Telehealth: Managing Enterprise-Wide Risks

Telehealth

By: Denise Shope & Carol Miginisky

Telemedicine is defined by the American Medical Association (AMA) as “the use of medical information exchanged from one site to another via electronic communications to improve a patient’s clinical health status.” This exchange is a rapidly expanding method of practicing medicine and is becoming more and more mainstream. Telemedicine is considered a subset of telehealth.

Telehealth vs. Telemedicine

Telemedicine typically refers to traditional clinical monitoring and diagnosis that is delivered by technology. However, the term telehealth is now commonly used to describe the wide range of diagnosis, management, education, and other related fields of healthcare delivered electronically. These include but are not limited to:

  • Dentistry
  • Counseling
  • Physical & occupational therapy
  • Home health
  • Chronic disease monitoring & management
  • Disaster management
  • Consumer & professional education

Regulatory Landscape

Key governing bodies that oversee the use of telemedicine/telehealth (TMH) include the Food and Drug Administration (FDA), the Centers for Medicare and Medicaid Services (CMS), The Joint Commission (TJC), practice specific professional associations, and the Federation of State Medical Boards. 

Other regulations to consider are the Department of Health and Human Service’s (HHS) Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH). In addition, there are state-based telemedicine rules, regulations and licensure requirements which may include the need to apply for and purchase a state-specific telemedicine license. Each patient care setting (including hospitals, physician practice groups, healthcare clinics, urgent care centers, ambulatory surgery centers, home health and global health) is required to comply with all of the requirements mandated by the FDA and CMS and the individual states in which patients are located and providers are based.

Prescribing Pitfalls

Prescribing medications while practicing via telemedicine can be especially challenging. Many states require “face-to-face” examinations or a pre-existing physician-relationship prior to prescribing and some states allow for “electronic” physical examinations prior to prescribing.

Prescribing controlled substances via telemedicine is state-regulated. Prescribers must be cautious and understand the state and federal laws regarding prescribing controlled substances via telemedicine can vary. Additional regulations imposed by various states require a patient medical history and the implementation of appropriate follow-up medical care before prescribing. Exceptions do exist in some states for emergency prescribing and many states prohibit medical questionnaires and a patient-supplied history as the sole basis for the prescription. Ultimately, to ensure compliance, each state’s policy will need to be reviewed prior to prescribing via the Internet.

Privacy & Security Concerns

Additional risks associated with practicing via telemedicine lie with privacy and security concerns stemming from the transmission of confidential and protected information. Because of technological limitations, the transmission of sensitive information over communication lines, such as the internet,creates an avenue ripe for exposures.

Telehealth programs should familiarize themselves with the HIPAA Administrative Simplification provisions, which outline the national standards for privacy and security regarding electronic healthcare transactions. The Privacy Rule sets national standards for the protection, use and disclosure of individually identifiable health information, while the Security Rule sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information (ePHI).

Key Takeaways

TMH is rapidly changing the landscape of healthcare delivery and new tools, standards, regulations are continuously evolving. Patients and providers are engaged now more than ever in mHealth. The healthcare risk manager should take a proactive approach to managing the multidimensional risks that come with the value and innovation of THM. Although there is movement with the implementation of a multistate agreement or “compact” system for the practice of telemedicine this has not happened in all states and will take some time. It is essential that a telemedicine provider has familiarity with and adheres to the closely-regulated state and federal policies, regulations and statutes surrounding physician privileging, credentialing, prescribing, billing and licensing. Furthermore, it is imperative that a practice be knowledgeable of all state-specific rules and regulations in which their providers and patients are located. A comprehensive risk assessment, analyzing all aspects of risk and opportunity, of the organization’s TMH services is key to a successful and sustainable program.

Category