The OCR relaxed regulations apply to providers and patients in the District of Columbia, which allow the use of popular, non-HIPAA compliant technologies such as Apple FaceTime, Facebook Messenger, Google Hangouts, and Skype to conduct telehealth visits. These changes only apply to visits conducted as early as March 6, 2020, will apply to the duration of the public health emergency, and will end 60 days after the mayor declares an end to the public health emergency.

On March 25, 2020, DHCF released a DC Medicaid Telemedicine Guide that cautioned providers about non-HIPAA compliant applications, reviewed available third party products, and compared the costs, features, and implementation for four products.

Sources:
March 19, 2020 Transmittal #20-08 from Melissa Byrd, Senior Deputy Director/State Medicaid Director DC Medicaid Telemedicine Guide

The extent to which policies and procedures need to be modified depend on whether providers are already using telemedicine technologies in their current practices. eHealthDC recommends checking with your compliance staff and/or legal counsel to determine the additional policies and procedures that may be appropriate.

Test the quality of internet, if possible, to ensure the visit can be conducted from their particular device (phone/tablet/computer).

Verify VPN to network in the clinic and/or secure wireless (this means having a level of encryption on your network and password)

Need up to date anti-malware and anti-virus on dedicated business or practice laptop to avoid interception; use home computers as a last resort. If a home computer is used, no PHI should be saved to the local hard drive.

Private location to conduct telemedicine visits, without distraction from family or pets.