Am I HIPAA compliant?

This question ought to be foremost in the minds of medical providers, as the vast implications of HIPAA (or the Health Insurance Portability and Accountability Act) can affect pocketbooks and lives. As the field of medicine becomes more technologically entrenched, we need to focus more than ever on how to make Telehealth encounters HIPAA-compliant.

Consider, for instance, a nurse who uploads a photo to Snapchat at her open workstation. Could she face fines? Yes. An MD uses iMessage to send PHI to another provider. Is this a HIPAA violation? Yes.

How is compliance enforced?

In 2017, a wireless health services provider known as Cardionet paid $2.5 million in HIPAA fines. They reported to the Department of Health and Human Services a lost employee laptop in 2012. Per the HHS report: “OCR’s investigation into the impermissible disclosure revealed that CardioNet had an insufficient risk analysis and risk management processes in place at the time of the theft. Additionally, CardioNet’s policies and procedures implementing the standards of the HIPAA Security Rule were in draft form and had not been implemented. Further, the Pennsylvania –based organization was unable to produce any final policies or procedures regarding the implementation of safeguards for ePHI, including those for mobile devices).” Not knowing the rules does not mean you can violate them.

According to the American Medical Association, civil monetary penalties for HIPAA violations range from $100-1.5 million per year depending on the cause and intent, and whether or not corrections were made. Violators could also face imprisonment from 1-10 years depending on the type of offense. Although health insurance providers and health plans can dominate the media reporting of HIPAA violations (over 500 providers in 2017 paid over $19 million in fines), HIPAA violations can affect individuals, Medicare prescription drug card sponsors, and anyone who provides health care. According to the Compliancy Group, “Once you’ve had a HIPAA breach, the name of your practice is permanently listed on Breach Portal–including the offense, date, and number of individuals affected. “If you review the Department of Health and Human Services “Breach Portal,” you will note that violations related to email, laptop, server errors far outnumber the cases related to unauthorized access to paper files.

What are the chances that I’ll be fined?

Beyond the financial and legal implications, providers should strive to want to protect their patient’s protected health information. HIPAA violations breach patients’ trust and confidence in their providers. Especially now that we have such HIPAA compliant resources, it has never been easier to provide the telehealth services patients want while still maintaining compliance.

The importance of HIPAA compliance in Telehealth encounters cannot be understated. As the brick and mortar walls fade in medicine, we need to redouble efforts to remain HIPAA compliant to protect patients and avoid significant penalties.

 

Want to offer Telehealth services using the most reliable HIPAA video conferencing platform? Sign up for our free 14 day trial to get started!

Read More

Towards the end of 2017, the House passed a major bill concerning all Veterans regarding health care. It’s called the Veterans E-Health and Telemedicine Support Act of 2017 (VETS) (H.R. 2123). In short, the goal is to allow medical professionals the ability to provide Telemedicine services regardless of where the professional or patient is located. As long as that provider holds a professional license in one state, they would be able to provide VA medical or health services.

Background

The VETS Act of 2017 was introduced in Congress with bipartisan support by Reps. Julia Brownley (D-Calif.) and Glenn Thompson (R-Pa.) in April of last year but has recently passed the House Committee on Veterans’ Affairs with little opposition, paving the way for the bill to become law.

Last September the VA published a proposed rule in the Federal Register that would allow VA health care providers to practice Telehealth across state lines, as long as their licenses permit them within their own state. Their vision for this rule is to “ensure that VA health care providers provide the same level of care to all beneficiaries, irrespective of the State or location in a State of the VA health care provider or the beneficiary.”

Veterans would not be disadvantaged by their location, which may have a lack of specialists or even general providers. The rule would provide options and availability that would otherwise not exist because instead of being limited to providers in one state, they would have options from 50.

How H.R. 2123 Helps Veterans and Doctors

As the rules stand now, VA officials may only permit healthcare professionals to work across state lines via Telemedicine if the veteran and the doctor are located on a federally owned facility. This has ostensibly caused many problems for patients who live in rural areas and are not located near a location that is federally owned. Furthermore, the doctors themselves are limited to treating patients who fall under the very narrow criteria as it’s currently written. H.R. 2123 aims to mitigate these barriers by allowing doctors to work across state lines via Telemedicine while also allowing the patients to be treated within their own communities or homes. Removing the location boundaries is a great benefit to veterans who would, without Telehealth, not have access to medical professionals trained to deal with their unique conditions and circumstances.

According to the VA, 12% of the United States’ veterans received Telehealth in 2016 and 90% of those treated said they were satisfied with the online platform.

The American Telemedicine Association and Health IT Now have both come in strong support of the bill and believe it will give patients greater access to the healthcare they need and rightfully deserve after serving our country.

Setting the Stage for Future Telemedicine Practices to Work Across State Lines

If H.R. 2123 becomes law and VA providers can demonstrate that Telemedicine is just as effective as an in-person visit (but with added benefits), the future of Telemedicine for other practitioners and patients is sure to change.
When patients can meet providers virtually they have the option to choose the best one for themselves and get second opinions. Take for example, a behavioral health specialist and a patient that cannot emotionally connect, should they be forced to continue their relationship because he is the only specialist in the area? Or should the patient stop seeking treatment?

Neither of these are a viable solution. Telemedicine would help the patient find a suitable provider while minimizing time and distance constraints. Receiving quality, at-home care is not just a matter of convenience but sometimes of necessity; it can be the difference between going to a professional and not. This is worth opening the law to include all patients.

While patients should have a hassle free way of connecting with out of state doctors, so should providers. This law would remove the frustration of maintaining multiple state licenses (as long as the provider maintains the license of their home state). We can see that this is actually being implemented for physical therapists, and nurses as well come 2018. Allowing a provider to legally practice over state lines is something that make sense for everyone. Once allowed, it would easily become a mainstream practice.

 

If you’re interested in learning more about Telehealth and how it can positively impact your work and the lives of patients across the country, contact us today. SecureVideo is a HIPAA-compliant video service that securely connects patients and providers across the world.…

Read More