Is Your Entity Telehealth HIPAA-Compliant After Public Health Emergency Expiration:

On April 11, 2023, the Department of Health and Human Services through the Office of Civil Rights (OCR) announced that the Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the COVID-19 public health emergency will expire at 11:59 pm on May 11, 2023, due to the expiration of the COVID-19 public health emergency. It is important to understand that a 90-day grace period will be provided by OCR for healthcare providers to come into compliance with HIPAA Rules regarding telehealth services. Hence, although the Enforcement Discretion will officially end on May 12, 2023, entities will have until August 9, 2023, to be compliant with HIPAA Rules without facing penalties for possible noncompliance when providing telehealth services in good faith.

During the pandemic, many healthcare providers started utilizing popular applications for video chats such as Apple FaceTime, Facebook Messenger video chat, Zoom, or Skype to provide telehealth services. Said services are not HIPAA compliant but due to the emergency situation, OCR provided the aforementioned enforcement discretion and non-imposition of penalties when the video services were used in good faith by healthcare providers. To that extent, healthcare providers should utilize the provided grace period to perform assessments in their systems to determine needed adjustments or changes in telehealth services provided to move to a compliant service before the grace period ends.

The Ankura team of healthcare compliance and security experts can assist your organization in reviewing the current services used to provide telehealth to determine needed changes or updates in order to be compliant with HIPAA Rules when providing telehealth services after the end of the public health emergency.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.