1. Home
  2. Articles
  3. HHS Declares Limited Waiver of HIPAA Sanctions Due to COVID-19
Posted By Paubox, Inc. on 03/20/2020

HHS Declares Limited Waiver of HIPAA Sanctions Due to COVID-19

HHS Declares Limited Waiver of HIPAA Sanctions Due to COVID-19

The Secretary of the U.S. Department of Health and Human Services (HHS) has issued a limited waiver of HIPAA sanctions and penalties due to the nationwide public health emergency caused by COVID-19.

The waiver became effective on March 15, 2020 in response to President Trump’s declaration of a nationwide emergency concerning COVID-19, and the Secretary of HHS Alex Azar’s earlier declaration of public health emergency on January 31, 2020.

The waiver gives a covered hospital some relief if it does not comply with the following provisions of the HIPAA Privacy Rule:

  • The requirements to obtain a patient’s agreement to speak with family members or
    friends involved in the patient’s care. See 45 CFR 164.510(b).
  • The requirement to honor a request to opt out of the facility directory. See 45
    CFR 164.510(a).
  • The requirement to distribute a notice of privacy practices. See 45 CFR 164.520.
  • The patient’s right to request privacy restrictions. See 45 CFR 164.522(a).
  • The patient’s right to request confidential communications. See 45 CFR 164.522(b).

Of note is the waiver only applies under three conditions:

  1. In the emergency area identified in the public health emergency declaration
  2. To hospitals that have instituted a disaster protocol
  3. For up to 72 hours from the time the hospital implements its disaster protocol

SEE RELATED: Nizhoni Health uses Paubox platform to communicate COVID-19 updates

The purpose of enacting the waiver is to make sure the Privacy Rule does not prohibit the sharing of protected health information during disasters to assist patients and make sure they get the care they require. That includes sharing some health information with friends, family members and other individuals directly involved in a patient’s care.

There has been recent precedent of the limited waiver being used in similar emergency situations for Puerto Rico Earthquakes and for Tropical Storm Barry.

The original version of this page was published at:  https://www.paubox.com/blog/hhs-declares-limited-waiver-of-hipaa-sanctions-due-to-covid-19

Covid-19 coronavirus hhs

Paubox, Inc.

Paubox, Inc.

Paubox Marketing is an email marketing platform built for healthcare. Our solution allows healthcare organizations to securely send PHI in marketing emails to drive more engagement and grow busines... Read more

More by Paubox, Inc.

HIPAA Definition of Marketing Explained

The HIPAA Privacy Rule regulates how patients’ protected health information (PHI) can be used for marketing.  In general, HIPAA requires written authorization before a covered ...read more

CISA Alert on Top 10 Routinely Exploited Vulnerabilities

On May 12, the U.S. Department of Homeland Security Cybersecurity Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) released a joint alert on the ...read more

How to Write an Effective Healthcare Email Newsletter

According to the 2019 Adobe Email Usage Study, Americans spend more than 3 hours a day checking work email and more than two hours a day checking personal email.  The return on ...read more

How the CAN SPAM Act Relates to Healthcare Email Marketing

In 2003, Congress enacted the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM Act) to set a national standard for the regulation of unsolicited and unwanted ...read more

Vendors - Get Listed Today
Create a Free Researcher Account
MarTech.Health © 2025. All Rights Reserved.