Resources

Client Alerts, News Articles, Blog Posts, & Multimedia

Everything you need to know about BMD and the industry.

Time to Update Your HIPAA Compliance Plan for Telehealth Policies and Procedures

Client Alert
September 8, 2020

The delivery of healthcare in this country may be forever changed following the COVID-19 pandemic. Providing services through telehealth technologies initially allowed providers to connect with patients in a safe and socially distant manner and helped keep vital hospital beds free for COVID-19 care. Now, while still a safe, socially distant option, telehealth allows patients to access healthcare services in an efficient manner, decreases the likelihood of cancellations, and expands access to services that do not require an in-person encounter (i.e., surgery, procedure, or test). Telehealth is now widely reimbursed by both federal and commercial payors and more provider types are able to provide telehealth services within their licensed scope of practice.

While the use of technology by both providers and patients is now commonplace in the industry, protected health information (PHI) must be safe and secure. Providers are still obligated to keep PHI confidential and comply with the rules and requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). An increased frequency of technology introduces another avenue for potential risk and unauthorized uses or disclosures of PHI.

At the start of the COVID-19 public health emergency, the Office of Civil Rights (OCR), responsible for enforcing HIPAA, issued a notice of enforcement discretion to not impose penalties against healthcare providers for noncompliance with the regulatory requirements under HIPAA in connection with the good faith provision of telehealth through the duration of the national emergency. As of September 8, 2020, this enforcement discretion is still in place. It will not remain forever and enforcement actions are still at the decision of the OCR. Therefore, in a world with an increased use of technology for healthcare services and the risk of more unauthorized uses or disclosures of PHI, providers should still comply with all of the HIPAA rules and regulations and incorporate telehealth in a compliance plan and/or HIPAA policies and procedures.

The Healthcare and Hospital Law Department at Brennan Manna & Diamond, LLC is here to help account for telehealth and the increased use of technology in your current HIPAA compliance plan to ensure the safety and privacy of the PHI you create and/or maintain. The BMD team can help your practice mitigate risk in the ever changing healthcare delivery world. 

 

HealthcareCOVID-19telehealthtechnologyPHIHIPAAHIPAA ComplianceOCRregulatory requirementsenforcement actionscomplianceKevin CripeBMD Healthcare & Hospital Law Group
Client Alert

Don't Get Caught Dazed and Confused: Another Florida Court Weighs in on Employer Obligations to Accommodate Medical Marijuana Use

March 3, 2025A Florida trial court ruled in Giambrone v. Hillsborough County that employers may need to accommodate off-duty medical marijuana use under the Florida Civil Rights Act (FCRA). This contrasts with prior rulings and raises new compliance challenges for employers. With the case on appeal, now is the time to review workplace drug policies.Client Alert

Corporate Transparency Act to be Re-evaluated

February 28, 2025Recent federal rulings have impacted the enforceability of the Corporate Transparency Act (CTA), which took effect on January 1, 2024. While reporting requirements were briefly reinstated, FinCEN has now paused enforcement and is reevaluating the CTA. Businesses are no longer required to submit reports until further guidance is issued. For updates and legal counsel, contact BMD Member Blake Gerney.Client Alert

Ohio Recovery Housing Operators Beware: House Bill 58 Seeks to Make Major Changes

February 26, 2025Ohio House Bill 58 proposes significant changes to recovery housing oversight, granting ADAMH Boards authority to inspect and investigate recovery residences. The bill also introduces a Certificate of Need (CON) program, requiring state approval for major facility changes. OMHAS will assess applications based on cost, quality, accessibility, and financial feasibility. The bill also establishes a recovery housing residence fund to support inspections. For more information, contact BMD attorneys Daphne Kackloudis or Jordan Burdick.Client Alert

January 2025 Notice of Proposed Rulemaking Brings Notable Changes to HIPAA Security Rule

February 25, 2025In January 2025, the U.S. Department of Health and Human Services proposed amendments to the HIPAA Security Rule, aiming to enhance cybersecurity for covered entities (CEs) and business associates (BAs). Key changes include mandatory compliance audits, workforce training, vulnerability scans, and risk assessments. Comments on the proposed rule are due by March 7, 2025.Client Alert

Corporate Transparency Act Effective Again

February 20, 2025The federal judiciary has issued multiple rulings on the enforceability of the Corporate Transparency Act (CTA), which took effect on January 1, 2024. Previously, enforcement was halted nationwide due to litigation in Smith v. U.S. Department of the Treasury. However, on February 18th, the court lifted the stay, reinstating the CTA’s reporting requirements. Non-exempt entities now have until March 21, 2025, to comply. Businesses should act promptly to avoid civil penalties of $591 per day and potential criminal liability.
Older posts
Newer posts