a commodity to be bought and sold. This bill ensures that your most personal information is not used for profit by commercial entities without your consent.
  • Requires explicit consent: Before health data is processed, New Yorkers will need to provide clear, informed consent. The bill limits processing (storing, collecting, using) of personal data to “strictly necessary” purposes only, minimizing unnecessary collection.
  • Data deletion rights: Health data will be deleted by default after 60 days, unless the individual requests otherwise. This empowers individuals to control their data, ensuring that unnecessary information doesn’t linger.
  • Non-discrimination protections: Individuals will not face discrimination or higher costs for exercising their privacy rights. No one should be penalized for wanting to protect their personal information.
Why New York Needs This Bill Now

The need for these protections is urgent. As digital surveillance expands, so does the risk of personal health data being used against individuals. In a time when personal health decisions are under attack, it’s crucial that New Yorkers have control over their health information. By signing this bill, Governor Hochul would ensure that out-of-state actors cannot easily access New Yorkers’ health data without due process, protecting individuals from legal actions in states that criminalize reproductive and gender-affirming care.

However, this bill still faces a critical shortcoming—the absence of a private right of action (PRA). Without it, individuals cannot directly sue companies for privacy violations, leaving them vulnerable. Accountability would fall solely on the Attorney General, who would need the resources to quickly and consistently enforce the new law. Nonetheless, the Attorney General’s role will now be critical in ensuring this bill is upheld, and they must remain steadfast in implementing these protections effectively.

Governor Hochul: Sign A.2141/S.929

The importance of this legislation cannot be overstated—it is about protecting people from potential legal actions related to their health care decisions. By signing this bill, Governor Hochul would solidify New York’s position as a leader in health data privacy and take a firm stand against the misuse of personal information.

New York has the power to protect its residents and set a strong precedent for privacy protections across the nation. Let’s ensure that personal health data remains in the hands of those who own it—the individuals themselves.

Governor Hochul: This is your chance to make a difference. Let’s take action now to protect what matters most—our health, our data, and our rights. Sign A.2141/ S.929 today.

Rindala Alajaji

【日本被団協】いまこそ核兵器廃絶へ= 田中田中熙巳さんメッセージ

日本ジャーナリストクラブ(JCJ)
1 month ago
             人類への大きな貢献と世界の平和を目指して、制定されたノーベル賞の2024年度の平和賞に、日本原水爆被害者団体協議会(日本被団協)が選ばれた。12月の授賞式には、日本から多数の被爆者と支援団体の人々が参加、核廃絶の早急の実現を訴えた。授賞式で受賞演説をした、代表委員の一人、田中熙巳(てるみ)さんに、受賞をどう受け止めたか、忙しさを押してメッセージを寄せてもらった。 編集部 昨2024年10月11日夕、私たち日本被団協の役員の誰もが全く思いもかけていなか..
JCJ