Telemedicine and the technologies that provide the service delivery have swiftly become the essential, everyday apparatus keeping the US healthcare system afloat in 2020. Patients have adapted well to the rapid switch to teleconferencing appointments and assessments with their general practitioner.
HIPAA compliance is difficult to achieve under normal circumstances but during a global pandemic, healthcare institutions have faced an uphill struggle. As hospitals, practices, and clinics closed, a seismic shift towards telemedicine was embarked upon. For many healthcare entities, this was something completely new, for others it was a simple change of routine.
Keeping telemedicine HIPAA compliant when many medical teams are being asked to work from home is a huge undertaking. However, rules are rules and the safeguards implemented to uphold protected health information are compulsory, and this includes telemedicine.
HIPAA-Compliance is an ongoing process, evolving legislation that under normal operating conditions enforces many-core mandatory and recommended safeguards upon telemedicine services. Some of the principal safeguards are:
Naturally, we have only scratched the surface of the HIPAA compliant safeguards needed to protect a telemedicine platform. There are many other physical, technical, and administrative layers incorporated into these requirements. One of the easiest ways to strengthen compliance is to outsource infrastructure to a HIPAA compliant hosting provider. That way the infrastructure is already protected to HIPAA best practice by default.
During the early stages of the COVID-19 pandemic, the enforcement of these guarantees was relaxed to help struggling healthcare entities. There is no doubt that healthcare organizations being allowed to use off the shelf video conferencing technology greatly benefitted patients, and propelled telemedicine as a credible everyday healthcare solution.
This significant change was announced on the 17th March 2020, when the Office for Civil Rights (OCR) released a statement advising that “enforcement discretion and waiving penalties for HIPAA violations” were being introduced.
Medical professionals were for the first time authorized to use third-party tools for telemedicine appointments, such products such as Let's Talk, Apple FaceTime, Facebook Messenger, Google Hangouts, Zoom, or Skype.
There were some exceptions to this loosening of enforcement protocol. Tools such as TikTok, Snapchat, and Facebook Messenger were excluded, but the change enabled the telemedicine services to be provisioned without the risk of the OCR enforcing penalties for using a non-compliant provider.
All site content © 1996 - 2021 Arizona Telemedine Program. The University of Arizona is an EEO/AA - M/W/D/V