Key HIPAA Changes in Light of COVID-19
The COVID-19 pandemic has quickly caused at least a temporary restructuring of the U.S. healthcare system. This restructuring has impacted not only service delivery and healthcare funding but also the privacy of patients’ information. In the course of several weeks, the Office of Civil Rights (OCR) of the Department of Health and Human Services (HHS) announced important changes to how the agency will enforce the nation’s most significant health privacy law, the Health Insurance Portability and Accountability Act (HIPAA), and its privacy, security, and breach regulations.
These changes are intended to give providers and other healthcare organizations more flexibility in how they share protected health information (PHI) in responding to the pandemic. They apply to hospitals treating COVID-19 patients, COVID-19 testing centers, and telehealth providers, among other organizations. While these changes are intended to address the immediate needs of the COVID-19 pandemic and therefore typically are set to expire once the COVID-19 public health emergency ends, they may have a more lasting impact than OCR anticipates, as they could lead to calls for more permanent HIPAA reforms.
The following summarizes the key actions that OCR has taken to modify HIPAA in response to the COVID-19 pandemic...