Final week, the Workplace for Civil Rights (“OCR”) launched two new sources designed to help sufferers in understanding the privateness and safety dangers to their well being data related to utilizing telehealth, and steps that may be taken to scale back these dangers.
The first doc supplied by OCR is meant to function a useful resource for suppliers on easy methods to educate their sufferers about these telehealth dangers. For instance, the doc describes how suppliers ought to clarify what telehealth is to sufferers, the dangers of malware, unauthorized entry and unintentional disclosures, and easy methods to successfully talk with sufferers in regards to the suppliers particular makes use of of telehealth. Whereas the doc emphasizes that such training will not be required, OCR does state that it views training by a supplier as a approach to improve the standard of care.
The second doc supplied by OCR is a listing of “suggestions” for sufferers to contemplate when utilizing telehealth. Suppliers would possibly contemplate directing sufferers to the record on OCR’s web site or utilizing this record as a handout for sufferers to perform the training described within the first doc.
OCR’s sources are well timed given the tip to the COVID-19 Public Well being Emergency earlier this 12 months and the tip of its coverage of enforcement discretion across the provision of telehealth. As of August 9, 2023, lined entities had been anticipated to be in full compliance with HIPAA concerning their provision of telehealth, together with for instance, utilizing safe platforms and having enterprise associates in place with distributors of telehealth platforms.