HHS to Ease Data Privacy for Community Test Sites


The U.S. Health and Human Services Department imposes ease in inpatient health data collection and protection on community testing sites.

Last April, the rules for healthcare data was finalized by HHS, leaving patients in charge of their records. A modern computing standard was set for patients to use tools to shop and coordinate their care using a smartphone.


In partnership with the National Coordinator for Health Information Technology (ONC) and Centers for Medicare & Medicaid Services (CMS), the decision will help patients make better decisions. Both public and private entities can share health information between patients while keeping it secure.

Data Privacy For Community Testing Sites

Now that there are more testing sites all over America, HHS said operators could easily collect relevant data without the strict security and privacy regulations. Under the Health Insurance Portability and Accountability Act or HIPAA, healthcare providers can access patient info.


HIPAA doesn’t include insurance and clearinghouse functions, only participating in business associates and healthcare providers.

“During the COVID-19 national emergency, which also constitutes a nationwide public health emergency, certain covered health care providers, including some large pharmacy chains, and their business associates may choose to participate in specimen collection and testing sites,” said HSS.

The notice of laxed regulations on data protection was posted on Monday, May 18. However, providers are mandated to alert anyone whose data was collected through a testing site, if a data breach occurs.

Reasonable Safeguards

HSS provided a set of standards for healthcare providers and business associates. Part of the reasonable safeguards is disclosing only minimum protected health information except for PHI for treatment.

Additionally, HSS also required setting up canopies or opaque barriers to providing privacy to individuals during the swab collection procedure. Healthcare providers in the testing sites must also establish a buffer zone to prevent media from filming individuals.

Posting a notice on privacy practices on how to find the NPP online is also required under the reasonable safeguard guideline. These are all part of the government’s promise to ‘put patients at the center of their care’ by promoting full access to health information.

The federal government partners with the technology community to develop innovative apps for Medicare patients. Beginning in 2021, Medicair, CHIP, and Medicare Advantage are all required to share health information with patients in a safe and user-friendly electronic format or application.

To further enhance healthcare innovation, all Medicare and Medicaid participating hospitals are mandated to send notifications to another facility or practitioner.