A snippet from the Executive Summary of a new report written by Robert Gellman and Pam Dixon:
This report offers an analysis of existing laws and practices regarding both types of HIPAA COVID-19 waivers. The report recommends that, when the current emergency subsides, the Secretary of HHS review in a systematic way the privacy, security, and legal questions about all HIPAA waivers. The report further recommends that HHS prepare for future health emergencies with advance planning for HIPAA waiver practices. The report recommends that the National Committee on Vital and Health Statistics be tasked with the fact-finding and policy work needed to develop legislative and administrative recommendations for HIPAA waivers. Discussions about HIPAA waivers should involve all relevant stakeholders. Finally, once the Secretary completes a review of waiver authority, the report recommends that the US Congress reform the statutory HIPAA waiver rules.
You can download their analysis and full report here.