ARTICLE
24 November 2023

HHS Office Of Civil Rights Issues New Resources On Privacy And Security During Telehealth Encounters

RD
Riker Danzig LLP

Contributor

Riker Danzig LLP has served the business community for 140 years, with offices in Morristown and Trenton, New Jersey and in Midtown Manhattan. Riker Danzig is regional counsel, national defense counsel, and deal counsel to clients ranging from Fortune 500 corporations to middle-market businesses.
The United States Department of Health and Human Services ("HHS") – Office of Civil Rights ("OCR") recently issued two new resources designed to help providers explain to patients...
United States Privacy

The United States Department of Health and Human Services ("HHS") – Office of Civil Rights ("OCR") recently issued two new resources designed to help providers explain to patients the privacy and security risks to their protected health information ("PHI") during telehealth encounters. Available through the HHS website, the guidance offers a primer on relevant PHI privacy and security laws as well as best practices for telehealth encounters.

The first resource, entitled "Educating Patients about Privacy and Security Risks to Protected Health Information when Using Remote Communication Technologies for Telehealth" is aimed at healthcare providers and offers an overview of the privacy and security rules under the Health Insurance Portability and Accountability Act ("HIPAA"). Additionally, the resource provides suggestions for discussing with patients: (i) the telehealth options available; (ii) the potential risks to PHI when using telehealth modalities; (iii) the privacy and security practices of telehealth technology vendors; and (iv) the applicability of certain civil rights laws.

The second resource, "Telehealth Privacy and Security Tips for Patients," is directed towards patients and provides recommendations for protecting and securing their PHI during telehealth encounters. Such recommendations include: (i) conducting telehealth appointments from a private location; (ii) utilizing multi-factor authentication, if available; (iii) using encryption, when available; and (iv) avoiding public Wi-Fi networks for telehealth encounters.

The provider resource, "Educating Patients about Privacy and Security Risks to Protected Health Information when Using Remote Communication Technologies for Telehealth," is available here.

The patient-targeted resource, "Telehealth Privacy and Security Tips for Patients," is available here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More