All indications are that international telemedicine is well positioned for strong growth over the next several years. The global healthcare marketplace is ripe with opportunities for U.S. based healthcare systems and providers to take advantage of the expanding use of telemonitoring systems and other telemedicine technologies to deliver top flight healthcare to patients across the globe.
However, wherever there are opportunities, there are challenges. In addition to the economic and financial barriers to launching an international telemedicine program, there are legal and regulatory uncertainties that surround telemedicine. Who should be licensed and in what jurisdiction? What security/privacy issues exist and are they addressed? What local laws apply? The lack of global standardization can make developing or expanding your telemedicine program internationally a potentially daunting task.
Below is a list of four key legal/regulatory issues that should be considered when developing an international telemedicine program:
1. Foreign Corrupt Practices Act – Put simply, the FCPA prohibits U.S. companies and individuals from paying bribes or kickbacks to a “foreign official” for the purpose of obtaining or retaining business. The term “foreign official” has been interpreted broadly, and in the context of healthcare, can potentially include anyone who works for a government owned or operated health system. This would include doctors, nurses, and administrators at hospitals and health systems that are frequently the main points of contact when developing an international telemedicine program. Given the severity of the potential penalties (imprisonment for individuals, exclusion from government programs for organizations, and hefty monetary penalties), it is critical for any healthcare organization considering international business arrangements, including a telemedicine program, to develop and implement an FCPA compliance and training program.
2. Medical Licensure – The definition and interpretation of the practice of medicine is a creature of state law within the United States and can vary widely internationally. Does the board of medicine in your state have a position regarding state-licensed physicians who practice medicine internationally? Are U.S. based physicians deemed to be practicing medicine in the foreign jurisdiction as a result of the telemedicine services they are performing? Do they need to be licensed to practice in the country where each telemedicine patient is located (under local and/or foreign laws)? It’s important to do your homework beforehand. A little time and energy on the front end may protect your program and its patients, providers, and institutions in the future.
3. Privacy and Security – As Ross noted in his most recent post, a new era of active enforcement of the HIPAA privacy and security laws is upon us. Hospitals and health systems in the United States are all too familiar with HIPAA requirements. Healthcare organizations develop intricate policies, procedures and systems aimed at ensuring the privacy and security of patients’ protected health information in the ordinary course of providing healthcare services. It is important to make sure that these policies, procedures and systems appropriately address issues that may arise with the provision of care to international patients.
Generally, policies and procedures related to the management, collection, and transfer (electronic or otherwise) of patient information should be consistent with the organization’s existing policies and procedures in order to ensure compliance with federal and state privacy and security laws, including guidelines for protection/encryption of patient information and storage of electronic patient information. However, it is important to confirm that existing policies address potential issues that may uniquely arise in the context of providing international telemedicine services.
Business Associate agreements should be in place with international partners (and vendors) as appropriate.
It’s critically important to examine and understand foreign privacy and security laws that may apply to international patients to ensure appropriate protocols and policies are in place. Many countries have even more stringent requirements with respect to protecting health and other information.
4. Fraud and Abuse Laws – The fraud and abuse laws may apply in a number of contexts in connection with an international telemedicine program, particularly for those programs in which non-employed community physicians participate. Federal fraud and abuse laws (including Stark Law and Anti-kickback Law) and state fraud and abuse laws need to be considered when structuring relationships with physicians who participate in the program. For instance, the means by which telemedicine technology is made available to participating providers and the billing structure for telemedicine services provided may complicate existing relationships that are otherwise compliant with fraud and abuse laws. Ross’s recent post summarizes the OIG’s 2011 Advisory Opinion addressing federal Anti-kickback issues and their impact on a domestic telemedicine program.