On August 7, 2025, Massachusetts Governor Maura Healey signed into law an Act Strengthening Healthcare Protections in the Commonwealth (the “Act”), which amends the state’s existing “Shield Law” protections for providers of reproductive health and gender-affirming care (“Protected Care”). The Act is the latest response by Massachusetts to the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization (2022), which eliminated the constitutional right to an abortion and returned the authority to regulate reproductive health care to the states. Dobbs has resulted in an uncertain legal landscape where numerous states restricting reproductive care (“Restrictive States”) have enacted broad laws that potentially create liability for out-of-state providers. Like similar laws passed in other states supportive of Protected Care, Massachusetts’ Shield Law intends to limit liability providers might otherwise face in connection with criminal charges, lawsuits, and other investigations originating from these Restrictive States.
This article provides an overview of the Act’s amendments to the Shield Law – itself a series of amendments to relevant statutes – including limitations on a Restrictive State’s ability to reach a Massachusetts provider; heightened confidentiality rules for data relating to Protected Care; and specific requirements for emergency treatment that implicates Protected Care. It also offers key takeaways for providers seeking to protect themselves and their patients from liability in the post-Dobbs world.
New Safeguards Under the Act
The Act layers new safeguards on top of the protections that already existed for providers under the Shield Law. Some of the key safeguards for providers to be aware of include the following:
- Cooperation with Out-of-State Probes. Section 2 of the Act amends the Shield Law to prohibit both state and local agencies (including their officers, employees, and any other person acting on behalf of the agency) from cooperating with or providing information or assistance to any federal agency in connection with an investigation into Protected Care that is legal in Massachusetts. This prohibition expands beyond the earlier protection in the Shield Law, which applied only to investigations by other state agencies and private lawsuits.
- Prescription Drug Considerations. Under Section 7 of the Act, an individual provider may now request that a pharmacist list only the name of the health care practice or facility at which the individual provider works on the label of a drug prescribed for Protected Care (in lieu of the individual provider’s own name). This option intends to help individual providers mitigate any potential risks in connection with “doxxing” practices that may be harmful to their personal reputation or safety. In line with the above prohibition on cooperation with federal agencies, Section 9 of the Act also states that details about drug prescriptions written for Protected Care now generally do not need to be reported to the state’s prescription drug monitoring program unless the Department of Public Health (“DPH”) determines the reporting is necessary for public health purposes. Section 10 of the Act further states that DPH generally may not submit disaggregated or individually identifiable data from the state’s prescription drug monitoring program to any federal agency in connection with an investigation into Protected Care that is legal in Massachusetts.
- Emergency Services. In June 2025, CMS rescinded prior guidance that was issued under the Biden administration in 2022, which instructed hospitals that EMTALA preempted any conflicting state reproductive health restrictions. This prior guidance effectively required hospitals to provide emergency abortion care as needed to stabilize a patient, e.g., in connection with conditions such as ectopic pregnancies and severe preeclampsia. In the absence of this prior guidance, Section 11 of the Act now provides Massachusetts hospitals with clarity on the type of stabilizing treatment they are required to provide in an emergency. It defines “emergency medical condition” to include a variety of reproductive health conditions and “stabilizing treatment” to include “abortion when abortion is necessary to resolve the patient’s injury or emergency medical condition.”
- Electronic Health Information. Section 12 of the Act requires EHR vendors that possess Protected Care data to implement new safeguards that help prevent the data from being improperly used or disclosed to an unauthorized party. Sections 3 and 19 also address certain data privacy concerns through generally prohibiting the Center for Health Information and Analysis (“CHIA”) and other state agencies from disclosing any data that “would allow the identification of a patient or provider in response to an out-of-state or federal inquiry or investigation into” Protected Care.
- Technical Advisory Group. Section 25 of the Act directs DPH to create a technical advisory group that will provide support to providers and other businesses on implementing privacy protections for storing or managing electronic medical records related to Protected Care. The group’s members must include individuals with a variety of experiences from the fields of reproductive health and gender-affirming care, including representatives from Planned Parenthood League of Massachusetts and Fenway Health (which has a longstanding commitment to serving the LGBTQIA+ community), and at least two “persons with lived experience accessing abortion-related health care services or gender-affirming health care services.” The group has not been formed as of the date of this article, but it is required by statute to make its initial recommendations to a joint committee of the Massachusetts Legislature by July 1, 2026.
In addition to the above protections that largely benefit providers, the Act also notably expands other Shield Law protections that intend to limit potential liability for patients, attorneys who advise on Protected Care, insurers that provide reimbursement for Protected Care, and parents of children who seek Protected Care.
Key Takeaways for Providers
While the implementation of the Act is a strong statement that Massachusetts will continue to support Protected Care providers as a matter of public policy, the Shield Law remains untested in court. In the face of this uncertainty, providers can take the following steps to help limit any potential liability to themselves and their patients to the greatest extent possible:
- Develop internal written policies for responding to subpoenas or other requests for medical records or other patient data in connection with an investigation targeting Protected Care;
- Review contracts with EHR vendors to ensure they include reasonable, appropriate safeguards for protecting patient data, and prepare amendments as needed;
- Review existing policies for providing care in circumstances that potentially necessitate abortion services, and amend these policies as needed to ensure patients receive high-quality urgent care in accordance with applicable law;
- Monitor for enforcement actions (likely originating from Restrictive States) against other providers and guidance from Massachusetts agencies on the circumstances under which the Act’s protections should be available to providers; and
- When in doubt, seek legal counsel with experience navigating Massachusetts health care and data privacy regulations.
