Resources

Client Alerts, News Articles, Blog Posts, & Multimedia

Everything you need to know about BMD and the industry.

Time to Update Your HIPAA Compliance Plan for Telehealth Policies and Procedures

Client Alert
September 8, 2020

The delivery of healthcare in this country may be forever changed following the COVID-19 pandemic. Providing services through telehealth technologies initially allowed providers to connect with patients in a safe and socially distant manner and helped keep vital hospital beds free for COVID-19 care. Now, while still a safe, socially distant option, telehealth allows patients to access healthcare services in an efficient manner, decreases the likelihood of cancellations, and expands access to services that do not require an in-person encounter (i.e., surgery, procedure, or test). Telehealth is now widely reimbursed by both federal and commercial payors and more provider types are able to provide telehealth services within their licensed scope of practice.

While the use of technology by both providers and patients is now commonplace in the industry, protected health information (PHI) must be safe and secure. Providers are still obligated to keep PHI confidential and comply with the rules and requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). An increased frequency of technology introduces another avenue for potential risk and unauthorized uses or disclosures of PHI.

At the start of the COVID-19 public health emergency, the Office of Civil Rights (OCR), responsible for enforcing HIPAA, issued a notice of enforcement discretion to not impose penalties against healthcare providers for noncompliance with the regulatory requirements under HIPAA in connection with the good faith provision of telehealth through the duration of the national emergency. As of September 8, 2020, this enforcement discretion is still in place. It will not remain forever and enforcement actions are still at the decision of the OCR. Therefore, in a world with an increased use of technology for healthcare services and the risk of more unauthorized uses or disclosures of PHI, providers should still comply with all of the HIPAA rules and regulations and incorporate telehealth in a compliance plan and/or HIPAA policies and procedures.

The Healthcare and Hospital Law Department at Brennan Manna & Diamond, LLC is here to help account for telehealth and the increased use of technology in your current HIPAA compliance plan to ensure the safety and privacy of the PHI you create and/or maintain. The BMD team can help your practice mitigate risk in the ever changing healthcare delivery world. 

 

HealthcareCOVID-19telehealthtechnologyPHIHIPAAHIPAA ComplianceOCRregulatory requirementsenforcement actionscomplianceKevin CripeBMD Healthcare & Hospital Law Group
Client Alert

Supreme Court Upholds Coverage under the Affordable Care Act

July 10, 2025The U.S. Supreme Court has upheld the authority of the U.S. Preventive Services Task Force under the ACA, ensuring continued no-cost coverage for over 100 preventive health services. The decision impacts millions of Americans and preserves provider reimbursement through insurance.Client Alert

Health Care Providers Take Note: Federal Budget Brings Medicaid and Staffing Rule Changes

July 7, 2025The 2025 federal budget introduces significant changes for health care providers and Medicaid recipients, including new cost-sharing requirements, work eligibility mandates, rural health grants, and a pause on minimum staffing rules.Client Alert

Key Healthcare Provisions in Ohio’s 2026–2027 Budget

July 2, 2025Ohio’s newly enacted biennial budget (HB 96) for FY 2026–2027 brings sweeping changes for healthcare providers across the state. The law includes new Medicaid eligibility requirements, reporting mandates, funding directives, and social policy provisions. Several vetoes by Governor DeWine also affect healthcare-related initiatives.Client Alert

Providers Beware: Court Sides with Insurers in No Surprises Act Arbitration

July 2, 2025On June 12, 2025, the Fifth Circuit ruled in favor of Aetna and Kaiser in two lawsuits brought by air ambulance providers challenging how insurers calculated payments under the No Surprises Act’s Independent Dispute Resolution process. The court held that unless there is clear evidence of fraud or serious misconduct, IDR decisions will stand, reinforcing the finality of the arbitration process.Client Alert

Introducing HB 281: Enforcement of Federal Immigration Laws in Ohio Hospitals

July 1, 2025House Bill 281, introduced on May 20, 2025, would require Ohio hospitals to allow law enforcement, including federal immigration agents, to enter facilities and enforce immigration laws. The bill mandates that hospitals comply with information requests and adopt formal policies, raising significant concerns about patient privacy and access to care for immigrant communities.
Older posts