CyberScout

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

HIPAA
Getty Images

The worldwide Covid-19 pandemic has created a massive strain on hospitals and medical facilities. In response to this, many medical professionals are taking elective and non-life-threatening appointments online.

“We’re really ramping up telehealth, especially for elderly patients to limit their exposure, while still taking care of their medical needs,” says Dr. Brian Christine, an Alabama-based surgeon.

“The current pandemic is pushing the entire medical industry to minimize risk,” he added.

While the transition to remote appointments may help flatten the curve of Covid-19 cases and provide much-needed relief to medical professionals, it does create a new set of cybersecurity concerns, especially regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA ). In response to this potential problem, the department of Health and Human Services has waived penalties and loosened some of the requirements of the act.

“A covered health care provider that wants to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency can use any non-public facing remote communication product that is available to communicate with patients,” the HHS said in a statement released on its website.

According to the HHS statement, the agency would be, “exercising its enforcement discretion to not impose penalties for noncompliance with the HIPAA Rules in connection with the good faith provision of telehealth using such non-public facing audio or video communication products during the COVID-19 nationwide public health emergency.”

The HHS specified that “public-facing” services for telemedicine would not be allowed, but that services such as Skype for Business, Zoom for Healthcare, Google G Suite Hangouts Meet were acceptable platforms for remote appointments.