Keeping HIPAA and Patient Privacy in Health Care when Working from Home, Including Telepractice of Mental HealthOctober 20, 2020 - CA US
Overview: Social distancing to help prevent the spread of the novel coronavirus is effective, but offices are used to working as teams, face-to-face, and social distancing requires that staff that can work from home does work from home. In addition, patient care has typically required a face-to-face encounter, which can cause the spread of the virus in the process, and as infected individuals travel to and from appointments. It is essential to be able to work from home while protecting privacy and security and provide telemedicine services in order to reach the most individuals without risking harm. HIPAA calls for adequate consideration of privacy and security for patient information, considering administrative, technical, and physical security, and working from home impacts all of those safeguards. HIPAA regulations put controls on the appropriate technologies to use for communications, and can require that a Business Associate relationship be established when using any services that involve any persistence of custody of Protected Health Information, such as some communications and videoconferencing technologies. Violations of HIPAA rules can lead to penalties in the millions of dollars. In addition, regulations on mental health, and on Substance Use Disorders in particular, are very strict and must be considered in addition to HIPAA.