Final week, the Workplace for Civil Rights (“OCR”) launched two new assets designed to help sufferers in understanding the privateness and safety dangers to their well being data related to utilizing telehealth, and steps that may be taken to scale back these dangers.
The first doc supplied by OCR is meant to function a useful resource for suppliers on the right way to educate their sufferers about these telehealth dangers. For instance, the doc describes how suppliers ought to clarify what telehealth is to sufferers, the dangers of malware, unauthorized entry and unintentional disclosures, and the right way to successfully talk with sufferers concerning the suppliers particular makes use of of telehealth. Whereas the doc emphasizes that such training is just not required, OCR does state that it views training by a supplier as a solution to improve the standard of care.
The second doc supplied by OCR is an inventory of “ideas” for sufferers to think about when utilizing telehealth. Suppliers would possibly think about directing sufferers to the record on OCR’s web site or utilizing this record as a handout for sufferers to perform the training described within the first doc.
OCR’s assets are well timed given the tip to the COVID-19 Public Well being Emergency earlier this 12 months and the tip of its coverage of enforcement discretion across the provision of telehealth. As of August 9, 2023, lined entities have been anticipated to be in full compliance with HIPAA relating to their provision of telehealth, together with for instance, utilizing safe platforms and having enterprise associates in place with distributors of telehealth platforms.