Blog

What Lies Ahead for Telehealth after Covid Passes?

HIPAA
September 7, 2020
OCR’s waived penalties for some HIPAA violations for using telehealth during the Covid 19 crisis, and is bound to end eventually. What comes next?

HIPAA and Telehealth After Covid

Due to the nature of the COVID-19 National Public Health Crisis, the Office for Civil Rights (OCR), within the HHS, released a statement regarding their enforcement of HIPAA penalties during this national emergency. The nature of this health crisis has pushed many healthcare operations to be conducted through remote telehealth communication software platforms, most of which are not entirely HIPAA compliant. This decision and statement was made in order to allow providers to use these types of technology to offer the highest quality of service to patients during this time.

In order to slow the spread of COVID-19, there have been stay-at-home orders and recommendations to only leave the house when absolutely necessary. Even when openings have occurred, people with preexisting conditions and caretakers are exercising extreme caution in limiting their interactions. In order to assist with this, covered entities are looking to meet with their patients virtually which means needing to use remote communication technologies that are not guaranteed to be HIPAA compliant. 

Although these exceptions are being made by the OCR, it is recommended that healthcare providers still alert their patients to the potential risks to protected health information (PHI) that are introduced by these applications. Providers must decide whether the possibility of harm is worth the risk for their organization and for their patient’s trust in them. 

Telehealth Communications 

Although the OCR has made steps to allow more telehealth platforms to be able to be used, they have placed one clear restriction on the type of telehealth software that can be used: it must be a non-public facing product. This means that the communication product must default to only allowing the invited parties into the meeting, meaning they most likely use end-to-end encryption. These services allow the meeting owner to have control over settings like meeting recording and muting the sound or video at any point. Non-public facing products include Apple FaceTime, Google Hangouts Chat, Whatsapp Video Chat and more. 

Although this waiver allows for the chance to utilize services that may not be HIPAA compliant, covered entities may still seek to use communication products that are compliant and they are able to sign business associate agreements with. There are vendors who meet these two requirements and are available for telehealth usage: Zoom for Healthcare, Doxy.me, GoToMeeting, Skype for Business and more. Especially with the length of this public health crisis, healthcare providers may be looking for more secure, HIPAA compliant options moving forward. 

Post-COVID Future of Telehealth Usage 

An unexpected outcome of the COVID-19 public health crisis has been the quick transition to a broad usage of a variety of telehealth communication platforms. In the past five months, an adoption of these forms of remote meeting has developed in a way that hasn’t happened in the last five years combined. This widespread usage of telehealth medicine will not disappear as quickly as it was introduced. If patients and providers both realize that high quality healthcare can be delivered through digital communication platforms, then the convenience will require telehealth to stay at the forefront of the industry. 

The OCR’s waiver of HIPAA violations for using telehealth communication options is just a temporary solution during this crisis, and is bound to end eventually. Although even once this waiver is no longer in effect, the impact of telehealth communication on the healthcare industry will still be seen for years down the road. It is likely that we will continue to see the impacts of this public health crisis on telehealth technologies for a long time to come.


More from the Blog

GenixTec has achieved HIPAA Compliance with Accountable

GenixTec has achieved HIPAA Compliance with Accountable

HIPAA and Workforce Training
HIPAA

HIPAA and Workforce Training

Understanding HIPAA Certification
HIPAA

Understanding HIPAA Certification

Is Google Docs HIPAA Compliant?
Compliant Tools

Is Google Docs HIPAA Compliant?

Is Calendly HIPAA Compliant?
Compliant Tools

Is Calendly HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is iCloud HIPAA Compliant?
Compliant Tools

Is iCloud HIPAA Compliant?

President Biden Looks to Boost Cybersecurity at U.S. Ports
Data Security

President Biden Looks to Boost Cybersecurity at U.S. Ports

Get Started
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to chat?

See how some of the fastest growing companies use Accountable to build trust through privacy and compliance.
Trusted by
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of ComplianceGet Support
Solutions
HIPAAGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
SitemapTerms of ServicePrivacy Policy