Blog Image

On May 11, 2023, the United States public health emergency (PHE) will come to an end. For telehealth providers, one major change will be the end of HIPAA enforcement discretion.This article will give you an overview of telehealth HIPAA compliance, and how you can prepare for the upcoming changes.

Best practices for following HIPAA rules and regulations

Telehealth HIPAA compliance can be complex, and exceptions do exist. However, these are some general guidelines that can help you prepare for the end of the PHE.

1. Learn cyber security basics:

Keeping patient communication secure means maintaining a high level of cyber security. Here are a few tips:

  • Use encrypted email or a secure platform to share patients’ healthcare information.
  • Avoid using a shared computer for telehealth calls. If you do use a shared computer, be careful about accessing and saving personal information such as login credentials and PHI.
  • Find a HIPAA-compliant telehealth software option (and stick to it).
  • Have a business associate agreement (BAA) with your telehealth platform.
A BAA is a contract between you and businesses you work with that may have access to your patients’ Protected Health Information (PHI). This contract requires that these companies keep PHI private.
Benedykt Michalski
2. Get a business associate agreement

A BAA is a contract between you and businesses you work with that may have access to your patients’ Protected Health Information. This contract requires that these companies keep PHI private.

3. Make sure you’re talking to the right person

When meeting virtually with a patient, make confirming their identity a routine. This can having them:

  • Upload an image of their ID.
  • Show their ID at the beginning of the call.
  • Confirm personal identifiers (two or more are recommended), like date of birth or home address.

4. Keep patient visits private

Telehealth means that you can take a call from just about anywhere. That doesn’t mean you should start working from the beach though—telehealth visits should generally be taken in a private setting. Here are a few ways to help your patients feel that their visits are confidential:

  • Let your patient know if anyone is in the room with you. If you are inside, it’s a good idea to keep the door closed.
  • Ask and document who is in the same room as (or within earshot of) your patient.

Will telehealth still be important after the PHE ends?

Virtual care has opened up a lot of opportunities for many patients. It’s made it easier for people to get care from the comfort of their own homes, without having to travel or take off work. For some, it has made health care more accessible. For others who already had access to health care but avoided doctor visits, it has allowed for a more convenient and approachable experience.