Telehealth Policy Changes Could Become Permanent When COVID-19 Public Health Emergency Ends

client photo phi

If there is one good thing to come out of the COVID-19 pandemic it is the changes that have been made to telehealth policies. Following the declaration of a nationwide public health emergency and in the subsequent weeks, around 31 policy changes were introduced covering telehealth, along with many changes at the state level and by health plans.

Some of those changes have had a major impact, notably the removal of geographical restrictions by easing the originating site regulations. That change has expanded access to telehealth to all Americans, no matter where they are located. Prior to that change, telehealth services could only be provided to certain patients, generally patients that lived in rural areas that did not have easy access to healthcare facilities.

Another important change was the expansion of payment for telehealth services by the HHS’ Centers for Medicare and Medicaid Services. This change ensured that healthcare providers could receive payment for providing telehealth services at the same rate as an in-person.

With virtually all Americans able to receive telehealth services during the public health emergency period, there was just the issue of healthcare providers having the appropriate technology to provide those services. Cue a change by the HHS’ Office for Civil Rights (OCR). Under HIPAA, technologies that could be used for the provision of telehealth services were subject to the restrictions of the Health Insurance Portability and Accountability Act (HIPAA).

The barriers of HIPAA were effectively lifted through a Notice of Enforcement Discretion. OCR stated it would not impose sanctions and penalties on healthcare providers for using technologies for telehealth that were not strictly HIPAA compliant, provided they were used for the good faith provision of telehealth services and they were not public-facing. That meant that business associate agreements did not need to be obtained, and even consumer-grade technologies such as WhatsApp and Skype could be used for providing telehealth services without fear of a HIPAA violation penalty.

These three changes alone have helped ensure a massive expansion of telehealth which has helped to control the spread of COVID-19 and improve patient safety. Telehealth services have proven popular with patients and providers alike. Telehealth helps to lower the cost for providers, patients do not need to travel to a hospital allowing them to save on travel costs, and patients do they need to leave the house to receive medical services when they are infectious and feeling unwell.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

However, the changes are only effective for the duration of the public health emergency. Once the public health emergency is declared over, policies will revert to how they were prior to the pandemic.

Now that the benefits of telehealth have become clear, there is growing support for many of the policy changes to be made permanent when the public health emergency ends. Discussions are now taking place to examine which policy changes should be allowed to remain.

The Senate HELP committee convened for a hearing on June 19, 2020 to discuss which changes should be made permanent. At the hearing, Sen. Lamar Alexander (R-Tenn), chair of the Senate HELP committee, explained that COVID-19 has helped show exactly what could be achieved using telehealth. “Because of COVID-19, the healthcare sector and government was forced to cram 10 years of telehealth experience into just three months,” he explained.

Sen. Alexander has given his support for the permanent removal of the originating site restrictions to ensure that all patients can benefit from telehealth services. That policy change has attracted considerable support due to the level of satisfaction from both providers and patients.

There will be times when telehealth is appropriate an times when in-person care is required, so telehealth should not totally replace in-person visits, but it should be an option, suggested Joseph Kvedar, M.D of Massachusetts General Hospital, in a written testimony for the hearing.

There is also strong support for the continued reimbursement for telehealth services by the CMS, although there has been some debate about whether in-person and telehealth visits should be reimbursed at the same rate, since healthcare providers will be able to cut costs through the provision of telehealth services.

The Notice of Enforcement Discretion will end, so healthcare providers will need to execute business associate agreements, but there may be some flexibility over the platforms that can be used. Rather than force providers and patients to use specific applications, the use of platforms that patients are comfortable with using may continue, provided patient are warned about any privacy risks associated with certain apps.

“As a matter of policy, with the increasing availability of free and/or low-cost HIPAA-compliant solutions, and to ensure protection of personal health information, non-HIPAA compliant solutions should only be used in good faith in an emergency,” suggested Karen Rheuban, M.D., professor of pediatrics and director of the University of Virginia Center for Telehealth, in a written testimony submitted to the Senate HELP committee.

What is important is for the policy changes to be discussed and their benefits evaluated to determine which changes should be kept in place once the public health emergency ends, which is exactly what the Senate HELP committee is trying to do. “It’s important to write the rules of the road while the experience is still fresh,” said Sen. Alexander at the healing.

One thing seems almost certain, the expansion of telehealth looks set to continue long after the public health emergency ends.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: