In other words, HIPAA regulations are fully enforceable, including the HIPAA Privacy Rule and Security Rule.
All non-HIPAA-compliant communication services such as FaceTime or non-compliant versions of services like ZOOM will no longer be allowed. Using non-compliant communication applications or services violate HIPAA regulations, and users would be subject to fines and penalties.
All telehealth services must be HIPAA compliant to protect patients’ protected health information (PHI). Healthcare providers must also ensure that signed business associate agreements are in place with telehealth service companies before using their services.
How to Cope – HIPAA Compliant Telehealth Regulations
Many patients and providers have become accustomed to the convenience and efficiency provided by telehealth. The good news is that more HIPAA-compliant service options are available now than before the pandemic. As is always true, the devil is in the details.
Healthcare providers who wish to begin or continue using telehealth services must be sure their systems meet the standards required by the HIPAA Security Rule. They must also address telehealth access and use in their policies and procedures.
Remember, HIPAA compliance is not just about what you are doing but also what you can prove. With year-end approaching, now is an excellent time to perform an annual Security Risk Assessment (SRA). A thorough SRA will identify any compliance gaps resulting from telehealth or other reasons so that you can remediate them.
Compliancy Group is always available to help you achieve, maintain, and illustrate your organization’s compliance with all HIPAA regulations.