Careers

Diversity, Equity & Inclusion

Experience

Innovation

Interactive Maps

Locations

About

Pages

Meet our team of innovators
Ask us how we do it

Professionals

Insights

Services

Thompson Hine LLP, a full-service business law firm with approximately 400 lawyers in 8 offices, was ranked number 1 in the category “Most innovative North American law firms: New working models” by The Financial Times and was 1 of 7 firms shortlisted for The American Lawyer’s inaugural Legal Services Innovation Award. The firm has been recognized by the National Law Journal as a Legal Technology Trailblazer and featured by Bloomberg for its innovative service delivery models, which drive accuracy and predictability. The firm’s commitment to innovation is embodied in Thompson Hine SmartPaTHTM – a smarter way to work – predictable, efficient and aligned with client goals. For more information, please visit ThompsonHine.com and ThompsonHine.com/SmartPaTH.

Home | Thompson Hine LLP

Atlanta

Chicago

Cincinnati

Cleveland

Columbus

Dayton

Los Angeles

Minneapolis

New York

Washington, D.C.

The Department of Health and Human Services Office for Civil Rights (OCR) has issued a <a href="https://www.hhs.gov/hipaa/for-professionals/special-topics/emergency-preparedness/notification-enforcement-discretion-telehealth/index.html" target="_blank" rel="noopener">notice</a> confirming that it will exercise its enforcement discretion and will not penalize health care providers for noncompliance with the HIPAA Privacy and Security Rules (HIPAA Rules) in connection with the good faith provision of telehealth services during the COVID-19 nationwide public health emergency. Effective immediately, health care providers may use any available non-public facing remote communication product to communicate with patients, including those that might not fully comply with the HIPAA Rules and that have not previously been permitted in the use of telehealth services.

contentpilot/introduction

OCR’s exercise of discretion applies to telehealth services provided for any reason, whether it is related to the diagnosis and treatment of health conditions related to COVID-19 or not. For example, in addition to using telehealth technology to examine a patient exhibiting COVID-19 symptoms, a health care provider may use it to assess or treat patients for any other medical condition, such as a sprained ankle, dental consultation or psychological condition.

core/paragraph

Health care providers may now use popular applications used for video chats, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video or Skype, to provide telehealth services. They are encouraged, however, to notify patients that these third-party applications potentially introduce privacy risks. Providers should also enable all available encryption and privacy modes when using these applications. OCR will not impose a penalty against a health care provider for the lack of a business associate agreement (BAA) with a video communication vendor during the COVID-19 public health emergency. In addition, OCR notes that Facebook Live, Twitch, TikTok and similar public facing video communication applications should not be used to provide telehealth services.

While it is not required during the emergency, a health care provider seeking additional privacy protections should enlist a technology vendor that provides a HIPAA-compliant product and will enter into a BAA in connection with its use. The vendors offering Skype for Business, Updox, VSee, Zoom for Healthcare, Doxy.me and Google G Suite Hangouts Meet have represented to OCR that these products are HIPAA-compliant and they will enter into BAAs with health care providers. OCR cautioned that it has not reviewed the BAAs offered by these vendors; that this list does not constitute an endorsement, certification or recommendation of specific products; and that there may be other technology vendors that offer HIPAA-compliant products and will enter into BAAs with health care providers.

core/heading

Cori R. Haper 937.443.6856 <a href="mailto:Cori.Haper@ThompsonHine.com">Cori.Haper@ThompsonHine.com</a>

Rebeccah C. Raines 937.443.6806 <a href="mailto:Rebeccah.Raines@ThompsonHine.com">Rebeccah.Raines@ThompsonHine.com</a>

Additional Resources

We have assembled a firmwide multidisciplinary task force to address clients’ business and legal concerns and needs related to the COVID-19 pandemic. Please see our <a href="https://www.thompsonhine.com/services/covid-19-task-force" target="_blank" rel="noopener">COVID-19 Task Force</a> page for additional information and resources.

This advisory bulletin may be reproduced, in whole or in part, with the prior permission of Thompson Hine LLP and acknowledgment of its source and copyright. This publication is intended to inform clients about legal matters of current interest. It is not intended as legal advice. Readers should not act upon the information contained in it without professional counsel. This document may be considered attorney advertising in some jurisdictions.

OCR Allows Flexible Telehealth Technology Use During COVID-19 Emergency

Services