With the public need to flatten the curve when it comes to COVID-19 infections, hospitals, first responders, and other sectors may need to know when someone is infected. Jackson Walker partner Jeffery P. Drummond, whose practice focuses on HIPAA protections and medical record privacy, discusses how the government is clarifying its flexible guidelines on how industries may apply privacy rules during this pandemic, and how once the emergency goes away, the rules will most likely return to their more rigid application.
The music is by Eve Searls.
This podcast is made available by Jackson Walker for informational purposes only, does not constitute legal advice, and is not a substitute for legal advice from qualified counsel. Your use of this podcast does not create an attorney-client relationship between you and Jackson Walker. The facts and results of each case will vary, and no particular result can be guaranteed.
Prepare for Closer HIPAA Scrutiny of Telehealth as States and Practices Cautiously Reopen (Part B News) »
As states and medical practices slowly reopen and return to normal, the HHS Office for Civil Rights (OCR) will likely end its COVID-19 public health emergency telehealth waivers that were instituted in March. In this article, Jeff Drummond discusses the current rules in place and potential impacts on providers if good-faith use of OCR-forgiven technology causes a data breach. Jeff notes: “Remember, there’s no private cause of action under HIPAA anyway, so when patients sue for a data breach, it’s not technically suing over a HIPAA breach.” He also advises providers to perform a security risk analysis as required by HIPAA. “You should always do one when there’s a major change in line of business, or a tech platform shift, or new IT staff.” (Subscription required)
Security Experts Warn of Elevated Threat of Medical ID Theft During Coronavirus Pandemic (CBS 11 Dallas/Fort Worth) »
Amid the pandemic, patients are at risk of medical identity theft. Jeff, as outside counsel for the Texas Medical Association, shared how providers are not required to encrypt patient data.
Kern County Public Health sends addresses of positive COVID-19 patients to local first responders (23ABC News – Bakersfield) »
As some public health departments send the addresses of positive COVID-19 patients to local first responders, Jeff provided insights on guidelines from the OCR on what information can be disclosed. He noted: “In this current situation, what is reasonable is different than what it would be if we’re not in a pandemic.”
Should HOAs and landlords ask if you have COVID-19? Should you tell them? (The Dallas Morning News) »
The Dallas Morning News quoted Jeff about HIPAA and residents’ right to conceal medical conditions, including if they have been exposed to or contracted the Coronavirus.