The public health emergency due to COVID-19 has expired. As such the waivers under HIPAA and HITECH during this public health emergency will expire at 11:50 PM on May 11, 2023.
While telehealth continues to be permitted, moving forward, it is required for practices to maintain telehealth security and privacy standards under HIPAA.
OCR has granted practices a 90-day transition period to bring their telehealth services under compliance with HIPAA. After this period, OCR can impose penalties on healthcare providers for non-compliance with HIPAA rules and regulations in connection to telehealth services.
Offices that use telehealth services should take advantage of this time to:
- • Cease using video chat applications that are not HIPAA compliance (FaceTime, Facebook Messenger video, Zoom, Skype, etc.)
- • Get a BAA with your telehealth service provider
- • Ensure that your telehealth service is encrypted
- • Track the program and the security tools enabled within the program
TLD Systems clients can track telehealth programs. We provides specific questions and recommendations for telehealth programs to assist offices in ensuring HIPAA compliance.
You can read the announcement here.
Read Comments