The coronavirus pandemic is causing devastation around the world - the US is no exception either. Numerous cases are coming to hospitals every day, and the numbers just keep on rising. The situation is so grave, that even certain HIPAA Security Rule Provisions had to be changed to combat this unprecedented scenario.
HIPAA Compliance Management Made Easier
A few weeks ago, the Department of Health and Human Services (HHS) declared that the OCR will be relaxing specific HIPAA Security Rule provisions due to the pandemic. The OCR will even be waiving penalties as well as suspend enforcement activities during this critical period related to communication tools which are helping enhance healthcare across the US.
The OCR has the responsibility of implementing rules and regulations related to Privacy, Security, as well as Breach notifications related to HIPAA. HIPAA Rules demand the healthcare providers as well as all other covered entities to comply with specific administrative, technical, and physical safeguards to ensure the maintenance of electronically protected health information. These rules include certain criteria to be followed in the case of remote communication tools as well, which has been used by healthcare providers for treating patients.
Why was it necessary?
While such communication tools have seen increased demand in the past, the coronavirus pandemic caused the demand for them to go through the roof, as remote tools are critical and a requirement to combat this situation. To make sure that healthcare providers are providing utmost care to the ever-increasing number of patients, OCR declared that it will not be imposing penalties for not complying with the HIPAA Rules when it comes to healthcare providers using telehealth tools for communication during the pandemic.
This makes it much easier for the providers to take the full advantage of non-public facing (only intended parties can be part of the communication) audio or video tools for providing telehealth services. Also, OCS says that the telehealth services can be provided for any reason, not only COVID-19.
The allowed technologies currently are Facebook Messenger, Apple’s FaceTime, Google’s Hangouts video, Skype, and others. However, OCR recommends that the providers notify patients of the privacy and security risks associated with the usage of these applications.
Back in February, the OCR provided updated guidelines for healthcare providers which allowed usage as well as disclosure of PHI related to COVID-19 for faster responses. OCR outlined the usage and disclosure of the information for public health activities, to the family members of the patients, as well as to eliminate the threat of harm.
What’s so challenging about HIPAA?
HIPAA compliance management is quite a monumental task. There are numerous rules and regulations to maintain, which can be hectic for even the most organized companies. Moreover, just like in this case, the rules are changed and the organizations that have to comply with HIPAA need to provide training to the relevant employees and update their operations accordingly. Thus, HIPAA compliance becomes a challenge for anyone involved due to the complexities of the rules, the organization’s limitations, and so on. Even a single employee’s unintended mistake can cost an organization penalties.
This is where HIPAA Ready can help. It is a HIPAA Compliance Management Application and helps to simplify HIPAA compliance. It acts as a centralized database and stores all the documentation, keeps a record of incidents, and ensures smooth training needed to make sure that you are compliant with HIPAA. Employees with access can search for HIPAA policies, set up training schedules, and keep all the necessary materials all in one place. This ensures that everything is transparent and well accounted for. HIPAA Ready is the most comprehensive and easy-to-use software for HIPAA compliance management.
Published by Zubair Hassan