April 2, 2020 / HARRIS MEYER
HHS won’t enforce penalties for violations of certain provisions of the HIPAA privacy rule against healthcare providers or their business associates for good-faith disclosures of protected health information for public health purposes during the COVID-19 emergency.
The HHS Office for Civil Rights said Thursday that it was exercising its enforcement discrimination in making the policy change during the declared emergency period. The notification was issued to support federal and state agencies, including the CMS and the Centers for Disease Control and Prevention, that need access to COVID-19 related data including protected health information.
“The CDC, CMS, and state and local health departments need quick access to COVID-19 related health data to fight this pandemic,” OCR director Roger Severino said in a statement. “Granting HIPAA business associates greater freedom to cooperate and exchange information with public health and oversight agencies can help flatten the curve and potentially save lives.”
