Federal regulators announced another set of regulatory changes and waivers, particularly relating to telemedicine, in response to the growing pandemic crisis throughout the United States.  These changes are described below:

CMS Announced 1135 Waiver Expanding Coverage for Telemedicine

On March 17, 2020, the Centers for Medicare and Medicaid Services (CMS) announced that, consistent with the COVID-19 supplemental appropriations bill passed and signed earlier this month, Medicare would, retroactive to March 6, 2020, cover routine telehealth visits with a practitioner (not limited to physicians) with whom the patient already has an existing relationship.  Such visits do not have to be COVID-19-related. Such services can be provided through smartphone technology, including to patients in their home.  Telehealth services are to be reimbursed at an amount equal to that of an in-person visit.  In addition, CMS cleared the way for state Medicaid programs to expand their coverage of telehealth services without further federal approval.

OIG Eliminates Sanctions for Routine Waiver of Copayments and Deductibles Related to Telehealth

On Tuesday, March 17th, the Health and Human Services Office of Inspector General (OIG), the primary enforcement agency for crimes and violations involving the Medicare program, announced that it would not pursue sanctions or penalties against any provider who routinely waived or reduced copayments or deductibles for telehealth services during the COVID-19 crisis.  Such waivers or discounts are typically subject to stiff penalties under the Anti-Kickback Statute, Civil Monetary Penalty Law and the OIG’s exclusions authority.

OCR Will Not Impose Penalties on HIPAA Violations with regards to Telehealth Services

Consistent with the relaxation of other regulatory frameworks impacting telehealth services, the Health and Human Services Office of Civil Rights (OCR) announced that it would not seek penalties on providers who violated HIPAA regulations in providing telehealth services to patients during the COVID-19 crisis.  Even where permitted by federal or state law, most telehealth interactions had to be provided through proprietary platforms which included additional privacy and security safeguards in order to comply with HIPAA rules.  OCR’s announcement allows providers and patients to use a variety of common commercial products that are available as smartphone apps, including Skype, Google Hangouts, Facebook Messenger video chat, and Apple FaceTime.  These were specifically referenced as  suitable tools, while other platforms, such as Twitch, TikTok and Facebook Live were considered inappropriate and still prohibited because of their public-facing nature.

HHS Secretary Waives HIPAA Provisions during Public Health Emergency

The Secretary of Health and Human Services Alex Azar further announced that, starting March 15, 2020 and during the duration of the state of emergency caused by COVID-19, certain HIPAA provisions would be waived for hospitals.  In particular, this waiver would allow hospitals to speak to a patient’s friends or family members about their care without the patient’s authorization and to list patients in a facility directory without their opportunity to object.  In addition, hospitals are no longer required to distribute a notice of privacy practices, nor are hospitals required to abide by a patient’s request for confidential communication or privacy restrictions on the use or disclose of their information.