HIPAA

During the COVID-19 public health emergency (PHE) the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) sought to increase patient access to telehealth services by waiving penalties for violations of certain requirements under HIPAA. OCR also provided flexibility for sharing patient identifying protected heath information (PHI) for public health purposes. With the end of PHE, these measures have expired.

During the COVID-19 public health emergency (PHE) the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) sought to increase access to treatment by issuing guidance on the use of remote communication technologies, including audio-only technology (e.g.,Voice over Internet Protocol (VoIP) and mobile technologies that use electronic media such as the internet, intra-and extranets, cellular, and Wi-Fi), to provide telehealth2 in compliance with HIPAA. While the PHE ended on May 11, 2023, OCR’s guidance on the use of audio-only technology for telehealth remains in effect.

Archived recording of July 2023 national webinar facilitated by the CoE-PHI to update our audiences on the current state of the federal laws, regulations, and guidance related to the privacy of substance use disorder and mental health treatment information.

The federal health privacy laws and regulations for SUD and MH treatment have recently changed, and more changes are forthcoming. This resource provides information about the changes and links to resources where you can learn more.

OCR announces the expiration of COVID-19 HIPAA enforcement discretion and transition period for telehealth.

This framework can help answer a fundamental question: “How are we considering the impacts to individuals as we develop our state’s 988 crisis response network?”