HIPAA and Emergencies

August 31, 2017

From the Department of Health and Human Services Hurricane and HIPAA Bulletin:

“Severe disasters – such as Hurricane Harvey – impose additional challenges on health care providers. Often questions arise about the ability of entities covered by the HIPAA regulations to share information, including with friends and family, public health officials, and emergency personnel.

The HIPAA Privacy Rule allows patient information to be shared to assist in disaster relief efforts, and to assist patients in receiving the care they need. In addition, while the HIPAA Privacy Rule is not suspended during a public health or other emergency, the Secretary of HHS has issued temporary waivers of certain HIPAA Privacy Rule provisions for covered hospitals in Texas and Louisiana.” Continue reading 

Emergency Situations: Preparedness, Planning, and Response
Disclosures for Emergency Preparedness - A Decision Tool

In addition, please view the Civil Rights Emergency Preparedness page to learn how nondiscrimination laws apply during an emergency.

IN AREAS BEING EVACUATED

 

In practices with EHRs, covered entities are required by the HIPAA security rule to have a contingency plan that includes disaster recovery. If you have a web-based or cloud-based EHR, make sure you take at least one device with you, if possible. If the practice has a local server, power down the server and move it. However, IT staff may be the only ones with the admin password needed to power down the server. In any case, take copies of the back up if stored on site.

Previous Article
From one Physician to Another: Managing Stress in Times of Crisis

Tips for stress management and effective coping strategies.

Next Article
Recovering Damaged Records

If your practice has experienced structural or flood damage from Hurricane Harvey, please refer to these gu...

PARTNERSHIP for a new era of medicine.

Apply for coverage