Telemedicine Toolkit

Health and Human Services (HHS) Office for Civil Rights (OCR): Telehealth and HIPPA during COVID-19 Pandemic
  • Telehealth services may be provided, for example, through audio, text messaging, or video communication technology, including video conferencing software
    • Provider should be in a private setting, ordinarily in clinic or office (but does not mandate these locations)
  • Up to provider discretion as to what can reasonably be covered by telehealth 
  • Covered health care providers will not be subject to penalties under HIPAA that occur during good faith provision of telehealth during COVID-19
    • Good faith: attempting to provide the most timely and accessible care possible
    • Currently no expiration date; will be announced at a later date
  • Examples of “bad faith”: 
    • Criminal acts: fraud, identity theft, intentional invasion of privacy
    • Sale of patient data 
    • Ethical violations
    • Use of public-facing remote communications such as: TikTok, Facebook Live, Twitch, or public chat room. These provide wide or indiscriminate access to the communications
  • HHS advocates the use of non-public facing platforms that employ end-to-end encryption
    • Only an individual and person to whom the individual is communicating to see what is transmitted
    • Support individual user accounts, logins, and passcodes to limit access and verify participants 
  • Examples of non-public facing products (although none specifically endorsed by OCR):
  • Providers encouraged to notify patients that these third-party applications potentially introduce privacy risks, and providers should enable all available encryption and privacy modes when using such applications 

Improving the health of children worldwide through philanthropic support of scientific and educational programs.