The COVID-19 Telehealth Boom Might be Here to Stay, but HIPAA Flexibility Might Not
One of the many changes brought by the COVID-19 pandemic may be the permanent expansion of telehealth. According to a recent study, the US telehealth market is expected to witness 80% year-over-year growth in 2020. Although numerous video communications services exist, not all were designed to provide sufficient privacy and security to facilitate the provision of health care (and HIPAA compliance). While the Office for Civil Rights (OCR) of the United States Department of Health and Human Services (HHS), the division charged with enforcing HIPAA, has provided some flexibility during the pandemic, at some point it is reasonable to assume that OCR will again raise standards.
Apple Facetime, WhatsApp, Facebook Live, and Google Hangouts, just to name a few, were designed to facilitate virtual birthday parties and family hangouts. These platforms were not designed with an eye towards the strict security measures that are required to guard Protected Health Information (PHI) from prying eyes or cyberattack. Indeed, some of the platforms are designed, as Facebook Live is, to permit anyone to join a video communication. On the other hand, with in-person doctor visits becoming challenging almost instantly in the pandemic environment, OCR clearly felt compelled to help providers find ready-made, affordable tools to continue interfacing with patients.
Responding to the above concerns, OCR announced that it would utilize its “enforcement discretion” to...