empty hospital beds 1

HIPAA Compliance in the New Normal of COVID-19

Not everyone agrees about progress on the pandemic. Nationwide, it appears we have not “flattened the curve” as of today. Taking New York out of the calculation, rates of infection, hospitalizations and deaths continue to rise across the country, with hotspots flaring in meat processing plants, nursing homes and other places where gatherings occur.

  • On April 8, the last date we reported the number of cases in the United States on this blog, there were 397,754 cases of infection in 50 states.
  • As of today, four weeks later, more than 1,376,700 people in the United States have been infected with the coronavirus and at least 82,300 have died,

Data points from a New York Times database.

So the debate about where we are in managing the pandemic rages on. Some believe it’s time to re-open businesses and go back to work, while others caution that it’s too soon and re-opening too quickly will cause preventable suffering and deaths. States and municipalities are beginning to re-open using a variety of approaches, not all consistent with one another.

Plan Now for Better Compliance on the Other Side of COVID-19

If we have time to watch the news, we’ve learned some things about healthcare.

We’ve learned about the sacrifices so many are making to care for the sick and protect the public. We’ve seen how telehealth can expand access and promote social distancing. We’ve seen how criminals can take advantage of a crisis by trying to steal patient data. We know more about medical equipment supply chains than we ever thought we would need to know.

We’ve watched debates among the federal government and the States, between the President and Governors, among public health officials and the business community. If we’re not on the front lines (in healthcare, or providing other essential goods and services) we may have had time to reflect on how to live and work in the future. We may have realized that we should not take our health, our work, or our families, for granted.

Although we’ve all seen pictures of patients on the news, we should remember that film crews and the media should NOT be allowed access to areas where protected health information is located, without a patient’s prior written authorization. This has not changed during COVID-19.

For those of us in healthcare, one of the lessons is that HIPAA is still the law during a public health emergency. Although HIPAA was not set aside, lawmakers quickly made some changes to support the fight against COVID-19.

Obtain Up-to-Date Guidance about HIPAA under COVID-19

For a general overview of HIPAA under COVID-19, you can watch a 5-minute video and obtain written guidance here.

Information specifically for first responders, including law enforcement and public health, is available here.

Three Actions to Take Right Now for Better HIPAA Compliance

  1. Review the HIPAA changes under COVID-19 mentioned above, especially regarding telehealth and business associates. Although these changes are temporary, they are likely to last for many more months, and some may become permanent.
  2. Do a full HIPAA Risk Analysis. Information privacy in healthcare was under attack before COVID-19 but has accelerated, with cyber criminals taking advantage of the crisis. If you have already completed a Risk Analysis, review and refresh, update the information and be sure to follow the Risk Management actions that come from it. Be careful not to take a shortcut by only doing a security risk assessment. While this is a critical part, it’s not all that’s needed.
  3. Update your HIPAA policies and forms to incorporate any changes.

Questions are Welcome at The HIPAA E-Tool®

We’re here, available and answering your questions about HIPAA compliance. Give us a call if you need help.

The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start Kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Share This Post

Share on facebook
Share on twitter
Share on linkedin

Maggie Hales

Maggie Hales is a lawyer specializing in health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2020 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

Terms of Service | Privacy Policy

Powered by JEMSU

Mailing Address
The HIPAA E-Tool
PO Box 179104
St. Louis, MO 63117-9104

8820 Ladue Road Suite 200
Saint Louis, MO 63124

You may have questions about COVID-19 and HIPAA. We have answers. 

We are open and answering questions about all the new modifications and waivers, coming from HHS, OCR, CMS, and the new CARES act.

If you need help with HIPAA during the COVID-19 pandemic, fill in the form, and we’ll get back to you.

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free