Effective June 11, 2018, all Department of Veterans Affairs (“VA”) health care providers will be able to offer the same level of care to all beneficiaries regardless of the beneficiary’s or the health care provider’s location. In its recently released final rule, the VA stated that in December 2016 Congress mandated that the agency provide veterans with a self-scheduling, online appointment system, and that the agency meet the demands for the provision of health care services to veterans, regardless of whether such care was provided in-person or using telehealth technologies. As a general rule, most telehealth practitioners are required to comply with various and state-specific licensing, registration, and certification requirements in order to render health care services via telehealth. Failure to do so can potentially jeopardize a practitioner’s professional credentials and could expose them to penalties including fines and imprisonment for the unauthorized practice of medicine or other health care services. These state-specific requirements create certain challenges for telehealth practitioners seeking to practice across state lines.

Therefore, in order to address the mandate issued by Congress, the VA developed and published the final rule to supersede these state-to-state regulations by clarifying that VA health care providers may exercise their authority to provide health care services via telehealth, notwithstanding any state laws regarding licensure, registration, or certification requirements that might be conflicting with taking these actions. Essentially, the VA is exercising its authority as a federal agency to preempt conflicting state laws relating to the practice of medicine or other health care services via telehealth. These efforts by the VA are designed to better protect its health care providers from potential enforcement actions by individual states and/or their respective professional boards, provided that these practitioners are providing telehealth services within the scope of their VA employment.

It must be noted that the final rule’s scope is narrow and only applies to health care providers who are employed by the VA. The final rule does not cover contractors, including health care providers who are participating in the Choice Program. The final rule also does not expand the scope of practice for VA health care providers beyond what is required or authorized by federal laws and regulations or the laws and regulations relating to the practice of medicine or other health care services that are dictated by the state(s) in which the health care provider is licensed to practice. Additionally, the final rule does not affect the VA’s existing requirement that all VA health care providers must adhere to all applicable laws and regulations regarding prescribing and administering of controlled substances, which not only obligates a provider to comply with such laws in the state(s) where he/she is licensed to practice, but also with the federal Controlled Substances Act.

Among the public comments submitted in response to the VA’s proposed rule, published October 2, 2017, the Federal Trade Commission, an agency that has been a big proponent of efforts to expand access to telehealth services, applauded the amendments to the VA’s regulations, stating that it will “provide an important example to non-VA health care providers, state legislatures, employers, patients, and others of telehealth’s potential benefits and may spur innovation among other health care providers and, thereby, promote competition and improve access to care.”

Telehealth providers and stakeholders should closely follow the VA’s progress as the agency works to implement the final rule. Any resulting successes, as well as any failures, may meaningfully impact the continued expansion and adoption of telehealth technologies and services among the private and commercial sectors, as well as potentially influence continued state legislative efforts in this developing area.

On September 5, 2014, the Federation of State Medical Boards, a nonprofit organization representing the 70 state medical and osteopathic boards nationwide, announced the completion of its drafting process for its Interstate Medical Licensure Compact (“Compact”). Finalizing the Compact is a critical step toward removing one of the major barriers preventing a greater proliferation of telehealth technologies and services. Under the Compact, a physician who is licensed in his or her principal state and who meets certain educational, certification, and disciplinary criteria would be eligible to apply for an expedited medical license in another state that has adopted the Compact. Adoption of the Compact by states not only will increase license portability for physicians by alleviating the traditional rigid state licensure requirements that impede the practice of telehealth, but also will help improve access to health care for patients across the nation who will benefit from greater adoption of telehealth.  You can read more here.

One of the largest hurdles to the growth of telehealth—the lack of a streamlined process for obtaining physician licensure in multiple states—is one step closer to being scaled. The Federation of State Medical Boards (“FSMB”) recently released a revised draft of its Interstate Medical Licensure Compact (“Compact”). This revised draft is a continuation of efforts by FSMB and its member boards to study the feasibility of an interstate license portability. Additionally, the revised draft of the Compact reflects changes based upon comments received from FSMB member boards and other stakeholders since the draft was released by FSMB earlier this year. Adoption of the Compact is critical to the interstate practice of telehealth.  You can read the full alert here.

We all know that telehealth is going mainstream.  The numbers speak for themselves.  A leading research firm predicts that 2.8 million patients worldwide used home-based remote monitoring devices in 2012—expected to increase to 9.4 million connections globally by 2017.  Another firm projects that the number of patients using telehealth services in the United States will grow to 1.3 million in 2017, up from 227,000 in 2012.  Even less rosy projections predict growth to 2 million patients worldwide by 2017.  The news is even better in subspecialties like telepsychiatry   that are showing tremendous adoption rates all across the country.  And the federal government is voicing its support for telehealth adoption in a variety of ways including awarding millions of dollars in grant funding for telehealth projects under its Centers for Medicare and Medicaid Services Health Care Innovation Awards program.

All this good news notwithstanding, there are a number of issues and barriers that remain—many of which threaten to stifle the progress being made.  I have boiled these down to the few I think will keep the telehealth community awake at night because, in my view, they hold the greatest potential to stifle the greater adoption of telehealth.

Not Complying with State Licensure and Prescribing Laws.  I have seen a number of regional and national telehealth care models that don’t appear to be in compliance with the various state licensure and prescribing laws. This could have serious ramifications for telehealth as state regulators begin to focus more on telehealth enforcement.  Unfortunately, providing telehealth in more than one state will mean that providers need to comply with multiple state laws, which are often confusing and burdensome.  Nevertheless, telehealth providers should pay particular attention to state prescribing laws, the majority of which require a physical examination before a provider may prescribe drugs—a difficult requirement to meet for telehealth providers operating in multiple states.  Some providers seem unaware of these requirements or simply ignore them.  While I acknowledge that enforcement in this area has not historically been a priority for most state regulators, this is changing in many states as telehealth continues to blossom. As an example, I note the case of the Colorado doctor convicted in 2009 for prescribing an anti-depressant medication to a patient in California who later committed suicide.  The doctor had not performed a face-to-face evaluation nor established physician-patient relationship as required under California law.  It will only take a few similar high-profile cases to bring the kind of unwanted scrutiny that dogs other parts of the health care sector.

Lack of Highly Developed Protocols and Guidelines.  In my discussions with various state regulators and payers, there seems to be a consensus that telehealth lacks the robust, highly developed protocols, guidelines, and best practices to foster greater acceptance.  I applaud organizations such as the American Telemedicine Association for its continued work in developing a suite of protocols and guidelines for telehealth.  But a lot more needs to be done.  Physician and other health care professional organizations and trade associations need to take the lead in developing serious, well-conceived protocols and guidelines to provide the kind of uniform standards that regulators and payers rightly believe is lacking in telehealth.  Without such protocols, many regulators and payers will continue to view telehealth with skepticism—not to mention the potentially greater liability exposure that exists for practitioners operating in disciplines with no well-established protocols.

Lack of Greater Coverage and ReimbursementI have discussed before why providers not getting directly reimbursed for telehealth may not be as much of an issue as many providers believe.  Nevertheless, the lack of widespread coverage and reimbursement is preventing many providers who would otherwise consider providing telehealth from dipping their toes in the water.  To be sure, through so-called telehealth parity statutes, many more private payers cover telehelath than ever before.  But that is not enough.  Payers cite many reasons for failing to provide more telehealth coverage:

  • Not persuaded by clinical efficacy of telehealth for many indications.
  • Bias towards keeping telehealth benefit only available for rural beneficiaries in areas with shortage of health care professionals.
  • Fear of increased costs with expansion of telehealth benefit.
  • HIPAA privacy and security concerns.
  • Many studies have been inconclusive regarding efficiency, cost savings, preventable hospitalizations from the use of telehealth services.

Telehealth stakeholders have more power than they think—and should engage with regulators and payers in a coordinated way to help fashion a more coherent reimbursement approach to telehealth.  There are many developments     stakeholders could point to, including: 1) the number of newer studies showing the benefits of telehealth; and 2) the significant results achieved by the Veterans Health Administration (53% reduction in bed days of care; 30% reduction in hospital admissions), long a leader in telehealth adoption.  Absent a more coherent reimbursement approach, many providers will continue to sit on the sidelines—stalling the greater widespread adoption of telehealth.

HIPAA Privacy and Security. Telehealth HIPAA privacy and security issues are not necessarily different than those facing more conventional providers.  However, within telehealth, privacy and security issues take on greater significance given that telehealth is usually delivered by electronic means and that health information is often stored electronically.  In other words, there are ample more opportunities for unauthorized third parties to access patient health information.  Data breaches are becoming increasingly common with one study showing that 94% of healthcare organizations surveyed have experienced at least one data breach during the past two years, and 45 percent experiencing more than 5 data breaches each during this same period.  In my mind, nothing threatens the future viability of telehealth more than lax privacy and security.  We have written many posts regarding the kinds of privacy and security issues telehealth providers need to have top of mind.

Telehealth is going mainstream. Once limited to rural or remote communities, the use of telehealth is increasingly being used to address critical shortages within many medical specialties (such as dermatology, neurology, radiology, critical care and mental health), and as a more efficient means to provide health care services. Many leading nationally-recognized health care providers, health plans and others have significant telehealth initiatives underway often in partnership with telecommunications vendors and government entities.  And developments in this space tend to occur at a breakneck pace.  In fact, since our discussion with the Advisory Board, two more states have passed telehealth statutes.

However, significant barriers exist to the use of telehealth, including a fragmented and often outdated regulatory regime (both at the federal and state levels) that prevents many providers, practitioners and health plans from using telehealth as a primary treatment vehicle.  We discussed all of these issues and more in the Q&A with the Advisory Board.

Please click here to read the entire Advisory Board Q&A.

Telehealth is expanding rapidly outside of the U.S. in both developed and developing countries.  Not surprisingly, the expanded use of telehealth presents many of the same regulatory and reimbursement challenges abroad that it does here in the U.S.  One region in particular that has taken steps to expand telehealth across borders is Europe, where in an effort to confront the legal issues raised by telehealth, the E.U. has removed and revisited existing regulations.  The E.U. has also issued guidance through the European Commission (an institution that is responsible for ensuring that E.U. law is applied and adhered to by all Member States and therefore a key player in regulating the use of telehealth), regarding how best to comply with the regulations in place.  In order to provide timely and effective guidance on rapidly evolving technologies, the Commission publishes staff working documents which interpret the law and provide compliance guidance, but are not legally binding themselves.  One such document is the “Commission Staff Working Document on the applicability of the existing E.U. legal framework to telehealth services”, dated June 12, 2012.  The Document provides guidance on how to comply with E.U. law, but for those in the U.S., reading this guidance also brings to light where the E.U. and the U.S. diverge with respect to key legal issues such as licensure and reimbursement.


Under the existing framework, the Europeans have done a good job providing expanded access to care and have accomplished this at least partially through their licensure rules.  The licensing structure in the E.U. is similar to the one in the U.S., wherein each individual state is tasked with licensing requirements and enforcement.  However, the E.U. system differs where cross-border healthcare, such as telehealth, comes into play because of what is called the “country-of-origin principle”.  This principle, a component of the eCommerce Directive (enacted by the E.U. in 2000 to set up an Internal Market framework for electronic commerce and to provide legal certainty for business and consumers), is the key difference between the U.S. and the E.U. regarding licensure issues.  Under the “country-of-origin principle” a service provider in the E.U. is practicing medicine legally if he or she complies with the licensure requirements in his or her own Member State and treats the patient from within his or her Member State.  This is true regardless of whether the patient is located in another Member State and irrespective of the requirements in that other Member State.

The “country-of-origin principle” is the exact inverse of how licensure works in the U. S.  Within the U.S., the doctor must be licensed in the same state as the patient he is treating regardless of whether the treatment is via telehealth.  This restricts patients’ access to doctors who are not licensed in their states and impedes access to cutting-edge technology such as remote monitoring.  To change the licensure requirements in the U.S. and make telehealth more accessible, there would need to be changes at the state level across the country, or a federal licensure law would need to be adopted.


A clear formula for how a provider would get paid for telehealth services, how much he or she would be paid, and what procedures he or she would get paid for, is crucial to the development of new health technology and the future practice of telehealth in the U.S. and in the E.U.  In the U.S., Medicare reimbursement has not kept up with the times. However, about a third of the states have adopted legislation known as telehealth parity statutes which require private insurers to cover telehealth services if they would otherwise cover in-person provided services.  In these states, as well as states without telehealth parity statutes, many health plans are beginning to cover telehealth services.

In the E.U., there is a Directive (Article 3(d) of Directive 2011/24/EU) on the application of patients’ rights in cross-border healthcare stating that cross-border health care services utilizing telehealth or other types of eHealth services must be reimbursed if the individual or patient resides in a country that reimburses the eHealth service.  This is extremely positive for individuals residing in countries that reimburse telehealth services, as they will be reimbursed if they decide to utilize telehealth services.  However, those individuals whose home countries do not reimburse for telehealth are barred from access to these technologies or doctors in other countries unless they are willing to pay out of pocket.  One example of this is Germany, where the costs of telehealth are only reimbursed by health insurers in exceptional cases.  As a rule, patients have to pay for such health services out of their own pockets.  Other countries like France reimburse several categories of telehealth services at the same levels as traditional in-person services.  French Social Security will pay for some telehealth services including teleconsultation (physicians conduct consultation remotely), teleexpertise (physicians solicit advice from peers), telemonitoring (physicians monitor remotely patient data), and teleassistance (physicians can assist nurses or other medical personnel in the completion of medical acts).  In the Netherlands, phone and e-mail consultations are reimbursed via fixed prices by health insurance companies.  Although the E.U. has yet to present a harmonized reimbursement picture, in countries like Sweden and the U.K. small telehealth projects are publicly funded.  It seems the authorities are still testing the waters before fully committing.

The different approaches taken by the E.U. and the U.S. partially reflect the different health care systems in place as well as the differences in legal structures between the two.  On the one hand, the U.S. has struggled with its fragmented approach.  On the other hand, Europe, known for its heavy regulation, has embraced a less regulated path in terms of licensure to make way for the expansion and adoption of telehealth into mainstream medical practice.  Yet in terms of reimbursement, both the U.S. and the E.U. are struggling with limited reimbursement capability.  Regulators, whether in the U.S. or in the E.U., are often criticized for not keeping up with rapid innovation.  That is also true for payors.

Oftentimes when public authorities are slow to take action, the industry and the patients themselves will adopt innovative products and technologies.  It will not be long before both the U.S. and the E.U. will be forced to see the value of telehealth and to understand that earlier development of health technology and improved incorporation of telehealth into accepted medical best practices is crucial to broader access and better health care.

When evaluating the various legal and regulatory hurdles associated with telehealth—such as licensure, reimbursement, and privacy—one hurdle that often goes overlooked is the corporate practice of medicine.  Many states have enacted laws which directly or indirectly are viewed as prohibiting the “corporate practice” of medicine.  While variations exist among states, the doctrine generally forbids a person or entity, such as a general business corporation, other than a licensed physician, professional corporation (“PC”) or a professional limited liability company (“PLLC”), from owning an interest in a medical practice or employing physicians for the purpose of practicing medicine.  These laws against the corporate practice of medicine are generally designed to prevent non-clinicians from interfering with or influencing the physician’s professional judgment, and will affect the ability of business entities to enter into agreements with physicians and other health professionals.

Some states like Florida do not have a law specifically prohibiting physicians from engaging in the practice of medicine through a corporate structure.  The Florida Board of Medicine has stated that the statutory prohibition against the unlicensed practice of medicine does not prohibit the practice of medicine by physicians as employees of a Florida corporation or partnership.  California, on the other hand, prohibits the corporate practice of medicine, which among other things, requires that business or management decisions and activities resulting in control over a physician’ practice of medicine, be made by a licensed California physician and not by an unlicensed person or entity. In order to avoid the direct violation of state prohibitions on the corporate practice of medicine, many companies use the so-called “friendly PC” model.  Under the “friendly PC” model a PC, PLLC, or other legal entity permitted in the state, whose shareholders are all physicians, employs the licensed health care professionals and contracts with a Management Service Organization (“MSOs”) that provides management services to the PC.  The PC is kept “friendly,” or aligned through the use of a stock transfer restriction agreement and/or by the MSO employing the physician owner.

Generally, the restrictive stock transfer agreements prevent the member from transferring his or her shares without the consent of the MSO.  Additionally, these agreements usually require the member to transfer the shares in the PC to an individual selected by upon demand by the MSO. The combination of business management control and the threat of exercising its rights under the transfer agreement allow the MSO to maintain control over the administrative and management side of the entity without infringing on the professional judgment of the physicians.

We should note that enforcement by relevant authorities (e.g., state boards of medicine) regarding the prohibition against the corporate practice of medicine with respect to the “friendly PC” model generally is inconsistent.  As a practical matter, the most frequent forum in which the issue is asserted is in the context of commercial disputes between the MSO and the physician owners of the PC or PLLC it manages. Specifically, in these disputes the physician owners seek to invalidate all or part of the agreements between themselves and the MSO by arguing that the agreements are unenforceable as a matter of law because it creates a relationship that constitutes the corporate practice of medicine.

Although there is no hard and fast rule as to when a given arrangement may be deemed to constitute corporate practice, the focus in any enforcement action likely will be on the level of control the MSO exercises over the operation of the medical practice, specifically the professional judgment of licensed health care professionals. Where a high level of control exists, the arrangement may be found to be a sham intended to disguise the de facto practice of medicine by an unlicensed entity.  Factors that will be considered in evaluating whether a structure violates the prohibition on the corporate practice of medicine include the extent to which the MSO controls decisions or extracts revenue.

Telehealth companies, along with licensure and all the other regulatory issues we have written about in this blog, also need to take the corporate practice of medicine into consideration when developing their business models.  We advise that companies look into whether the states into which they are considering operating have a prohibition against the corporate practice of medicine, and if so, analyze how their model will need to be modified to fit within the law.  The good news is that many states (e.g., Hawaii, Mississippi, Ohio) have no such prohibition.

We are all too familiar with the many hurdles that stand in the way of the greater proliferation of telehealth.  This blog has examined various legal and regulatory stumbling blocks such as licensure, reimbursement, and privacy that continue to stand in the way of telehealth fulfilling its great promise—at least in the United States.  Other countries are increasingly embracing telehealth.  A recent spate of legislative and other activities, however, point to an evolving environment in which legislators and regulators are beginning to understand and grapple with the many legal and regulatory issues that stand in way of the greater use of telehealth.  Here is a sampling of that activity:


The Telehealth Promotion Act (H.R. 6719) was recently introduced in Congress and recommends sweeping changes to how telehealth is reimbursed and promoted with our health care system.  Among other things, the bill:

  • Requires that Medicare cover health care services provided by means of telecommunications to the same extent as it would services provided in-person;
  • Remove the restrictions under Medicare in which only certain health care professionals (physicians, nurse practitioners, physician assistants) could provide telehealth services;
  • Removes limitation on what may constitute an “originating site” (where the patient presents) under Medicare;
  • Emphasizes that for purposes of reimbursement, licensure, and professional liability,  physicians, practitioners, suppliers, and providers of telehealth services are “considered to be furnishing such services at their location and not at the originating site”;
  • With certain limited exceptions, requires that state Medicaid programs cover health care services provided by means of telecommunications to the same extent as it would services provided in-person;
  • Provides incentives for hospitals to lower readmissions using telehealth;
  • Exempts accountable care organizations from the current telehealth fee-for-service restrictions and allows these organizations to use telehealth as an equivalent substitute for in-person care; and
  • Provides an increase under Medicare in payments for home health services to better account for the use of remote patient monitoring.

While it may be unlikely that the bill becomes law (after all, few bills ever become law), its mere introduction is a sign that telehealth is now at least part of the Congressional health care agenda in a way not previously seen.  By any measure, this represents progress.


While there is quite a bit of activity in the area of licensure, one recent event caught my attention.  The Federation of State Medical Boards—an organization representing 70 medical boards—recently held a meeting in which board representatives discussed ways to identify new mechanisms to streamline licensure and expand access to telehealth.  Meeting attendees reviewed the various ways in which states are attempting to address the issue, and make it easier for physicians to get licensed in multiple states while satisfying the various states’ interests in the protection of its citizens.

The meeting was part of the Board’s License Portability Project, funded by a grant from the Health Resources and Services Administration, which was developed to reduce the various legal and regulatory barriers (such as licensure) to the greater use of telehealth.  A set of recommendations from the meeting will be reviewed and considered by the Board’s House of Delegates later this year.  The Board’s recommendations could go a long way in helping usher in a much more streamlined physician multi-state licensing system.


Late last year, several organizations of state lawmakers passed resolutions calling for creating and supporting telehealth legislation primarily to expand insurer coverage of telehealth.  These organizations have been driven by what they perceive as inadequate health resources allocated to the poorest populations, and the important role telehealth can play in delivering care to chronically underserved populations.

For example, the National Black Caucus of State Legislators noted in its resolution that “there is a need for state legislative provisions that provide coverage for telehealth comparable to in-person services, ensure quality care, protect patient safety, maintain patient privacy, and promote technology for telehealth service delivery,” and encouraged its membership to collaborate with the health care community to create and support telehealth legislation. The National Hispanic Caucus of State Legislators passed a similar resolution regarding telehealth as have other organizations.  Indeed, medical societies (such as the National Hispanic Medical Association) have jumped into the act, and have been emphasizing the importance of telehealth in providing care to underserved populations.

Taken together, the activities I have discussed, along with many others, point to an increasing recognition on the part of legislators and others that it is time to finally come to grips with the many hurdles affecting the greater use of telehealth.  You can see this approach in the in the growing number of states enacting telehealth parity statutes, for example.  These laws generally require health insurers to pay for services provided via telehealth the same way they would for services provided in-person.  While many hurdles legal and regulatory hurdles will continue to exist—as telehealth companies, vendors, providers and health care professionals, I think you should take some comfort in the fact that legislators and regulators are starting to hear your message.

The rapid development and utilization of remote patient monitoring tools in health care exposes the limitations of state licensure laws that generally require physicians to be licensed in states where their patients are located.  These laws are predicated on the physician and patient being in the same jurisdiction.  However, when using mobile-devices to actively monitor patients (such as a device sensor with 4G chipset that can directly connect to cellular networks), there is no single geographic anchor or fixed moment in time from which to define the encounter, episode or point of service.

Rather, the encounter can be viewed as more continuous and spread out over time.  Even if one can break down the services into discrete units (e.g. each instance where a physician is reading and interpreting remote monitoring data, advising the patient, or adjusting prescriptions based on such data) it will be difficult if not impossible for the physician to ensure that during each such instance the patient is physically located in a state where the physician is licensed.  While the program of care may begin on site at a medical center or physician’s office, it may continue offsite for weeks or months during which the patient may be outside the state where the physician is licensed.

Imagine a situation where a patient travels to a medical center outside of his home state to enroll in a chronic disease management program that uses remote monitoring tools.  While at the medical center, the physician establishes a remote monitoring link with the patient at the medical center that will last for six months. Then the patient leaves the medical center and travels back to his home state.  Under state licensure laws, can the physician(s) at the medical center continue to provide services to this patient during the six month period?

There are many ways in which a state might respond to this scenario and others like it.

  1. Some states may enforce the law to the letter, requiring physicians to keep track of the location of their patients, and penalizing all remote monitoring and associated activities provided to patients physically located out-of-state.  To lawfully provide remote monitoring services to out-of-state patients under these circumstances, providers would need to continuously track patients by location and provide access to practitioners who are licensed in each of the states where the remote monitoring patients may be located during the monitoring period.  Although a literal interpretation of the existing laws in many states may support such an approach, due to the increased costs and administrative complications associated with tracking patients and establishing licensed practitioners in multiple states, many providers would find this to be unworkable.  Therefore, if states take this approach to enforcement, then many providers and technology developers are likely to abandon their efforts to develop innovative remote monitoring solutions.  Perhaps, for this reason, some medical boards will be reluctant to endorse this approach.
  2. Alternatively states may view an initial (and/or follow-up) in-person encounter(s) between the physician and the patient as the only relevant “encounters” for purposes of complying with the licensure requirements.  For example, states may see such activities as an extension of the custom that has traditionally been used to justify non-routine encounters between physicians and established patients while they are traveling or temporarily residing out-of-state. What is significant here is that such an approach would be an implicit acceptance of the practice of telehealth across state lines and if this lid is opened, it would be very hard for regulators to maintain the distinction between in-state and out-of-state telehealth.
  3. Lastly, some states may recognize that licensure restrictions need to be changed and begin the process of removing certain interstate practice restrictions.  A number of ideas on state licensure reform have been proposed over the years that states can draw from: e.g. entering compact agreements with other states (similar to the Nursing Licensure Compact); creating certain exceptions for remote monitoring and other telehealth practices; or seeking a national telehealth licensure framework under federal law.  For example, just last week, Representative Thomson from California introduced a Bill in Congress that, if enacted into law, would create a federal telehealth licensure standard for treating individuals enrolled in federal health plans.

One thing we can be sure of is that as telehealth continues to advance and the physical location of the patient becomes increasingly irrelevant, pressure on states to reform licensure requirements will only intensify.

by Joel Rush and Dawn Helak

All indications are that international telemedicine is well positioned for strong growth over the next several years. The global healthcare marketplace is ripe with opportunities for U.S. based healthcare systems and providers to take advantage of the expanding use of telemonitoring systems and other telemedicine technologies to deliver top flight healthcare to patients across the globe.

International TelemedicineHowever, wherever there are opportunities, there are challenges. In addition to the economic and financial barriers to launching an international telemedicine program, there are legal and regulatory uncertainties that surround telemedicine. Who should be licensed and in what jurisdiction? What security/privacy issues exist and are they addressed? What local laws apply? The lack of global standardization can make developing or expanding your telemedicine program internationally a potentially daunting task.

Below is a list of four key legal/regulatory issues that should be considered when developing an international telemedicine program:

1. Foreign Corrupt Practices Act – Put simply, the FCPA prohibits U.S. companies and individuals from paying bribes or kickbacks to a “foreign official” for the purpose of obtaining or retaining business. The term “foreign official” has been interpreted broadly, and in the context of healthcare, can potentially include anyone who works for a government owned or operated health system. This would include doctors, nurses, and administrators at hospitals and health systems that are frequently the main points of contact when developing an international telemedicine program. Given the severity of the potential penalties (imprisonment for individuals, exclusion from government programs for organizations, and hefty monetary penalties), it is critical for any healthcare organization considering international business arrangements, including a telemedicine program, to develop and implement an FCPA compliance and training program.

2. Medical Licensure – The definition and interpretation of the practice of medicine is a creature of state law within the United States and can vary widely internationally. Does the board of medicine in your state have a position regarding state-licensed physicians who practice medicine internationally? Are U.S. based physicians deemed to be practicing medicine in the foreign jurisdiction as a result of the telemedicine services they are performing? Do they need to be licensed to practice in the country where each telemedicine patient is located (under local and/or foreign laws)? It’s important to do your homework beforehand. A little time and energy on the front end may protect your program and its patients, providers, and institutions in the future.

3. Privacy and Security – As Ross noted in his most recent post, a new era of active enforcement of the HIPAA privacy and security laws is upon us. Hospitals and health systems in the United States are all too familiar with HIPAA requirements. Healthcare organizations develop intricate policies, procedures and systems aimed at ensuring the privacy and security of patients’ protected health information in the ordinary course of providing healthcare services. It is important to make sure that these policies, procedures and systems appropriately address issues that may arise with the provision of care to international patients.

  • Generally, policies and procedures related to the management, collection, and transfer (electronic or otherwise) of patient information should be consistent with the organization’s existing policies and procedures in order to ensure compliance with federal and state privacy and security laws, including guidelines for protection/encryption of patient information and storage of electronic patient information. However, it is important to confirm that existing policies address potential issues that may uniquely arise in the context of providing international telemedicine services.
  • Business Associate agreements should be in place with international partners (and vendors) as appropriate.
  • It’s critically important to examine and understand foreign privacy and security laws that may apply to international patients to ensure appropriate protocols and policies are in place. Many countries have even more stringent requirements with respect to protecting health and other information.

4. Fraud and Abuse Laws – The fraud and abuse laws may apply in a number of contexts in connection with an international telemedicine program, particularly for those programs in which non-employed community physicians participate. Federal fraud and abuse laws (including Stark Law and Anti-kickback Law) and state fraud and abuse laws need to be considered when structuring relationships with physicians who participate in the program. For instance, the means by which telemedicine technology is made available to participating providers and the billing structure for telemedicine services provided may complicate existing relationships that are otherwise compliant with fraud and abuse laws. Ross’s recent post summarizes the OIG’s 2011 Advisory Opinion addressing federal Anti-kickback issues and their impact on a domestic telemedicine program.