http://healthitsecurity.com/news/ocr-permits-business-associates-to-share-patient-data-during-covid-19

– “The Office for Civil Rights will waive penalties for HIPAA noncompliance against providers or business associates over the good faith use and disclosure of protected health information during the Coronavirus, or COVID-19 pandemic.”

While this is a very appropriate exception under the current circumstances, Business Associates need to remain diligent to protect themselves and their patients’ privacy rights even during these unprecedented times; as other HIPAA Security and Privacy Rule requirements remain in effect and enforceable.