HIPAA

COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.

WPF to discuss COVID-19 lessons learned and challenges ahead at OECD – Global Privacy Assembly Workshop

WPF Executive Director Pam Dixon will be presenting at an OECD and Global Privacy Assembly workshop on the risks, challenges, and potential solutions regarding the intersection of COVID-19 and the uses of identity in a global public health crisis. Event details: COVID-19 and privacy virtual Workshop on “The road to recovery: Lessons learned and challenges ahead”, hosted

May 19, 2020 WPF Statement regarding HHS Secretary’s Section 1135 COVID-19 HIPAA Waiver

This statement discusses a 72-hour “statutory waiver” of 5 basic HIPAA rights (including the right to confidential communications). The waiver is triggered by the Secretary of HHS and applies for a 72-hour period beginning upon implementation of a hospital disaster protocol. This statement discusses this waiver, what it is, what is means, who is impacted, and our recommendations.

April 15, 2020 WPF Statement on the COVID-19 Community Based Testing Sites HIPAA Waiver

In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced a HIPAA waiver April 9, 2020 regarding Community Based Testing Sites, which waives enforcement of all HIPAA privacy and security protections and data breach rules from some health care activities affecting COVID-19 testing.  This statement from WPF includes the following information:  
-What are the changes the Community Based Testing Sites HIPAA waiver creates? 
-What are the privacy concerns? 
-WPF recommendations to correct the privacy problems in the Community Based Testing Sites HIPAA waiver  
-Background on HIPAA waivers and a list of all current waivers in force