Pandemic Poses HIPAA Compliance Issues for Providers


You’re seeing a patient virtually via telemedicine when suddenly a family member walks into the room and can be seen going about their business, picking up laundry, getting keys to the car, grabbing a snack from the refrigerator, what have you. What to do?

It’s a scenario that recently played out not once, but twice, by the same healthcare provider who is now facing a potential complaint by the patient with the Office for Civil Rights (OCR). Not only did the provider fail to provide a secure and private environment, she continued with treatment, ignoring the elephant in the room.

Telemedicine has proven to be a valuable tool for delivering healthcare services in these challenging times. However, as the use of virtual visits increase, providers are facing new and challenging circumstances in which they are expected to do their job.

While many are still able to provide care in a private and professional healthcare environment, others are doing so, particularly those in the mental health arena, from their homes where the prospect of a HIPAA violation is more likely to occur. This can prove quite costly. HIPAA violations result in fines per offense which range between $100 and $50,000!

Although OCR did loosen some HIPAA restrictions in light of the public health emergency, it put out an FAQ sheet that explicitly states:

“OCR expects healthcare providers will ordinarily conduct telehealth in private settings, such as a doctor in a clinic or office connecting to a patient who is at home or at another clinic. Providers should always use private locations and patients should not receive telehealth services in public or semi-public settings, absent patient consent or exigent circumstances.”

Sharing information with family, friends or even co-workers (unless the patient has expressly stated that information sharing is allowed) is against the law.

Improperly securing or storing patient personal health information (PHI) can result in potential leaks. Are you taking notes on paper and leaving them on your desk for others to see? Are you using a computer to which others may have access? Are you using a secure portal to provide care? If you said yes to the first two and no to the third, you may be opening yourself up to a HIPAA violation.

The pandemic has changed the landscape for healthcare providers. Policies and regulations are changing rapidly as everyone responds to the COVID-19 pandemic.

Our team of highly skilled attorneys and consultants are here to help you before you become the focus of an investigation, and will aggressively defend you should you become the target of one. Give us a call at 305-358-4500 or email

Ready to find out more?

Call 305-358-4500 to schedule a
FREE 15-minute consultation today!

Posted in

The Health Law Offices of Anthony C. Vitale