Washington educational resource

How does Washington's My Health My Data Act apply to abortion-travel data?

Abortion-travel data is the cleanest single fact pattern for Washington's My Health My Data Act. The data combines health status (the procedure sought), location (travel to and around clinics), timing (correlating with cycle, pregnancy-test, or referral entries), search behavior (queries about providers, medications, or travel logistics), and adtech infrastructure (the campaigns and analytics partners that consume the same signal stream). Each component is consumer health data under Chapter 19.373 RCW. Together they create exactly the risk profile MHMDA was drafted to address.

AI Legal Analyst

Ask my AI Legal Analyst about Washington consumer health data and MHMDA?

Tap a question for an instant, free answer (no email needed), or describe your product and the analyst routes you to the right next step.

Common Washington consumer-health-data questions, always free

Does Washington MHMDA even apply to my product? I am not HIPAA-covered, am I in the clear? Are my analytics and AI-API calls sharing events? Do I need a separate consumer health data privacy policy? Is one "I agree" checkbox enough for consent? What happens if I get this wrong?

Loading the AI Legal Analyst...

Last legally reviewed: 2026-05-19. Citations verified against Chapter 19.373 RCW on app.leg.wa.gov. MHMDA reaches out-of-state companies that conduct business in Washington or target products or services to Washington consumers and determine the purposes and means of processing consumer health data.

The 2,000-foot geofence prohibition (RCW 19.373.080)

RCW 19.373.080 is the section that does the most work for abortion-travel privacy. It is unlawful to implement a geofence around an entity that provides in-person healthcare services where the geofence is used to identify or track consumers seeking healthcare services, collect consumer health data, or send notifications, messages, or advertisements related to consumer health data or healthcare services. "Geofence" under RCW 19.373.010 is a virtual boundary within 2,000 feet of the perimeter of the physical location.

For abortion-travel the rule reaches campaigns and SDKs that target users near an abortion provider, a Planned Parenthood clinic, a hospital running an abortion or reproductive line, a pharmacy filling medication-abortion prescriptions, or an airport or transit hub where the targeting is tied to known clinic-area arrivals. The prohibition is categorical; there is no consent override. A campaign that collects location near the facility, identifies users present in the area, or sends a notification or message related to reproductive-healthcare services is on the wrong side of the section.

Sale of consumer health data (RCW 19.373.070)

RCW 19.373.070 makes it unlawful to sell consumer health data without a written authorization with all nine elements: identification of the data, seller and buyer contact, description of purpose, statement that provision of goods or services may not be conditioned on signing, revocation right, redisclosure notice, one-year expiration, and signature plus date. "Sale" under RCW 19.373.010 includes exchanges for monetary or other valuable consideration, which sweeps in data-broker arrangements and analytics partnerships that pass abortion-travel signals downstream in exchange for services or insight.

Two-layer consent (RCW 19.373.030)

RCW 19.373.030 requires affirmative opt-in consent for collection of consumer health data and a separate, distinct consent for sharing. For abortion-travel signals collected from a Washington user, both consents are required, and a single terms-of-service or app-permission acceptance is not enough. The authorization request must disclose data categories, purpose and usage methods, receiving entities, and the withdrawal mechanism.

The per-se Consumer Protection Act bridge (RCW 19.373.090)

RCW 19.373.090 makes any MHMDA violation a per-se Washington CPA violation. A Washington consumer plaintiff pleads the public-interest and unfair-or-deceptive elements automatically; injury and causation still must be pled and proved. The remedy under RCW 19.86.090 is actual damages, discretionary trebling up to $25,000, and one-way attorney's fees to a prevailing plaintiff. The four-year SOL under RCW 19.86.120 applies. Abortion-travel matters are exactly the kind of fact pattern where the per-se framework is most likely to be tested.

Companies most exposed. The exposure here is not just on the apps that collect cycle or pregnancy data. It extends to map apps, navigation SDKs, travel-booking platforms, rideshare apps, payment apps, and any product whose ad-tracking SDK consumes location near a Washington clinic. The 2,000-foot perimeter is mechanically broad. If your product touches Washington users and your SDK inventory has not been audited against a Washington-clinic address list, this is the matter to look at first.

Sergei's practical note

Abortion-travel privacy is the area where I see the largest gap between what operators believe their stack does and what their SDKs actually do. The ad-tech vendor explanations are not always candid about the location signal flow, and the operator inherits the responsibility. The MHMDA review here is concrete: enumerate the SDKs, list the partners, map the location-signal flow against the 2,000-foot perimeter around a known list of healthcare facilities, and document where the campaign or partner relationship needs to change. Send the SDK inventory, the partner list, the ad-platform configuration, and the privacy-policy URL, and I will scope the work.

Payment

Flat fee, paid up front through a secure PayPal checkout, so the budget is fixed before any work starts. The flat fee for the Healthcare SaaS Legal Package is $2,500. There is no hourly meter and no surprise invoice. If a matter is unusually large or turns into extended negotiation, I tell you before any additional work and we agree on scope first.

Delivery

Drafts in 2 to 3 business days, even for complex agreements. I work weekends when a matter needs it and it is engaged. You receive the work product by email in an editable format, with brief written comments explaining the key issues and the reasoning behind the main choices.

Process

Send the materials. Email me your current documents, screenshots, and a short description of the product and the Washington consumers it touches.
I confirm scope and run a conflict check. Engagement begins only after that check and a written confirmation of what is included.
I draft or review. You get the deliverable with plain-language comments on the highest-risk items first.
We refine. Reasonable revision rounds are included so the final version fits how your product actually works.

Scope

This is attorney-supervised regulatory and document work under my California license: issue spotting, compliance planning, drafting, and review. It is not Washington court representation. For Washington filings, litigation, or any court appearance, I coordinate with Washington-admitted counsel. Nothing here creates an attorney-client relationship until a conflict check clears and an engagement is confirmed in writing.

Related Washington resources

For the full statutory walkthrough, see my Washington My Health My Data Act resource. The Reproductive-Health Geofencing Ban page covers RCW 19.373.080 in more depth, and the Geofencing Risk for Adtech page applies the prohibition to specific SDK and campaign configurations. To run the triage, see my Reproductive Health Data Risk Checker.

Need this handled end to end? The $2,500 Healthcare SaaS Legal Package

A flat-fee package for digital health and SaaS founders: HIPAA and BAA posture, Terms of Service and privacy policy, and the consumer-health-data layer that MHMDA adds on top. Reviewed under California license; for Washington court representation I coordinate with Washington-admitted counsel.

Request this package · $2,500

See the full Healthcare SaaS legal stack → or email me directly for a scoped quote.

Educational resource. Sergei Tokmakov is a California attorney (CA Bar #279869) currently seeking admission to the Washington State Bar. Nothing on this page creates an attorney-client relationship or is Washington legal advice.