Quick Feedback Request
Highlighted Resources & Events
Need Assistance?
Would you like more assistance regarding Privacy and Security strategies or support in using any of the included resource sets?

  Request Support

 

The Quadruple Aim
Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More

Resource Overview

In order to effectively protect health IT systems, Health Center IT leadership needs to consider not only the physical and technical measures of protection for their site, but also the human and workflow measures required to provide the highest levels of privacy and security available throughout their organization.

Resources provided in this section include a set of curated best practices and gold standards for protecting  and effectively responding to health IT system threats. 

Health IT Privacy & Security Best Practices

Using non-traditional technology for telehealth during COVID-19 Pandemic

Using non-traditional technology for telehealth during COVID-19 Pandemic

Issue Brief for implementing commercial applications for telehealth consistent with March 2020 OCR Guidance

Health and Human Services’ Office of Civil Rights (OCR), the entity responsible for enforcing regulations under HIPAA, stated, effective immediately, it will exercise enforcement discretion and will not impose penalties for HIPAA violations against covered healthcare providers if patients are served on a good faith basis during the COVID-19 nationwide public health emergency. OCR has clarified that, during this public health emergency, these technologies can be used for any services, not only those specific to COVID-19. OCR’s guidance states, “covered healthcare providers may use popular applications that allow for video chats, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype, to provide telehealth without risk that OCR might seek to impose a penalty for noncompliance with the HIPAA Rules.” Providers should ensure communication products are non-public facing.

Using one of these technologies should be a last resort, secondary to using traditional telehealth, such as traditional telehealth modalities have healthcare-specific features and security. OCR stresses the importance of using HIPAA-compliant telehealth applications whenever possible from vendors who will enter into Business Association Agreements (BAAs).

Download the resource below for Issue Brief to support implementation of this guidance, including at-a-glance reference of acceptable and unacceptable apps as well as list of Dos and Don'ts.

Previous Article Behavioral Health Consent Management
Next Article Addressing Intimate Partner Violence and Human Trafficking in the Health Center Setting
Print
34707

Documents to download

Acknowledgements

This resource collection was cultivated and developed by the HITEQ team with valuable suggestions and contributions from HITEQ Project collaborators.

Looking for something different or have something you think could assist?

HITEQ works to provide top quality resources, but know your needs can be specific. If you are just not finding the right resource or have a highly explicit need then please use the Request a Resource button below so that we can try to better understand your requirements.

If on the other hand you know of a great resource already or have one that you have developed then please get in touch with us by clicking on the Share a Resource button below. We are always on the hunt for tools that can better server Health Centers.

Request a Resource  Share a Resource