Guidance on HIPAA and Audio-Only Telehealth
OCR has issued guidance on how covered health care providers and health plans can provide audio-only telehealth consistent with the requirements of the HIPAA Privacy, Security, and Breach Notification Rules, including when OCR’s Notification of Enforcement Discretion for Telehealth is no longer in effect.
FAQs on HIPAA and Telehealth During the COVID-19 Public Health Emergency
OCR issued guidance related to its Notification of Enforcement Discretion for Telehealth during the COVID-19 nationwide public health emergency. The Notification announced that OCR would be exercising its enforcement discretion to not impose penalties for HIPAA violations against covered health care providers in connection with their good faith provision of telehealth using non-public facing remote communication technologies during the public health emergency. The guidance is in the form of frequently asked questions (FAQs) and clarifies how OCR applies the Notification to support the good faith provision of telehealth.