COVID-19 HIPAA transition period for telehealth expires

Aug 09, 2023 - 03:11 PM
oig-telehealth

Health care providers must comply with the HIPAA rules with respect to telehealth effective Aug. 9 at 11:59 p.m., when the 90-day enforcement discretion period announced in April expires. The Department of Health and Human Services’ Office for Civil Rights implemented a HIPAA enforcement discretion policy for telehealth during the COVID-19 public health emergency, which ended May 11. This provided enforcement discretion to not impose penalties for HIPAA violations against covered health care providers in connection with their good faith provision of telehealth using non-public facing remote communications technologies during the PHE. Providers then had a 90-day transition period to come into compliance. OCR has also published guidance on how providers can use remote communications technologies for audio-only telehealth in compliance with HIPAA rules, including when the notice of enforcement discretion is no longer in effect

The AHA advocated for temporary waivers of sanctions and penalties against hospitals that did not comply with elements of the HIPAA privacy rule, and waivers for the types of technologies that could be used to provide telehealth to include everyday communications technologies during the PHE. AHA has also urged Congress to make Medicare telehealth flexibilities granted during the PHE permanent for rural and other providers.

Related News Articles

Headline
OCR finalizes rule prohibiting certain reproductive health care disclosures
The Department of Health & Human Services’ Office for Civil Rights April 22 released a final rule prohibiting entities regulated by the HIPAA Privacy Rule…
Headline
Cassidy proposes ways to strengthen health data privacy
Senate Health, Education, Labor & Pensions Committee Ranking Member Bill Cassidy, R-La., Feb. 21 released a report proposing ways to modernize the existing…
Headline
NIST updates HIPAA cybersecurity resource guide 
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage…
Headline
OCR releases telehealth privacy and security resources for providers, patients
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about…
Headline
HHS updates tool to help providers assess HIPAA security risks
The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated…
Headline
CMS urged not to implement proposed prior authorization attachment standard
The AHA July 27 joined AHIP, the American Medical Association, and Blue Cross Blue Shield Association in urging the Centers for Medicare & Medicaid…