Blog

Prepare for the End of Telehealth Waivers

News & PR
December 9, 2020
Back in March, the HHS announced the suspension of some penalties for Privacy Rule violations throughout the duration of the COVID-19 crisis. But with a vaccine on the way, covered entities should prepare for the end of these waivers.

Following a declaration of a national emergency by President Trump, on March 15th, the HHS announced that they would temporarily waive some penalties and sanctions for violations of the HIPAA Privacy Rule. Effective March 15th, the waiver applied:

  • in the emergency area identified in the public health emergency declaration;
  • to hospitals that have instituted a disaster protocol
  • for up to 72 hours from the time the hospital implements its disaster protocol.

HIPAA is waiving sanctions and penalties against a covered hospital that is not complying with the following provisions of the HIPAA privacy rule:

  • The requirements to obtain a patient's agreement to speak with family members or friends involved in the patient's care. See 45 CFR 164.510(b).
  • The requirement to honor a request to opt-out of the facility directory. See 45 CFR 164.510(a).
  • The requirement to distribute a notice of privacy practices. See 45 CFR 164.520.
  • The patient's right to request privacy restrictions. See 45 CFR 164.522(a).
  • The patient's right to request confidential communications. See 45 CFR 164.522(b).

Following the conclusion of the National Emergency by either the President or the Secretary of the HHS, a hospital must then comply with all the requirements of the HIPAA Privacy Rule for any patent under its care, even if 72 hours have not passed following the implementation of its disaster protocol.

The intended effect of this waiver was that it allowed covered entities to use platforms like Zoom, Google Hangouts, and Skype to offer telehealth services, which were not compliant with the standards set by the HIPAA law because they were never intended to be used for this purpose.

However, what is clear is that while these current waivers will not continue indefinitely, telehealth and its benefits will continue to stick. Therefore, the responsibility will continue to lie on the covered entities to comply with the regulations of the Privacy Rule. Rather than waiting for the President or the HHS to conclude the State of Emergency, these organizations should work to ensure that their telehealth platforms are compliant with HIPAA, or find alternative solutions.

More from the Blog

GenixTec has achieved HIPAA Compliance with Accountable
Compliant Tools

GenixTec has achieved HIPAA Compliance with Accountable

HIPAA and Workforce Training
HIPAA

HIPAA and Workforce Training

Understanding HIPAA Certification
HIPAA

Understanding HIPAA Certification

Is Google Docs HIPAA Compliant?
Compliant Tools

Is Google Docs HIPAA Compliant?

Is Calendly HIPAA Compliant?
Compliant Tools

Is Calendly HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is iCloud HIPAA Compliant?
Compliant Tools

Is iCloud HIPAA Compliant?

President Biden Looks to Boost Cybersecurity at U.S. Ports
Data Security

President Biden Looks to Boost Cybersecurity at U.S. Ports

Get Started
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to chat?

See how some of the fastest growing companies use Accountable to build trust through privacy and compliance.
Trusted by
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of ComplianceGet Support
Solutions
HIPAAGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
SitemapTerms of ServicePrivacy Policy