The state of US reproductive privacy in 2025: Trends and operational considerations

The landscape of reproductive rights in the U.S. has changed dramatically since 2022 when the U.S. Supreme Court overturned Roe v. Wade in Dobbs v. Jackson Women's Health Organization.

In the years since, lawmakers and regulators at both the state and federal levels have taken a wide range of actions with respect to reproductive health privacy and abortion rights, with growing divergence between left and right leaning jurisdictions. These new laws and regulations impact a range of sensitive and health-related data. Importantly, new rules that may have been motivated at least in part as a response to Dobbs are frequently not limited to data related to having an abortion and can have much broader impacts.

The resulting 2025 health privacy forecast is a legally complex, politically charged and often directly conflicting array of laws that impact a wide variety of entities across a range of sectors. Impacted organizations must make a series of risk-based decisions that account for and anticipate thorny problems across federal and state-specific legal regimes.

To help navigate these complexities and to reduce risk in preparation for increased regulator and litigation activity, it is critical for organizations to prioritize the following compliance activities:

• Identify systems and databases that store and/or infer reproductive health information with special attention to areas of the product or service that may incidentally process this information, such as messaging features or website tracking technology.
• Based on your findings, set data minimization limits on reproductive health information, determine which reproductive or health privacy laws apply to which types of processing activities and establish a compliance strategy with a combination of organization-wide compliance controls and state-specific variation as needed.
• Review your patient and/or consumer notice, consent and authorization language, and update it where required.
• Establish an internal law enforcement access procedure and train relevant employees.