What is Telehealth?
The Health Resources and Services Administration (HRSA) of the U.S. Department of Health and Human Services (HHS) defines telehealth as the use of electronic information and telecommunications technologies to support and promote long-distance clinical health care, patient and professional health-related education, and public health and health administration. Technologies include videoconferencing, the internet, store-and-forward imaging, streaming media, and landline and wireless communications.
Telehealth services may be provided, for example, through audio, text messaging, or video communication technology, including videoconferencing software. For purposes of reimbursement, certain payors, including Medicare and Medicaid, may impose restrictions on the types of technologies that can be used.1 Those restrictions do not limit the scope of the HIPAA Notification of Enforcement Discretion regarding COVID-19 and remote telehealth communications.
Where can health care providers conduct telehealth?
OCR expects health care providers will ordinarily conduct telehealth in private settings, such as a doctor in a clinic or office connecting to a patient who is at home or at another clinic. Providers should always use private locations and patients should not receive telehealth services in public or semi-public settings, absent patient consent or exigent circumstances.
If telehealth cannot be provided in a private setting, covered health care providers should continue to implement reasonable HIPAA safeguards to limit incidental uses or disclosures of protected health information (PHI). Such reasonable precautions could include using lowered voices, not using speakerphone, or recommending that the patient move to a reasonable distance from others when discussing PHI.
"Public" vs "Non-Public" facing remote communication
A “non-public facing” remote communication product is one that, as a default, allows only the intended parties to participate in the communication.
Public-facing products are not acceptable forms of remote communication for telehealth because they are designed to be open to the public or allow wide or indiscriminate access to the communication