Prior to the COVID-19 pandemic, the vast majority of patients were unfamiliar with telemedicine, and relatively few medical practices offered any form of virtual care. According to a J.D. Power report released in late 2019, only 10% of U.S. healthcare consumers had used telehealth services. Fast forward to March 2020 and across the nation, telemedicine has become a lifeline connecting practices to their patients. As of April 2020, the research company Forrester predicts there will be more than 1 billion U.S. virtual care visits in 2020. The company went as far as to state it expected “time and resource constraints to create a supply crisis for virtual care during the pandemic.”
Many medical practices have embraced telemedicine to deliver high-quality care to their patients during a time when the dynamics of office visits have dramatically changed. Whether a medical practice is new to telemedicine, or a group has recently expanded its use of the technology, like other areas of healthcare, practices must be aware of and focus on numerous laws and regulations, liability risk, and patient expectations. As part of continuously improving their virtual care offerings, practices should develop telemedicine policies and procedures, which may include checklists, to help assure that all regulatory requirements are met at each visit for the applicable jurisdiction. These regulatory requirements vary from state-to-state and address things such as telemedicine encounter documentation requirements, consents, patient and provider identification, and providing virtual care to minors.
Practices must also be aware of licensure and HIPAA privacy and security requirements. In recognizing the value of telemedicine as means to keep patients and providers connected safely at a distance, states across the country, as well as federal agencies, have made numerous—albeit temporary—changes to encourage the use of telemedicine. Changes in state licensing requirements and federal privacy and security standards have eased several administrative burdens on telemedicine deployment. The Federation of State Medical Boards has maintained an updated catalog of COVID-19 related state waivers and modifications for telehealth. It is expected however that these interim emergency provisions will revert when no longer justified, and the normal requirements will apply once again. Practices should familiarize themselves with the applicable standing laws and regulations in anticipation of the cancellation of these modifications once the current health crisis subsides.
One of the more important aspects of a telemedicine visit, especially for a new office patient, or an existing patient who is new to telemedicine, is appropriately educating the patient about telemedicine before the visit begins. While there are some similarities to the traditional informed consent process for a medical procedure, where risks, benefits, and alternatives are discussed with the patient, obtaining a patient’s informed consent for a telemedicine visit is just as much an exercise in expectation management as it is meeting a legal requirement. Where technology permits, obtaining a patient’s informed consent for telemedicine should be done in writing by way of an informed consent form, including capturing the patient’s written acknowledgment on the document. After obtaining the patient’s written consent, the provider or assistant should confirm whether the patient has any questions about the form that was electronically signed. It should be noted in the visit record that all questions were answered or that the patient did not have any questions. In instances where the communication technology used for the telemedicine visit does not have the capability of transmitting a written consent form or capturing the patient’s written acknowledgment on the form, a verbal consent is acceptable, recognizing the verbal discussion, and documentation of that verbal discussion, is paramount.
In addition to covering some of the risks of telemedicine that are not present in the office setting, such as the possibility of being unable to adequately assess the patient’s condition due to camera resolution or lighting limitations, disruption of the audio/visual telecommunication connection or other equipment failure resulting in abrupt discontinuation of the visit, patients need to understand that by participating in a virtual visit, there is no guarantee they will receive a prescription or other medical order. While some visits are more susceptible to these unrealistic expectations than others, patients need to appreciate at the outset that their provider will use his or her professional judgment to determine whether telemedicine is appropriate for the visit, and determine whether the technology is capable of allowing the provider to properly assess the patient to render a diagnosis and develop a plan of care. In some cases, such a determination cannot be made until the provider has begun the evaluation of the patient and reached a conclusion that the patient cannot be properly assessed remotely, necessitating an in-person visit or a referral elsewhere. If patient expectations are not adequately managed, this can lead to patient disappointment and frustration, either because the visit was not covered by insurance or for cost-sharing responsibility, particularly if patient payment for the service is expected. Much of this friction can be reduced by providing patients with adequate information that properly shapes their expectations for care and payments before the visit begins.
Changes by the Centers for Medicare and Medicaid Services (CMS) and many commercial payers have greatly expanded reimbursement for telemedicine services during the pandemic. As a result of these changes and emergency modification of state laws, in recent months, many patients have used telemedicine for the first time. As patients become increasingly accustomed to and comfortable with virtual visits, the desire by patients to remotely consult with their providers where appropriate is likely to grow in the future. If reimbursement remains generally available for telemedicine, patient demand will likely result in higher telemedicine adoption and utilization rates in the private practice setting. For medical practices who have recently deployed or significantly expanded the use of telemedicine during the health crisis, now is the time to identify and continue to develop best practices in providing virtual care. Beyond the obvious in establishing and maintaining legal compliance with applicable state laws and regulations, practices should be persistently thoughtful about improving patient experience and efficiencies in delivering care by way of telemedicine. In doing so, practices are putting themselves in the best position to increase patient satisfaction, maximize revenue, and reduce liability risk.
Detailed information about telehealth, particularly during the COVID-19 crisis, is available on SVMIC’s COVID-19 Resource Center.
. The terms “telemedicine” and “telehealth” are often used interchangeably. In most contexts, both generally refer to the delivery of healthcare using communication technology. The focus of this article however is on the delivery of medical care for the purpose of rendering a diagnosis and treatment plan by remote means as recognized by state laws and/or regulations.
. As a general rule, the laws and regulations in the state where the patient—not the provider—is located at the time of the telemedicine encounter apply.
. https://www.fsmb.org/siteassets/advocacy/pdf/states-waiving-licensure-requirements-for-telehealth-in-response-to-covid-19.pdf. As noted by the Center for Connected Health Policy, “Telehealth policy changes occurring within the COVID-19 environment have been rapidly developing on almost a daily basis.” https://www.telehealthpolicy.us/
. In addition to being good practice in every setting, in some states, there is an expressed requirement to obtain a patient’s informed consent for a telemedicine visit.
Justin Joy is an attorney with Lewis, Thomason, King, Krieg & Waldrop, P.C. He has a variety of experience in the area of information privacy and cybersecurity including security incident investigation, security awareness and policy drafting, cyber risk management including insurance policy coverage consultation and breach response management. He also provides counsel in healthcare liability defense and healthcare compliance matters. As Lewis Thomason's chief privacy officer, Justin promotes an awareness of privacy and security-related issues for the firm. Justin has earned the Certified Information Privacy Professional/United States (CIPP/US) credential through the International Association of Privacy Professionals (IAPP).