NEW:

Cybersecurity Learning Bundle
Menu +

Resource Details

Menu

Using Non-Traditional Technology for Telehealth During COVID-19 Pandemic


Issue Brief for implementing commercial applications for telehealth consistent with March 2020 OCR Guidance

Year Developed: 2020

Resource Type: Publication.

Primary Audience: C-Suite (CEOs, CFOs, CIO, COOs, CMOs, etc.), PCAs
Secondary Audience: Clinicians

Language(s): English

Developed by: HITEQ (See other resources developed by this organization).

Resource Summary: Health and Human Services’ Office of Civil Rights (OCR), the entity responsible for enforcing regulations under HIPAA, stated, effective immediately, it will exercise enforcement discretion and will not impose penalties for HIPAA violations against covered healthcare providers if patients are served on a good faith basis during the COVID-19 nationwide public health emergency. OCR has clarified that, during this public health emergency, these technologies can be used for any services, not only those specific to COVID-19.

Resource Details: Health and Human Services’ Office of Civil Rights (OCR), the entity responsible for enforcing regulations under HIPAA, stated, effective immediately, it will exercise enforcement discretion and will not impose penalties for HIPAA violations against covered healthcare providers if patients are served on a good faith basis during the COVID-19 nationwide public health emergency. OCR has clarified that, during this public health emergency, these technologies can be used for any services, not only those specific to COVID-19. OCR’s guidance states, “covered healthcare providers may use popular applications that allow for video chats, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype, to provide telehealth without risk that OCR might seek to impose a penalty for noncompliance with the HIPAA Rules.” Using one of these technologies should be a last resort, secondary to using traditional telehealth, such as traditional telehealth modalities have healthcare-specific features and security. OCR stresses the importance of using HIPAA-compliant telehealth applications whenever possible from vendors who will enter into Business Association Agreements (BAAs). Access this resource to support implementation of this guidance, including at-a-glance reference of acceptable and unacceptable apps as well as a list of Dos and Don'ts.

Resource Topic: Emerging Issues, Clinical Issues, Health Information Technology (HIT)/Data, Special and Vulnerable Populations, Telehealth

Resource Subtopic: Emergency Management, Policy and Advocacy, COVID-19, Policy, Billing/Reimbursement, and Legal , Implementation and Operations.

Keywords: Implementation Tools , Infectious Diseases, Policies and Procedures.

This project is supported by the Health Resources and Services Administration (HRSA) of the U.S. Department of Health and Human Services (HHS) as part of an award totaling $6,625,000 with 0 percentage financed with non-governmental sources. The contents are those of the author(s) and do not necessarily represent the official views of, nor an endorsement, by HRSA, HHS, or the U.S. Government. For more information, please visit HRSA.gov.