Resources

Client Alerts, News Articles, Blog Posts, & Multimedia

Everything you need to know about BMD and the industry.

Time to Update Your HIPAA Compliance Plan for Telehealth Policies and Procedures

Client Alert
September 8, 2020

The delivery of healthcare in this country may be forever changed following the COVID-19 pandemic. Providing services through telehealth technologies initially allowed providers to connect with patients in a safe and socially distant manner and helped keep vital hospital beds free for COVID-19 care. Now, while still a safe, socially distant option, telehealth allows patients to access healthcare services in an efficient manner, decreases the likelihood of cancellations, and expands access to services that do not require an in-person encounter (i.e., surgery, procedure, or test). Telehealth is now widely reimbursed by both federal and commercial payors and more provider types are able to provide telehealth services within their licensed scope of practice.

While the use of technology by both providers and patients is now commonplace in the industry, protected health information (PHI) must be safe and secure. Providers are still obligated to keep PHI confidential and comply with the rules and requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). An increased frequency of technology introduces another avenue for potential risk and unauthorized uses or disclosures of PHI.

At the start of the COVID-19 public health emergency, the Office of Civil Rights (OCR), responsible for enforcing HIPAA, issued a notice of enforcement discretion to not impose penalties against healthcare providers for noncompliance with the regulatory requirements under HIPAA in connection with the good faith provision of telehealth through the duration of the national emergency. As of September 8, 2020, this enforcement discretion is still in place. It will not remain forever and enforcement actions are still at the decision of the OCR. Therefore, in a world with an increased use of technology for healthcare services and the risk of more unauthorized uses or disclosures of PHI, providers should still comply with all of the HIPAA rules and regulations and incorporate telehealth in a compliance plan and/or HIPAA policies and procedures.

The Healthcare and Hospital Law Department at Brennan Manna & Diamond, LLC is here to help account for telehealth and the increased use of technology in your current HIPAA compliance plan to ensure the safety and privacy of the PHI you create and/or maintain. The BMD team can help your practice mitigate risk in the ever changing healthcare delivery world. 

 

HealthcareCOVID-19telehealthtechnologyPHIHIPAAHIPAA ComplianceOCRregulatory requirementsenforcement actionscomplianceKevin CripeBMD Healthcare & Hospital Law Group
Client Alert

Florida Super Lawyers® Recognizes Brennan Manna Diamond Attorneys to the 2026 Lists

June 26, 2026BRENNAN, MANNA & DIAMOND is proud to announce that three of our attorneys have been designated to the 2026 Florida Super Lawyers® and Florida Rising Stars® lists. Super Lawyers is based on multiple categories of independent research and peer evaluation to identify outstanding lawyers.Client Alert

Supreme Court Clears Path for TPS Terminations: What Employers Need to Know

June 25, 2026The U.S. Supreme Court's June 25, 2026 decision in Mullin v. Doe and Trump v. Miot removed legal obstacles that had delayed the termination of Temporary Protected Status (TPS) for Haiti and Syria. The ruling also reinforces the administration's authority to terminate other TPS designations currently under review. Employers should immediately identify workers whose employment authorization is tied to affected TPS programs, review Form I-9 records, and prepare for forthcoming USCIS guidance before taking any employment action.Client Alert

The Risks of Outsourcing Medical Billing and the Importance of State-Law Compliance

June 24, 2026Offshoring medical billing and other administrative functions can reduce costs, but it also raises significant compliance, operational, and contractual risks. Although HIPAA does not explicitly prohibit protected health information from being accessed or stored outside the United States, healthcare providers and their vendors remain responsible for safeguarding patient information and complying with state-specific restrictions that may limit or prohibit offshore subcontracting.Client Alert

Risks of Using AI-Generated, Implied Celebrity Endorsements in Advertising

June 3, 2026Businesses using AI-generated celebrity images, videos, or voice simulations in advertising may face significant legal risks if the content falsely implies an endorsement, affiliation, or sponsorship. This article discusses potential exposure under false advertising, right of publicity, consumer protection, and professional conduct laws, and explains why disclaimers may not be enough to avoid liability.Client Alert

CMS Requires Providers to Use an Updated Advance Beneficiary Notice (ABN) Form by May 12, 2026

May 22, 2026CMS has released an updated Advance Beneficiary Notice of Noncoverage (ABN), Form CMS-R-131, that all providers and suppliers must begin using by May 12, 2026. The revised form includes clearer language and formatting updates intended to improve patient understanding and compliance.
Older posts