Q: Regarding patient portals, to what degree is it the individual’s responsibility to keep his or her health information private? Would the healthcare organization be liable if someone else obtained the individual’s login credentials—perhaps if the individual is known to use the same password for many applications—and accessed the records?
As employers prepare for possible impacts of the Coronavirus (COVID-19), one important step is to review the types of health disclosures that the Health Insurance Portability and Accountability Act (HIPAA) does and does not allow in such times of crisis.
Q: HHS recently issued a notice that fee limitations will apply only to an individual’s request for access to their own records and not to an individual’s request to transmit records to a third party. Will limitations imposed by state law now apply?
While the healthcare industry rightfully remains focused on handling the COVID-19 pandemic, compliance officers should also be aware of two rules that dropped in early March.
Healthcare facilities across the world are faced with myriad challenges as they aim to diagnose and treat cases of COVID-19. HHS and the Office for Civil Rights (OCR) have instituted several changes during the nationwide public health emergency, some of which modify HIPAA laws and directly impact healthcare organizations around the country.
