By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author
As a healthcare provider, you are familiar with the Public Health Emergency (PHE) declaration that has been in place since the beginning of the COVID-19 pandemic. This declaration has provided a number of flexibilities and protections for healthcare providers, including increased telehealth access and relaxed HIPAA requirements.
Deadline Reached
On May 11, 2023, the PHE declaration expired. With this, the relaxed regulations and waivers put in place during the pandemic expired, and providers need to return to full compliance with HIPAA regulations. This means that you must ensure that your policies and procedures for safeguarding PHI are up to date.
We help healthcare providers navigate the complexities of HIPAA compliance. This includes your risk assessments, policies and procedures development, training and education, and ongoing compliance support. This can ensure that you are fully prepared for the expiration of the PHE declaration and are in full compliance with HIPAA regulations.
What To Do
First and foremost, healthcare providers need to remain vigilant in protecting the privacy and security of their patient’s protected health information (PHI). With the end of the PHE declaration, the relaxed regulations and waivers put in place during the pandemic will expire. Providers will now need to return to full compliance with HIPAA regulations. This means that providers must ensure that their policies and procedures for safeguarding PHI are up-to-date and effective.
Another critical step is to review your telehealth policies and procedures. As you’re well aware, telehealth has become a vital tool in delivering healthcare during the pandemic. And its use is expected to continue to grow in the post-PHE era. You should ensure that your telehealth policies and procedures are compliant with HIPAA regulations. Additionally, your telehealth platforms must be secure and reliable.
All healthcare providers should conduct a comprehensive risk analysis to identify potential security threats and vulnerabilities in their practice. With the end of the PHE declaration, hackers and cybercriminals may increase their attempts to exploit weaknesses in healthcare providers’ systems. It is crucial to take proactive measures to protect patients’ PHI from cyber threats.
This article was originally published on HIPAA Secure Now! and is republished here with permission.