Telehealth and the law: addressing the risks

Information technology, such as video conferencing, remote patient monitoring and even Wi-Fi and mobile devices, has created opportunities for physicians and other healthcare providers to profit from telehealth services. Through telehealth services, providers are able to deliver healthcare services to patients remotely, without the need for an office visit, a trip to the hospital, or a face-to-face interaction. While telehealth is especially helpful for those who live in rural or underserved areas, telehealth can even be profitable in urban and well-served areas. Why should a patient leave their home to see their therapist or have their mole examined when they can just video conference with their psychiatrist or e-mail a picture of their blemish to their dermatologist? 

Not only has patients’ access to providers increased, but providers’ access to patients has grown as well. As a result of technology, medical providers now face greater competition, not only from the provider down the road, but also from providers who are located outside of their jurisdiction. There are barriers to out-of-state providers delivering telehealth services, however. Most states require healthcare providers to be licensed in the state where a telehealth patient is located. In addition, states regulate the practice of medicine within their borders, and thus have control over how out-of-state healthcare providers provide services to patients in that state. 

While there are ways for states to put up barriers to competition from out-of-state healthcare providers, there are limits on those barriers. A 2015 Supreme Court decision ruled that a state dental board could not be made up almost entirely of practicing dentists who have the ability to influence the marketplace to their benefit, and based on that decision, the Federal Trade Commission has issued guidance regarding the make-up of state professional boards in order to avoid conflicts with Federal anti-competition rules. This ruling suggests that anti-trust rules that are typically only applied against private business may also be applied against government entities, including state regulators of telehealth.

There are certain risks that healthcare providers may face in providing out-of-state telehealth services. Many malpractice policies do not cover services provided in another state or require a rider for out-of-state services. In addition, telehealth providers must comply with patient confidentiality rules such as HIPAA and state patient information rules. HIPAA does not have any specific telehealth provisions, so a telehealth provider would need to comply with HIPAA to the same extent as if the service was provided in person, which becomes more difficult with the added use of technology and technology vendors. Therefore, telehealth providers should assess vulnerabilities posed by the use of technology to provide telehealth services, and should consider investing in cyber insurance.

Telehealth providers also face increased scrutiny from payers. A recent government audit of Medicare telehealth claims revealed that almost one-third of audited claims did not meet proper Medicare billing requirements. Medicare and other insurers are typically suspicious of services they deem susceptible to abuse, and because of the distance between the provider and the patient and the technology involved, insurance companies consider telehealth to fit that description. And since Medicare and insurers effectively control how providers get paid, telehealth providers need to carefully follow all reimbursement rules.

Technological advances continue to shape the healthcare industry as a whole. Through telehealth, providers are able to leverage technology to provide services that would otherwise be unavailable to them. While the essence of healthcare services is to provide for patients’ health and well-being, there is no denying that providing healthcare services is a business. As businesspeople, providers must understand the risks involved in providing telehealth services in other states. Rules of practice that apply in their home state might not apply in another state. Protections put in place in their home state may not apply or might require modifications in another state. Therefore, telehealth providers who seek to expand into other states must not only consider whether expanding into another state will be profitable, but they must also assess and address all of the risks involved in that expansion.

John D. Fanburg is chair of the Health Law Practice and the managing member at Brach Eichler LLC, a law firm based in Roseland, NJ. He can be reached at (973) 403-3107 or jfanburg@bracheichler.com. Jonathan J. Walzman is an associate in Brach Eichler’s Health Law Practice.  He can be reached at (973) 403-3120 or jwalzman@bracheichler.com.