logo
logo
logo
MENU
Categories
Hospitals and Health Systems - Audits and ReimbursementHospitals and Health Systems - Consent and TreatmentHospitals and Health Systems - Corporate and GovernanceHospitals and Health Systems - Corporate ComplianceHospitals and Health Systems - Fraud and AbuseHospitals and Health Systems - Government InvestigationsHospitals and Health Systems - Health RecordsHospitals and Health Systems - HIPAA and HITECHHospitals and Health Systems - Managed CareHospitals and Health Systems - Medical Staff IssuesHospitals and Health Systems - Medical Training ProgramsHospitals and Health Systems - MedicareHospitals and Health Systems - Mergers, Affiliations and Joint VenturesHospitals and Health Systems - Peer ReviewHospitals and Health Systems - Professional Services AgreementsMedical SocietiesPharmaceutical Industry - Agreements with PhysiciansPharmaceutical Industry - Clinical ResearchPharmaceutical Industry - Regulatory CompliancePhysicians and Providers - Audits and ReimbursementPhysicians and Providers - CertificationsPhysicians and Providers - CredentialingPhysicians and Providers - Disciplinary ActionsPhysicians and Providers - Employment AgreementsPhysicians and Providers - Fraud and AbusePhysicians and Providers - Government InvestigationsPhysicians and Providers - HIPAA and PrivacyPhysicians and Providers - ImpairmentPhysicians and Providers - LicensingPhysicians and Providers - LitigationPhysicians and Providers - MedicarePhysicians and Providers - Peer ReviewPhysicians and Providers - Practice AcquisitionsPhysicians and Providers - Practice IssuesPhysicians and Providers - Regulatory CompliancePhysicians and Providers - SupervisionPhysicians and Providers - TrainingUncategorized

OCR Will Not Seek Enforcement Action for Use of Non-Compliance Telehealth Communications During the Coronavirus (COVID-19) National Public Health Emergency

OCR Will Not Seek Enforcement Action for Use of Non-Compliance Telehealth Communications During the Coronavirus (COVID-19) National Public Health Emergency

In an effort to make health care more accessible during these unprecedented times, while we deal with the coronavirus (COVID-19) pandemic, the government is relaxing some rules and regulations when it comes to telehealth. As we discussed in our earlier blog post, on March 17th, The Office of Inspector General issued a policy statement waiving sanctions for providers’ waiver of telehealth cost-sharing amounts during the current Public Health Emergency. On the same day, the Office for Civil Rights (“OCR”) at the Department of Health and Human Services (“HHS”), issued a notification of enforcement discretion for telehealth communication, stating that during the national emergency, OCR will exercise its discretion and will not impose penalties for use of audio and video communication technology for telehealth services that may not meet all of HIPAA requirements.

OCR HIPAA Enforcement

OCR is responsible for overseeing compliance and enforcement of regulations issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, to protect the privacy and security of protected health information, namely the HIPAA Privacy, Security and Breach Notification Rules (the HIPAA Rules).

HIPAA Rules require that technology used to provide telehealth services meet certain standards, among them being that the technology is secure to ensure the protection of patients’ privacy and personal health information (“PHI”.) Additionally, HIPAA Rules require that the health care practitioner, a covered entity, have a HIPAA business associate agreement (BAA) with any technology vendor used for telehealth.

Coronavirus Telehealth Services

In order to empower medical practitioners and assist with the access to care for patients, OCR is exercising its enforcement discretion and will not impose penalties against covered entities for using technology to provide telehealth services that may not fully comply with the HIPAA Rules. Meaning, the OCR is temporarily relaxing its enforcement to allow practitioners to use audio and video communication technology, which would normally not be considered to be in compliance with HIPAA.

Specifically, health care providers can use non-public facing audio and video to communicate with patients during the coronavirus nationwide public health emergency. This applies to all telehealth services and does not need to be related to coronavirus. Health care practitioners may choose to examine the patient using a video application of patients who may be exhibiting signs of the coronavirus, but similarly, a health care practitioner may choose to provide treatment for any other medical condition, such as dental, ophthalmological, or psychological and others conditions.

The OCR Notice allows health care practitioners to use video applications without the risk of an enforcement action by the OCR, such as:

  • Apple FaceTime
  • Facebook Messenger video chat,
  • Google Hangout video, or
  • Skype.

However, health care practitioners CANNOT use Facebook Live, Twitch, TikTok, or similar public-facing applications. Additionally, the OCR encourages the practitioners to disclose potential privacy risks to patients, and ask them to enable all available encryption and privacy modes when using the video application.

For those practitioners that may want to utilize a vendor that is HIPAA compliant and is willing to enter into a BAA, the OCR identified the following HIPAA-compliant video communication products (please note that the OCR is not endorsing, certifying or recommending these vendors):

  • Skype for Business
  • Updox
  • Vsee
  • Zoom for Healthcare
  • Doxy.me
  • Google G Suite Hangout Meet

The OCR’s representation that they will not impose penalties for use of a HIPAA noncompliant video communication vendor is applicable only during the coronavirus nationwide emergency.

If you have any questions concerning this post, please contact Sandra Jarva Weiss, Chair of our Health Care & Life Sciences Practice Group, at sjarvaweiss@norris-law.com. For more information, visit our Coronavirus (COVID-19) Preparedness Resource Center.

Share
Related Posts
OSHA Issues COVID-19 Safety Rule: Emergency Temporary Standard (ETS)
Impact of the COVID Pandemic on Physician Employment Agreements
Telemedicine and the COVID-19 Vaccination – What’s on the Horizon for 2021?
Related Posts
OSHA Issues COVID-19 Safety Rule: Emergency Temporary Standard (ETS)
Impact of the COVID Pandemic on Physician Employment Agreements
Telemedicine and the COVID-19 Vaccination – What’s on the Horizon for 2021?
Share
Join our growing team
We are looking for quality attorneys to help us do more for our clients. At Norris McLaughlin, each attorney has the same opportunity to succeed whether you’re at the beginning of a career or pinnacle of the profession.
Subscribe to our content
Receive timely legal information
delivered to your inbox
Subscribe to our content
Receive timely legal information
delivered to your inbox
© 2022, Norris McLaughlin, P.A., All Rights Reserved. Attorney Advertising.
Meritas

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume you consent to our cookie policy. Learn more