Health Information Technology

Capitol BuildingAs requested by Congress as part of an appropriations bill signed into law late last year, this month, the Department of Health and Human Services (HHS) released a report highlighting its e-health and telemedicine efforts.  The report makes for interesting reading, and while there are no significant surprises in the report, it offers a clear snapshot of some of the agency’s thinking regarding virtual care.

The first thing I noted in the report is the agency’s view that “telehealth holds promise as a means of increasing access to care and improving health outcomes.”  This is important because it has not always been clear whether the agency views telehealth quite in the same favorable way as other stakeholders increasingly do.  The other thing I noted was the agency’s view that the various alternative payment methods currently being tested may facilitate expansion of telehealth.

Among other things, the report details some of the policy challenges faced by telehealth stakeholders:

  • Significant variability in telehealth coverage from one payer to another.
  • State licensure requirements for clinicians and the administrative burden such requirements impose on clinicians.
  • Credentialing and privileging.
  • Gaps in access to affordable broadband.

HHS indicates that many reforms are currently being tested or implemented to address these challenges. For example, in the area of reimbursement, the agency notes that it is currently testing more expansive telehealth coverage through its Next Generation ACO Demonstration, and highlights MACRA’s incentives for physicians to use telehealth.  The report references the agency’s new rule that permits the use of telehealth modalities to provide Medicaid home health services.

The report also provides an overview of telehealth-related federal activity including:

  • The number of telehealth grants administered by HRSA and SAMHSA.
  • The establishment of the Federal Telemedicine Working Group (comprised of 26 agencies and departments such as USDA and the FCC) to facilitate telehealth education and information sharing.
  • ONC developing an inventory of federal telehealth activities.
  • AHRQ providing an evidence map of the available research regarding telehealth.
  • The continued great telehealth work being done within the VA and reasons why that model may not be scalable.

Overall, the report is an illuminating but relatively unsurprising take on agency thinking.  In particular, two nuggets stood out. First, the agency appears to view chronic disease management as a particularly good fit for telehealth.  In recounting that almost half of all adults have at least one chronic illness and that chronic disease accounts for 75 percent of all health expenditures, the report concludes that telehealth “appears to hold particular promise for chronic disease management.” It goes to reason that any expansion of telehealth under Medicare will probably first focus on chronic disease management. Second, HHS signaled the importance of Medicare Advantage in any telehealth expansion effort, by including a proposal in the President’s budget request for FY 2017 to expand the ability of MA organizations to provide telehealth by eliminating otherwise applicable Part B requirements that certain services be provided only in-person.

International TelemedicineAs 2015 winds down, I think it is safe to say that it has been a whirlwind year in telehealth.  According to the National Conference of State Legislatures (NCSL), over 200 telehealth-related bills were introduced in 42 states.  The Federation of State Medical Boards (FSMB) has launched an interstate physician licensure compact that creates a new pathway to expedite physician licensure in multiple states.  Twelve states (with Wisconsin being the latest) have so far enacted the licensure compact.  Many states such as Colorado, Iowa, and Louisiana released regulations or policies that in my view took a more progressive approach to telehealth regulation.

Activity has not just been limited to the states.  Congress has introduced a number of telehealth-related bills such as the TELE-MED Act of 2015 which permits certain Medicare providers licensed in a state to provide telemedicine services to certain Medicare beneficiaries in a different state without having to be licensed in that state.  In addition, a number of reports, surveys, and white papers have been published on all aspects of telehealth.  After many false dawns, telehealth has truly arrived.  But many issues remain to be addressed.

Now we look forward to a new year.  What can we expect?  In addition to a continuation of what has occurred in 2015, there are a few other issues and/or trends that bear watching.  Here are a few:

The Rise of Compacts to Address Licensure Issues

The use of compacts to address licensure issues will continue to gain steam in 2016.  I have already mentioned FSMB’s interstate physician licensure compact.  As many of you know, nurses (RNs and LPNs/VNs) have long had a licensure compact in which a nurse who declares a compact state as his or her primary state of residence can practice (physically and remotely) in other compact states without having to obtain another license.  There are 25 states that are members of the nurse compact.

Other providers are getting in on the act.  Recently, the National Council of State Boards of Nursing, a non-profit association comprising 59 boards of nursing, released a draft compact for advanced practice registered nurses (e.g., nurse practitioners).  The draft APRN compact essentially follows the framework of the nurse licensure compact allowing APRNs to practice in any participating state with just once license. One interesting change in the draft APRN compact not included in the nurse compact is the requirement that states “implement procedures for considering the criminal history records of applicants for initial APRN licensure.”  I expect a number of states to enact the APRN compact in the coming years.

Note that psychologists, physical therapists, counselors, and EMS personnel are just a few of the provider groups that have considered or are considering compact models in some fashion.

Telehealth Accreditation

While there have been some accreditation programs that have touched on telehealth, I believe that 2016 will be the year in which telehealth accreditation takes on new significance.  Two recent examples highlight my point.  About a year ago, the American Telemedicine Association launched an accreditation program for online consultations in which ATA accredits organizations that provide online, real-time health services complying with certain standards.  Among the examples the ATA offers of what kind of the kind of organizations the program would accredit is an employer providing its employees with online, real-time telehealth services.

More recently, URAC, a longstanding accrediting organization, has launched its own telehealth accreditation program for providers involved in consultations with facilities, consumers, and other health care providers through televideo and other electronic methods.  URAC’s accreditation standards were developed by an expert panel that included health systems, hospitals, health plans, telemedicine companies, and academic medical centers.

The Voice of Large Employers

I believe 2016 will be the year large employers will be heard loud and clear in the telehealth regulatory debates that are sure to take place.  The fact is many Americans receive their health insurance through their employers.  And, according to the National Business Group on Health, 74 percent of large employers are expected to offer telehealth in 2016 compared to 48 percent in 2015.  Given the important role employers play in health care, and how telehealth is increasingly being used by employers, it is only logical that employers would ultimately play a significant role in our ongoing telehealth regulatory debate.

One group is leading the charge.  The ERISA Industry Committee (ERIC), the only nonprofit national association advocating solely for the employee benefit and compensation interests of the country’s largest employers, earlier this year launched a telehealth initiative to promote policies that facilitate access to telehealth for employees to have expanded access to health care services.  ERIC will be actively involved in the major telehealth discussions that occur next year both at the state and federal levels giving large employers a significant voice not usually heard from in telehealth regulatory circles.iStock_000062830618_Small

Wearable Market Poised for Breakout

As I have written before in previous blog posts, the healthcare wearables market is projected to significantly increase in the next few years. Generally speaking, wearables are devices (which usually include microchips or sensors) that, among other functions, collect data and track fitness and wellness. Market research is bullish.  For example, Soreon Research, a leading independent research firm, projects that the wearable healthcare market will reach $41 billion by 2020—with diabetes, obesity, sleep disorders, and cardiovascular disease as the largest growth segments in the market.  From my perspective, a combination of the ability to collect data along with big data analytics capabilities will drive this market.  And as the market booms and the technology becomes more sophisticated, legal and regulatory issues loom.  Here are a few issues of which to be mindful:

  • Data privacy and security (who has access to the data, who owns the data, how long the data will be used, etc.).
  • Potential changes to malpractice liability (clinicians having access to more information regarding a particular patient, providers ability to review the voluminous data, etc.).
  • Employer issues (wellness programs, ADA concerns, etc.)
  • FDA.

I have only touched on a few issues.  Other issues such as reimbursement (particularly Medicare), use of telehealth in ACOs and similar models, antitrust, use of diagnostics and peripherals, scope of practice, and privacy and security will be some of the frontline telehealth issues in 2016.  We look forward to addressing all of those issues throughout next year.

Research_HeroOne of the issues with which we often grapple in the telehealth space is the relative lack of availability of studies and data when compared to other areas of the health care sector.  Telehealth is relatively young and therefore has not had the time to build a voluminous body of data and evidence.  But things are changing.  Many stakeholders are doing exemplary work in telehealth research, and stakeholders like the Department of Veterans Affairs have longstanding evidence regarding the efficacy of telehealth.  However, it’s a more recent document that has caught my attention.

A draft report prepared for the Agency for Healthcare Research and Quality (AHRQ) helps to clarify the existing research regarding telehealth.  The report provides a framework and an evidence map of the available research regarding the impact of telehealth on health outcomes and care utilization.  A detailed description of the methodology used is included in the report as well as an appendix detailing the included and excluded studies the authors considered.

The document is the result of a request from Senators John Thune (R-SD) and Bill Nelson (D-FL) for a literature review examining the value of telehealth and remote patient monitoring with a focus on expanding access to care and reducing costs.  Some of my takeaways from the draft report:

  • Initial searches confirmed that there is a large volume of literature consisting of both primary studies and systematic reviews regarding applications of telehealth.
  • There is broad evidence about the effectiveness of telehealth, including over 200 systematic reviews and hundreds of primary studies published since 2006.
  • A limitation of the authors’ literature review was the use of the term “telehealth” and how stakeholders have varied definitions of the term—making searching literature and identifying relevant studies challenging.
  • Another challenge of the literature review was the uneven quality of studies within the reviews whereby lower-quality studies were less likely to find an effect even where one exists.
  • Although the report found that many previous reviews were not structured in a way that would support current decisions related to telehealth, the report did identify 44 systematic reviews that addressed several important clinical focus areas.
  • The largest volume of research reported that telehealth interventions produce positive results when used in the clinical areas of chronic conditions and behavioral health.
  • Telehealth also yielded positive results when used for providing communication/counseling and monitoring/management.
  • Areas that could be the focus of future systematic reviews include telehealth for consultation, acute care, and maternal/child health.
  • Topics identified as having a limited evidence include telehealth for triage in urgent/primary care, management of serious pediatric conditions and the integration of behavioral and physical health.
  • No studies have yet been able to assess the contribution of telehealth to value-based models given how relatively new these models are.

Report Recommendations

The authors of the draft report also make some interesting recommendations regarding the best ways to advance telehealth. First, they recommend developing additional research in a variety of clinical areas, including triage in urgent care and management of serious pediatric conditions. Second, the authors call for more systematic research reviews in consultation, acute care, and maternal/child health. Finally, the authors encourage research in emerging models of care such as value-based programs where telehealth may improve quality outcomes.

The draft report is very valuable in synthesizing some of the existing literature, and is open for comment until 11:59 p.m. Eastern time on January 5, 2016.  When finalized, this report could have an influential impact on policymakers’ thinking.  I plan on submitting comments regarding the draft (including my view that there are existing studies that should have been considered that were not).  I urge all stakeholders to do the same.

EHRA recent survey conducted by the Robert Graham Center, the American Academy of Family Physicians, and Anthem caught my attention. The survey was conducted to gauge the attitudes of primary care physicians regarding telehealth.  And the results make for interesting reading— providing great insight into how certain providers view and use telehealth. What struck me most is that while great progress has been made in the rate of telehealth adoption among providers, we still have a way to go. According to the survey report, state legal and regulatory issues, reimbursement, and provider training and education continue to be serious barriers to wider adoption of telehealth.  And until the landscape evolves to address these barriers, telehealth adoption is likely to stagnate despite the great promise of telehealth holds as a tool to improve quality and access.

By way of quick background, approximately 1,500 family physicians responded to the survey with 15% responding that they use telehealth in their practices (although almost nine out of 10 family physicians indicate that they would use telehealth if they were appropriately reimbursed).  Here are some other interesting takeaways from the survey.

Users of Telehealth

As you might expect, the survey report confirms what most of us in this space suspect.  First, the survey finds that physicians practicing in rural areas are far more likely to use telehealth in their practice than urban physicians (almost 29% to 11%).  Second, physicians who use telehealth are younger and in practice fewer than 10 years. Third, almost all telehealth users reported that they use EHRs in providing care to their patients.

Generally, both telehealth users and non-users agreed that telehealth has the potential to improve health care access, improve continuity of care, and decrease travel time for patients.  And while there was general agreement that patients preferred to see their physicians in-person, there was also an acknowledgment that telehealth “may represent an alternative to seeing a physician at all.”  In other words, even those physicians who did not use telehealth saw the value in its use almost to the same level as telehealth adopters.

Form of Telehealth

Among users of telehealth, approximately half have used telehealth one to five times in the past year and about a quarter report using telehealth more than 20 times in the past year. The form of telehealth used most:

  • 48.7% used real-time video
  • 30.7% used store-and-forward or text
  • 10.8% shared a computer screen using images with audio
  • 9.6% used other forms

Uses of Telehealth

More surprising for me was the variety of ways in which telehealth is being used by primary care physicians.  Survey results show the following uses:Telehealth Licensure

  • 55% for diagnoses or treatment
  • 26% for chronic disease management
  • 20% for second opinion
  • 21% for follow-up
  • 13% for other reasons
  • 16% for emergency care
  • 6% for administrative purposes

So, what does this all mean? For me, it is further confirmation that telehealth is widely accepted by physicians generally but that many barriers will need to be overcome for telehealth to become more routine among physicians and other providers. The survey report notes that “creating guidelines for the use of telehealth services in clinical practice, definitions of quality, and measurable outcomes” are a must for greater adoption. The report also underscores the need to establish “standardized reimbursement procedures” for telehealth including the development of new billing codes and reimbursement mechanisms. I wholeheartedly agree with all of those conclusions. Many stakeholders are working on solutions to one or more of these barriers. Ultimately, however, I think significant change will come from consumers and patients themselves, who will continue to demand better access and more innovative delivery models outside the conventional office visit.

Telemental health seems to be emerging, even booming.  Also referred to as telebehaviorial health, e-counseling, e-therapy, online therapy, cybercounseling, or online counseling, for purposes of this post, I will define telemental health as the provision of remote mental health care services (usually via an audio/video secure platform) by psychiatrists, psychologists, social workers, counselors, and marriage and family therapists.  Most services involve assessment, therapy, and/or diagnosis.   Over the last few years, I have seen a wider variety of care models—from hospitals establishing telepsychiatric assessment programs in their emergency departments to virtual networks of mental health professionals providing telemental health services to underserved areas to remote substance abuse counseling being provided to inmates in state prisons.VA telehealth

Even the federal government is in on the act.  For example, in 2010, the Veterans Health Administration established a National Telemental Health Center. In 2013, the center provided almost 3,000 video encounters to 1,000 patients at 53 sites in 24 states.  The scope of the services the center provides includes all mental health conditions with a focus on post-traumatic stress disorder, depression, compensation and pension exams, bipolar disorder, behavioral pain and evidence-based psychotherapy.

There are many reasons for the recent boom.  First, telehealth is a good fit for providing mental health services because providers rarely have to lay hands on the patient in conventional face-to-face encounters.  Second, telemental health is accepted by a large number of payers as a legitimate use for telehealth—more so than other telehealth disciplines. As an example, most Medicaid programs and many private insurers cover and reimburse for telemental health services.  Finally, patients surveyed have consistently stated that they believe telemental health to be a credible and effective practice of medicine, and studies have found little or no difference in patient satisfaction as compared with face-to-face mental health consultations.

The Need for Telemental Health

In essence, we are stuck in a vortex of sorts with millions of Americans suffering from mental illness or substance abuse disorders combined with a shortage of qualified mental health providers to address these issues.  The numbers speak for themselves.

In addition to the high numbers described above, there is a critical mental health provider shortage creating significant access to care issues.  Here is a snapshot:

You get the idea.  And even with mental health parity laws, cost of care remains an issue—not to mention the social stigma and mistrust of mental health providers that exists in many communities.Mobile phone

Telemental health is bridging the gap.  Numerous studies have shown the effectiveness of telemental health services.  For example, a recent study showed that providing telemental health services to patients living in rural and underserved areas significantly reduced psychiatric hospitalization rates.  Another study concluded that the effects of telemental health on low-income homebound older adults were sustained significantly longer than those of in-person mental health services. Many other studies arrive at the same conclusion.  Note, however, obstacles remain, including how to properly assess non-verbal cues by video, technical difficulties, and the lack of proper training of many providers regarding telehealth.

Practice Guidance

There is also good news in that, unlike other telehealth subspecialties, there is a well-developed library of practice guidelines available regarding telemental health.  The American Psychiatric Association, American Psychological Association, National Association of Social Workers, Association of Social Work Boards, TeleMental Health Institute, for example, all have guidelines or statements related to telemental health.  The American Telemedicine Association has developed a series of practice guidelines over the years related to telemental health, including its latest regarding using real-time videoconferencing to provide online mental health services. There are also other resources such as the telehealth resource centers that provide guidance on telemental health.

Legal & Regulatory Issues

As with all things telehealth, however, there are a number of significant legal and regulatory issues implicated by the use of telemental health, including privacy and security, follow-up care, emergency care, treatment of minors, and reimbursement. While telemental health touches on some federal laws and regulations (e.g., HIPAA), most of the significant issues involve state law.  And as you might imagine, the result is an inconsistent patchwork of laws and regulations that vary widely by state.

We recently completed a 50-state survey of laws and regulations that may be implicated by the use of telemental health services to assess a variety of issues such as privacy, follow-up care, treatment of minors, and provider scope of practice.  Here are a few nuggets:

  • Psychiatrists, as practicing physicians, must comply with all the obligations that apply to physicians practicing telehealth generally. Very few states exempt mental health from physician requirements despite the fact that many psychiatrists never lay hands on patients. Ironically, Texas is one of the few states that explicitly carves out mental health services from other telehealth requirements.
  • In Delaware, an individual practicing “telepsychology” must conduct a risk benefit analysis and document findings specific to issues such as whether a patient’s presenting problems and Skype 4apparent condition are consistent with the use of telepsychology to the patient’s benefit; and whether the patient has sufficient knowledge and skills in the use of technology involved in rendering the service or can use a personal aid or assistive device to benefit from the service.
  • Kansas requires psychologists and social workers providing telemental health services to obtain the informed consent of the patient before services are provided.
  • In Maryland, physicians (psychiatrists) are required to develop a procedure to prevent access to data by unauthorized persons through password protection, encryption, or other means; and develop a policy on how soon an individual can expect a response from the physician to questions or other requests included in transmission.
  • Montana psychologists can initially establish a “defined professional relationship” electronically so long as the means of communication involves a two-way, real-time, interactive platform providing for both audio and visual interaction.
  • To regulate marriage and family therapy therapist, South Dakota relies on the American Association for Marriage and Family Therapy’s Code of Ethics which provides that therapists evaluate whether electronic therapy is appropriate for individuals and inform them of the potential risks and benefits associated with electronic therapy.

As I look over the telehealth landscape, I predict that telemental health will continue its significant growth.  Demand for mental health services will not recede, and coupled with the mental health provider shortage, telemental health will be viewed as a viable solution by more and more clinicians, payers, and policymakers.  There are, however, significant legal and regulatory considerations—especially at the state level— with which stakeholders must wrestle.

headerAs telehealth legal and regulatory issues continue to evolve, stakeholders need to stay current on trending issues. With that in mind, we are offering a complimentary “crash course” webinar series in which we will discuss a number of significant legal and regulatory issues implicated by telehealth including reimbursement, state issues, and employers.

How Do I Get Paid?

During this first installment of EBG’s Telehealth Crash Course series, we will discuss the current reimbursement landscape, including distinctions between various payer models and the growing impact of state parity laws, and some of the current state-specific concerns regarding regulatory issues and risks that may impede development of reimbursement schemes for telehealth services in certain states. (Tuesday, September 8: 2:00 – 2:15 p.m. ET)

Do States Like Telehealth?

In the second installment of EBG’s Telehealth Crash Course series, we will discuss recent legal and regulatory developments in the states related to telehealth and the various initiatives underway to facilitate greater adoption of telehealth. (Tuesday, September 15: 2:00 – 2:15 p.m. ET)

How Do I Implement Telehealth in My Plan?

In the third installment of EBG’s Telehealth Crash Course series, we will examine all of those questions and the potential issues that employers may need to navigate throughout the process of implementing telehealth. (Tuesday, September 22: 2:00 – 2:15 p.m. ET)

How Will My Organization Absorb the Influx of New Patients?

In the final installment of EBG’s Telehealth Crash Course series, we will explore the potential health care immigration issues that employers should be aware of, as well as immigrant options that are available to help health care organizations recruit the foreign talent required to keep pace with a changing landscape. (Tuesday, September 29: 2:00 – 2:15 p.m. ET)

To register for this webinar series, please click here.

At the International Association of Privacy Professionals (“IAPP”) Global Privacy Summit in Washington, D.C. on March 5th and March 6th, the Federal Trade Commission (“FTC”) was clear in its message that privacy was a top priority for the agency.  The FTC had a strong presence at the conference.  Three of the five Commissioners and the Director of the Bureau of Consumer Protection (Jessica Rich) all spoke at the conference and relayed a message of the importance of consumer privacy and security.  In that regard, the FTC speakers stressed the importance of:

  • informing consumers of the collection of consumer information;
  • informing consumers how such collected information will be used; and
  • providing strong safeguards for information collected.

The FTC speakers also announced that the FTC will be beginning a new security campaign to engage businesses of all sizes in understanding the importance of securing consumer information.  The FTC speakers also emphasized the FTC’s concern and focus on the collection of health information by organizations that are not covered under HIPAA (for example organizations developing wearable devices or other consumer driven apps).  Given the tenor of the discussions, there is no question that FTC will continue to make privacy enforcement a top priority.  As a result, device manufacturers, pharmaceutical manufacturers, and mobile health developers should remember to think beyond HIPAA when they think of U.S. privacy compliance.  For a listing of prior privacy enforcement actions by the FTC see, https://www.ftc.gov/news-events/media-resources/protecting-consumer-privacy/enforcing-privacy-promises.

CMSProviders, take note: the Chronic Care Management (CCM) CPT Code 99490 is now payable by the Centers for Medicare & Medicaid Services (CMS). Effective January 1, 2015, the Medicare program began making payments under the Physician Fee Schedule (PFS) for certain non-face-to-face management and care coordination services provided to beneficiaries covered under the traditional Medicare fee-for-service program. CCM services include, but are not limited to, development and maintenance of a plan of care, communication with other treating health care professionals, and medication management. In order to be eligible for CCM services, beneficiaries must have two or more chronic conditions, expected to last at least 12 months or until the death of the beneficiary. Claims for CCM services are payable on a monthly basis, must include at least 20 minutes of qualifying services, and are subject to beneficiary coinsurance and deductibles. Information on the availability of CCM services must be conveyed to the beneficiary through a face-to-face visit and the beneficiary must consent to receiving such services. Only one Medicare provider can provide and be paid for CCM services provided to an individual beneficiary during each calendar month.

CMS hosted an MLN Connects National Provider Call on February 18, 2015 to review the requirements for physicians and other practitioners to properly bill the new CCM CPT code. During the call, titled “Chronic Care Management Services: CY 2015 Medicare Physician Fee Schedule,” CMS provided an overview of the requirements for physicians and other practitioners to bill using CPT code 99490. CMS discussed the eligible beneficiary population for CCM services, the scope of CCM services, the Medicare providers who are eligible to provide CCM services (including on an “incident to” basis), and how CCM services might overlap with current demonstration and other initiatives by CMS. CMS noted that portions of the CCM requirements were finalized in two different PFS final rules, some in the CY 2014 final rule and the remainder in the CY 2015 rule. This overview was followed by a robust question and answer session, which provided some of the most interesting takeaways:

  • CMS has not established a specific list of chronic conditions that would be covered by the new CCM CPT code. CMS suggested referencing the Chronic Conditions Data Warehouse[1] to identify possible chronic conditions, but cautioned that use of the CCM CPT code would not be limited to the conditions identified therein. According to CMS, until such a time when more prescriptive restrictions could be established, the only limitations with regard to eligible chronic conditions are those outlined in the CPT code description itself.
  • Beneficiary consent to receive CCM services remains effective until withdrawn, even if the provider is not able to or otherwise does not bill for the CCM services for a period of time.Cash 5
  • CMS is deferring to the Medicare Administrative Contractors (MACs) many of the specific billing questions about which participants inquired during the call, including how to capture place and date of service details, how to document time spent performing CCM services, and whether time spent by Certified Medical Assistants can count toward the 20 minutes required per calendar month to bill for CCM services.

CMS recently published a new Fact Sheet regarding CCM services (ICN 909188). The Fact Sheet will be a helpful resource for providers seeking to utilize the CCM CPT code and other interested stakeholders, as it covers much of the detail discussed during the CMS call and includes a helpful table that illustrates the alignment between the CCM scope of service elements and billing requirements with the certified Electronic Health Record (EHR) or other electronic technology requirements.

So have the MACs weighed in yet regarding the use of new CPT code 99490? Stay tuned for our next post, in which we will “consult the MAC” to see what helpful guidance, if any, they have provided to date.

[1] Chronic Conditions Data Warehouse, https://www.ccwdata.org/web/guest/home.

 

As so many of you know, the barriers to the wider adoption of telemedicine are numerous.  In listening to various stakeholders in the telemedicine space over the years, I consistently hear the same barriers being discussed:

One issue, however, that gets short shrift in my view is the issue of online prescribing—an issue that presents as formidable a barrier to the wider adoption of telemedicine as any other.  Before I take a deeper dive, I should mention that by online prescribing I do not mean e-prescribing, which generally refers to the issuance of a prescription electronically instead of in written form.  What I mean by online prescribing is physicians prescribing medications to patients via a telemedicine visit when the physician has never had an in-person encounter with the patient. Instead, the physician relies solely on information obtained through the telemedicine encounter.

Generally, and unless one of a very limited number of exceptions applies, states require that a physician first establish a valid physician-patient relationship before he or she may prescribe for the patient. In most states, a physical examination or evaluation of the patient is one of the requirements to be met in order to establish that relationship. But just what constitutes a valid “physical examination” varies from state to state? As you might imagine, this is critical in telemedicine because in many cases, telemedicine providers will be unable to physically examine or evaluate new patients in-person or face-to-face.  States address the issue in a variety of ways which has predictably led to a patchwork of sometimes inconsistent state laws. 

In- Person Physical Exam

Some states explicitly require an in-person examination or evaluation before a physician may engage in online prescribing for a patient. Under Arkansas law, for example, in the absence of a prior and proper patient-practitioner relationship, a physician must perform an in-person physical examination of the patient adequate to establish a diagnosis and to identify underlying conditions or contraindications to the treatment recommended or provided.

Physical Exam

Other states, while requiring a physical examination or evaluation, do not explicitly use terms such as “in-person” or “face-to face” to describe the exam.  Many have taken that to mean that the physician must have an in-person encounter with the patient—a very reasonable conclusion in my view—and one shared by most medical boards with which I speak.  Some observers, however, have concluded that because the requirement in these states is not as explicit as it is in other states (i.e., Arkansas), a reasonable argument can be made that a physical examination may occur by electronic means—especially if the examination results in the same information being obtained had the exam occurred in-person.  This is a gray area that will likely become clearer as many states re-examine their telemedicine standards.    

Physical Exam by Other Means

Significantly, there are a number of states that explicitly allow physical examinations or evaluations to be performed by electronic means or via telemedicine technologies. For example, in Maryland, if no prior in-person, face-to-face interaction with a patient has been done, a physician may “incorporate real-time auditory communications or real-time visual and auditory communications to allow a free exchange of information between the patient and the physician performing the patient evaluation.”  In Virginia, a physician must perform an examination of the patient “either physically or by the use of instrumentation and diagnostic equipment through which images and medical records may be transmitted electronically.”  Hawaii, New Mexico, and a handful of other states take a similar approach. 

Model Policy

Given the various approaches, what is a telemedicine provider to do? Some help is on the way.  The Federation of State Medical Boards, a national organization that represents 70 medical and osteopathic state medical boards in the United States, has developed the “Model Guidelines for the Appropriate Use of the Internet in Medical Practice” which among other things addresses the issue of prescribing head on:

  • Prescribing. If using telemedicine technologies, where prescribing may be contemplated, providers must implement measures—left to the discretion of the physician—to uphold patient safety in the absence of traditional physical examination. Measures should guarantee that the identity of the patient and provider is clearly established. To assure patient safety in the absence of physical examination, telemedicine technologies should limit medication formularies to those considered safe by the state medical board.

Some states have adopted the FSMB’s Model Policy in whole or in part. It is my hope that many more states will adopt the Model Policy as it represents a very positive step in the right direction toward harmonizing the disparate, inconsistent, and often confusing patchwork of state laws governing online prescribing. 

On January 9, 2015, New Jersey Governor Chris Christie signed new legislation that will require health insurance carriers authorized to issue health benefits plans in the state—including insurance companies, health service corporations, hospital service corporations, medical service corporations, and health maintenance organizations—to encrypt personal information. Triggered by a series of data breaches involving the health information of almost a million residents, Senate Bill No. 562 (“SB 562”) was passed unanimously by both houses of the state legislature and will take effect on August 1, 2015.

Under SB 562, health insurance carriers will be prohibited from maintaining computerized records that contain personal information unless the information is “secured by encryption or by any other method or technology rendering the information unreadable, undecipherable, or otherwise unusable by an unauthorized person.” The use of a password protection program that prevents general unauthorized access will not suffice to meet the encryption requirement. “Personal information” is defined as an individual’s first name or first initial and last name linked with at least one of the following: (1) Social Security number, (2) driver’s license number or state identification card number, (3) address, or (4) identifiable health information.

The law applies only to end user computer systems and computerized records transmitted across public networks. “End user computer systems” include desktop computers, laptop computers, tablets and other mobile devices, and removable media.

The requirement to encrypt makes the New Jersey law stricter in this regard than the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), under which encryption of electronic protected health information (“ePHI”) is an addressable specification. Nonetheless, given that encrypted ePHI is exempt from HIPAA’s breach notification requirements, it is considered a best practice to encrypt ePHI.

Violation of New Jersey’s encryption mandate will constitute a violation of the New Jersey Consumer Fraud Act, which imposes penalties of up to $10,000 for the first offense and up to $20,000 for any subsequent offense. The state Attorney General may also issue cease-and-desist orders to violators and award treble damages and costs to affected individuals. Given these potential penalties, health insurance carriers in New Jersey should carefully review their policies and procedures and ensure compliance with the new law.