This session will discuss the issues surrounding the use of various communication technologies under HIPAA controls, and the recent guidance and declarations from HHS about HIPAA and the response to COVID-19
With the current health emergency and limitations on face-to-face contact in providing services to patients, remote working has been instituted wherever it reasonably can, and the time to implementation of new communication services to meet these needs leaves no room for the usual processes of approval and adoption that health care is used to.
In order to facilitate the delivery of services and necessary communications during the emergency, the US Department of Health and Human Services has issued guidance relaxing some HIPAA requirements pertaining to teleconferencing tools and reiterating HIPAA allowances for communication with family and friends of patients. But it is still necessary to observe the requirements for Privacy and Security of patient information, particularly when sensitive information is discussed. And any implementation of new technology, from telemedicine to working via remote access, must be accompanied by an evaluation of the risks and mitigation of security issues.
Inadequate consideration of new technology can lead to significant penalties in the event of breaches of protected health information.
Social distancing to help prevent the spread of the novel coronavirus is effective, but offices are used to working as teams, face-to-face, and social distancing requires that staff that can work from home does work from home. In addition, patient care has typically required a face-to-face encounter, which can cause the spread of the virus in the process, and as infected individuals travel to and from appointments. It is essential to be able to work from home while protecting privacy and security and provide telemedicine services in order to reach the most individuals without risking harm.
HIPAA calls for adequate consideration of privacy and security for patient information, considering administrative, technical, and physical security, and working from home impacts all of those safeguards. HIPAA regulations put controls on the appropriate technologies to use for communications, and can require that a Business Associate relationship be established when using any services that involve any persistence of custody of Protected Health Information, such as some communications and videoconferencing technologies. Violations of HIPAA rules can lead to penalties in the millions of dollars. In addition, regulations on mental health, and on Substance Use Disorders in particular, are very strict and must be considered in addition to HIPAA.
HHS has announced the relaxation of enforcement pertaining to the use of teleconferencing technologies to provide remote medical services, allowing the use of such services to expand quickly, but limits on 'public-facing' conferencing technologies remain. Providers need to adopt the necessary technologies without fear of HIPAA violation enforcement actions during the COVID-19 Emergency and must understand the limits of what is permitted in order to best serve patients and their families.
Why Should You Attend:
The COVID-19 Emergency has created new demands on communications, and has made clear the need to provide services remotely to the extent possible, while continuing to protect the privacy and security of health information. Providers need to communicate more, between themselves and with their patients, using remotely provided systems and telehealth systems to enable meetings with both staff and clients.With the current health emergency and limitations on face-to-face contact in providing services to patients, remote working has been instituted wherever it reasonably can, and the time to implementation of new communication services to meet these needs leaves no room for the usual processes of approval and adoption that health care is used to.
In order to facilitate the delivery of services and necessary communications during the emergency, the US Department of Health and Human Services has issued guidance relaxing some HIPAA requirements pertaining to teleconferencing tools and reiterating HIPAA allowances for communication with family and friends of patients. But it is still necessary to observe the requirements for Privacy and Security of patient information, particularly when sensitive information is discussed. And any implementation of new technology, from telemedicine to working via remote access, must be accompanied by an evaluation of the risks and mitigation of security issues.
Inadequate consideration of new technology can lead to significant penalties in the event of breaches of protected health information.
Social distancing to help prevent the spread of the novel coronavirus is effective, but offices are used to working as teams, face-to-face, and social distancing requires that staff that can work from home does work from home. In addition, patient care has typically required a face-to-face encounter, which can cause the spread of the virus in the process, and as infected individuals travel to and from appointments. It is essential to be able to work from home while protecting privacy and security and provide telemedicine services in order to reach the most individuals without risking harm.
HIPAA calls for adequate consideration of privacy and security for patient information, considering administrative, technical, and physical security, and working from home impacts all of those safeguards. HIPAA regulations put controls on the appropriate technologies to use for communications, and can require that a Business Associate relationship be established when using any services that involve any persistence of custody of Protected Health Information, such as some communications and videoconferencing technologies. Violations of HIPAA rules can lead to penalties in the millions of dollars. In addition, regulations on mental health, and on Substance Use Disorders in particular, are very strict and must be considered in addition to HIPAA.
HHS has announced the relaxation of enforcement pertaining to the use of teleconferencing technologies to provide remote medical services, allowing the use of such services to expand quickly, but limits on 'public-facing' conferencing technologies remain. Providers need to adopt the necessary technologies without fear of HIPAA violation enforcement actions during the COVID-19 Emergency and must understand the limits of what is permitted in order to best serve patients and their families.
Areas Covered in the Webinar:
- HIPAA Requirements for Secure Communications and Physical Security
- Special Security Considerations for Working From Home
- Special Protections for Mental Health Information
- Using Teleconferencing in the Medical Practice
- Using Teleconferencing for Client Encounters in Mental Health
- Business Associate Requirements and Risk Analysis
- Making Remote Work and Telemedicine Routine and Secure
Who Will Benefit:
This webinar will provide valuable assistance to all personnel in:- Social Service Agencies, Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). The titles are
- Compliance director
- CEO
- CFO
- Privacy Officer
- Security Officer
- Information Systems Manager
- HIPAA Officer
- Chief Information Officer
- Health Information Manager
- Healthcare Counsel/lawyer
- Office Manager
- Contracts Manager
Course Provider
Jim Sheldon-Dean,
