Blog

Prepare for the End of Telehealth Waivers

News & PR
December 9, 2020
Back in March, the HHS announced the suspension of some penalties for Privacy Rule violations throughout the duration of the COVID-19 crisis. But with a vaccine on the way, covered entities should prepare for the end of these waivers.

Following a declaration of a national emergency by President Trump, on March 15th, the HHS announced that they would temporarily waive some penalties and sanctions for violations of the HIPAA Privacy Rule. Effective March 15th, the waiver applied:

  • in the emergency area identified in the public health emergency declaration;
  • to hospitals that have instituted a disaster protocol
  • for up to 72 hours from the time the hospital implements its disaster protocol.

HIPAA is waiving sanctions and penalties against a covered hospital that is not complying with the following provisions of the HIPAA privacy rule:

  • The requirements to obtain a patient's agreement to speak with family members or friends involved in the patient's care. See 45 CFR 164.510(b).
  • The requirement to honor a request to opt-out of the facility directory. See 45 CFR 164.510(a).
  • The requirement to distribute a notice of privacy practices. See 45 CFR 164.520.
  • The patient's right to request privacy restrictions. See 45 CFR 164.522(a).
  • The patient's right to request confidential communications. See 45 CFR 164.522(b).

Following the conclusion of the National Emergency by either the President or the Secretary of the HHS, a hospital must then comply with all the requirements of the HIPAA Privacy Rule for any patent under its care, even if 72 hours have not passed following the implementation of its disaster protocol.

The intended effect of this waiver was that it allowed covered entities to use platforms like Zoom, Google Hangouts, and Skype to offer telehealth services, which were not compliant with the standards set by the HIPAA law because they were never intended to be used for this purpose.

However, what is clear is that while these current waivers will not continue indefinitely, telehealth and its benefits will continue to stick. Therefore, the responsibility will continue to lie on the covered entities to comply with the regulations of the Privacy Rule. Rather than waiting for the President or the HHS to conclude the State of Emergency, these organizations should work to ensure that their telehealth platforms are compliant with HIPAA, or find alternative solutions.

More from the Blog

How To Comply With the HIPAA Security Rule
HIPAA

How To Comply With the HIPAA Security Rule

Common Examples Of Employee HIPAA Violations and How to Avoid Them
Privacy Compliance

Common Examples Of Employee HIPAA Violations and How to Avoid Them

Five Principles of Risk Management
Risk Management

Five Principles of Risk Management

Is Chat GPT HIPAA Compliant?
News & PR

Is Chat GPT HIPAA Compliant?

What You Need to Know About HIPAA Data Encryption
Data Security

What You Need to Know About HIPAA Data Encryption

HIPAA Training: A Must for Healthcare Businesses
HIPAA

HIPAA Training: A Must for Healthcare Businesses

Navigating HIPAA's Privacy Rule: Your Quick Guide to Accounting for Disclosures
HIPAA

Navigating HIPAA's Privacy Rule: Your Quick Guide to Accounting for Disclosures

Unlocking HIPAA Compliance: A Sneak Peek into Our Revamped Dashboard
Product Updates

Unlocking HIPAA Compliance: A Sneak Peek into Our Revamped Dashboard

Compliance Managment Full Hexagon logo

Expert compliance support, on-demand

Accountable Compliance Success Managers are dedicated to making sure your company is fully compliant as we guide you step-by-step through the process of achieving HIPAA compliance.
Expert guidance
Build trust
Dedicated Compliance Success Managers
HIPAA Training
Decrease risk
Close more deals
Get Started Free
Talk To An Expert
schedule accountable demo
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of ComplianceGet Support
Solutions
HIPAAGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
SitemapTerms of ServicePrivacy Policy