Here is a closer look at some of the HIPAA regulations that have been relaxed at this time.
There is no doubt that we are currently living in unprecedented times. For those businesses that are still operating and have essential services, the need to protect employees and the public has never been greater. This is especially true when it comes to the safekeeping of private health information. The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 by then-President Bill Clinton to provide security for patient health information. It also offered much-needed privacy for health plans and improved efficiency and portability of healthcare and insurance. Now, however, with the COVID-19 pandemic, some HIPAA regulations have been relaxed as a way to assist providers so that they may still deliver needed care. This includes the use of telemedicine services, sharing of health statuses for individuals, virus tracking, and other steps to slow the spread of COVID-19. Here is a closer look at some of the HIPAA regulations that have been relaxed at this time.
HIPAA Regulations & the Privacy Rule
The U.S. Department of Health and Human Services has ruled some of the provisions around the HIPAA Privacy Rule will be waived due to the current pandemic. Penalties can also be imposed against a covered hospital that does not comply.
This went into effect on March 15, 2020, and includes the following provisions:
- Obtain a patient’s agreement to speak with family members or friends involved in the patient’s care. See 45 CFR 164.510(b).
- Honor a request to opt-out of the facility directory. See 45 CFR 164.510(a).
- The requirement to distribute a notice of privacy practices. See 45 CFR 164.520.
- Patient’s right to request privacy restrictions. See 45 CFR 164.522(a).
- Patient’s right to request confidential communications. See 45 CFR 164.522(b).
Still, while this information is critical for the safety of the public during a health crisis, it is important that all efforts are made to limit exposure of information to only the entities who require access and that the details shared are limited to only those required for fighting the spread of COVID-19.
Access to Telehealth Services
The Office of Civil Rights (OCR) has also worked over the last several months to ensure regulatory burdens were not the main focus of providers as they work to fight the national pandemic. By relaxing its enforcement around those areas necessary to provide care and stop the spread of the virus.
This includes an amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act, to allow healthcare providers the ability to communicate with patients and provide services using approved remote communications technologies. Due to how these technologies must operate and may be used, some aspects may not comply totally with HIPAA regulations and rules, so they have been lifted in hopes that those needing care in high-risk communities and with limited access to services can still receive it.
These relaxed HIPAA guidelines will remain in effect until the government feels the virus has been tamed and is no longer a global threat to the public.
At Legal Shred, we understand how important it is that you maintain strict confidentiality and compliance of all information. We are here for you with reliable shredding services to ensure the private data you need to be destroyed is done so quickly and responsibly.
YOU MIGHT ALSO LIKE:
- What are the Warning Signs of Identity Theft?
- What Are Identity Monitoring Services and Do You Need Them?
- Identity Fraud vs. Identity Theft: Know the Difference