Coronavirus and HIPAA
HIPAA was created to protect our health information, but there are times when the public need for that information outweighs the benefits of protecting it. That’s the case with the current breakout of the Novel Coronavirus. To state the policy in this regard as clearly as possible, the CDC has released a fact sheet for your review – https://www.cdc.gov/coronavirus/2019-ncov/downloads/2019-ncov-factsheet.pdf.
Essentially, in the event public health authorities need access to health information to ensure public health and safety, they are entitled to do so. There are still restrictions, however, and if you’re facing a demand to release information, you should reference the specific laws. However, generally speaking, if the CDC or local health department knock on your door seeking specific patient information without patient consent, they have a legal ground to stand on. You are also free to communicate with persons who may be at risk as a result of being in contact with another patient in your office, for example. You don’t have the right to release the patient’s name to other patients, but you do have the right to inform them that you had an infected patient in your office at a problematic time.
The Coronavirus is an example of how HIPAA can help us, but it can also be a hindrance.
If your organization has virus-related questions, we encourage you to reach out to the CDC. Please feel free to contact us with any HIPAA related questions you may have.
If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.
For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.