HIPAA and the coronavirus

February 5, 2020

Updated as of Wednesday, March 18, 2020.

March Bulletin:

On Tuesday, March 17, the Office for Civil Rights (OCR) announced it will exercise "enforcement discretion and will waive potential penalties for HIPAA violations" against providers serving patients through "everyday communications" during the COVID-19 nationwide public health emergency.

This announcement applies to the "good faith" use of such apps as FaceTime, Facebook Messenger, or Skype for any telehealth purposes, regardless of whether the telehealth services are directly related to treating COVID-19. Read more from the OCR here.

February Bulletin:

In light of the coronavirus outbreak, the HHS OCR issued guidance on the ways that patient information may be shared under HIPAA during an outbreak of infectious disease or other emergency situation.

Misunderstandings about HIPAA can create obstacles to public health efforts. The HHS guidance — released on February 3 — explains how health care professionals have the broad ability to share health information with public health authorities during certain crisis situations without violating HIPAA privacy regulations.

Appropriate uses and disclosures can be made when necessary to treat a patient, to protect the public health, and for other critical purposes.

Emergency Situations: Preparedness, Planning, and Response

For more information about emergency preparedness as it relates to HIPAA, please follow the dedicated page on the HHS.gov website.

Previous Video
An interview with cyber attorney, Adrian Senyszyn
An interview with cyber attorney, Adrian Senyszyn

Cyber attorney Adrian Senyszyn addresses frequently asked questions about cyber security and current threat...

Next Article
Charging for copies of medical records: Rules released

The amount you can charge for supplying copies of medical records has changed, according to new guidance fr...