Maize Analytics wants to ensure that you have all the resources you need to help stay up-to-date on compliance and privacy news during the COVID-19 pandemic. We thank you and all the healthcare workers in your organization for all the work you do to protect and save lives. 

 

The Health and Humans Services (HHS) Office for Civil Rights (OCR) COVID-19 page includes announcements, notifications, guidance and more. Visit their page.

For all news releases from the HSS OCR, visit their Official News page.

To join the OCR Privacy Email List for direct updates, register here.

HealthIT.gov has compiled various resources from the HHS and CDC related to COVID-19 for the health IT community and healthcare providers. Visit their resource page.

 

ICD Codes for COVID-19 

The Centers for Disease Control and Prevention (CDC) has released 2 documents with ICD-10-CM coding guidelines for encounters related to COVID-19. 

HHS OCR HIPAA Privacy Bulletin: February 3, 2020
The HHS OCR issued this bulletin for guidance on how patient information can be shared under the HIPAA Privacy Rule in an outbreak of infectious disease or other emergency situation.

COVID-19 & HIPAA Bulletin: Limited Waiver of HIPAA Sanctions and Penalties During a Nationwide Public Health Emergency
In March 2020 The Secretary of HHS, Alex Azar, exercised the authority to waive sanctions and penalties against a covered hospital that does not comply with certain privacy rules.

Telehealth Enforcement Discretion Announcement
To help medical providers serve patients during COVID-19, the OCR announced it will waive potential penalties for HIPAA violations against providers serving patients using everyday communication technologies.

HHS OCR Notification of Enforcement Discretion under HIPAA to Allow Uses and Disclosures or Protected Health Information by Business Associates for Public Health and Health Oversight Activities in Response to COVID-19
HHS OCR announced that it will not impose penalties against covered entities or their business associates for uses and disclosures of protected health information (PHI) by business associates for public health oversight activities during the COVID-19 public health emergency.

COVID-19 and HIPAA: Disclosures to law enforcement, paramedics, other first responders and public health authorities
To help protect first responders and prevent further spread of the COVID-19 virus, the OCR released guidance on sharing PHI of individuals infected or exposed to COVID-19 with first responders.

HIPAA Enforcement Discretion Regarding COVID-19 Community Based Testing Sites (CBTS) During the COVID-19 Nationwide Public Health Emergency
On April 9, 2020 the OCR issued a Notification Enforcement Discretion announcing that they will not impose penalties against covered entities or business associates for violations of HIPAA in the operation of a COVID-19 community-based testing site (CBTS) during this public health emergency. 

 

OCR Issues Guidance on Covered Health Care Providers and Restrictions on Media Access to Protected Health Information about Individuals in Their Facilities
On May 5, 2020 the OCR issued a guidance document for covered health care providers as a reminder that the HIPAA Privacy Rule does not permit them to give media and film crews access to facilities where patients’ protected health information (PHI) will be accessible without the patients’ prior authorization.