Telehealth liability can differ from state to state, as can some aspects of documentation that need to be entirely digital
As more and more chiropractors are implementing telehealth into their practices during the pandemic, it’s extremely important for them to understand exactly what they can and can’t do in regard to telehealth liability, and what they should be aware of.
We asked Erin Jackson, managing partner and health care attorney at Jackson LLP Healthcare Lawyers, to answer some questions about telehealth liability. Her firm advises health care entities and practitioners about legal and regulatory compliance, including telemedicine issues. What follows is an edited version of our interview.
What is the most important thing that chiropractors need to keep in mind when using telehealth to protect both themselves and their patients?
It’s crucial to remember that not all patients and not all conditions can be cared for via telehealth while also meeting your standard of care. Your legal standard of care is the level of skill that you’re required to provide to ensure you’re meeting your duty to your patients. This is oversimplifying it, but it essentially asks whether a reasonable practitioner in your shoes would have acted differently.
If a patient’s condition cannot be skillfully assessed via telehealth, then your duty is to provide the degree of care that is appropriate — which often means in-person assessment, an order for imaging, or a referral to a differently-licensed practitioner. This comes into play when a jury or judge is determining whether you acted negligently in a medical malpractice lawsuit.
In regard to licensing concerns, if they’re treating people over states lines, what do they need to be aware of with telehealth liability?
They need to know the licensing laws in the state where the chiropractor is located, but also of the requirements in the state where the patient is located. As a general rule, most medical boards have concluded that the services are being rendered in the state where the patient is located.
Typically, the DC will be held to the license restrictions and duties of both states while offering those services.Note that there have been some Medicare waivers and relaxation of these rules for COVID, but if the state(s) haven’t also adopted these waivers, then practicing across state lines may still violate the state laws.
How can they abide by HIPAA regulations?
They are mandated to maintain written HIPAA policies and procedures which address their specific efforts to comply with the privacy, security, and breach notification rules, as well as their state medical privacy requirements. Simply using a HIPAA-compliant EMR/EHR or telehealth platform is completely insufficient.
What should they never do via telehealth?
This framework isn’t how the law works. The answer to each question of “Can I do X?” is “It depends.” This depends upon the DC’s skill, the patient, the geography, the technology at their disposal, the state’s practice act, other applicable laws, whether they are acting within the applicable requirements of federal and state health care fraud laws, and so much more.
So, in short, they should never violate the civil or criminal laws that apply to their practice, and they should never fall below their standard of care to their patients.
Documentation concerns for telehealth liability can include:
- They’re navigating electronic signatures.
- Some DCs have paper-based practices, and with telehealth, the record itself is created in a digital platform.
- Patient registration packets and informed consent need to be transmitted and obtained digitally.
What else do DCs need to be aware of regarding their liability while providing telehealth during coronavirus?
- The integration between the virtual waiting rooms and the DC’s ability to provide high-quality customer service without front desk support may lead to negative online reviews. It’s imperative that they not respond publicly to any such reviews, and practices have indeed been fined for the HIPAA violation that public responses can constitute.
- The DC needs to obtain informed consent for both the services they will offer (chiropractic care) and for the manner in which it will be offered (via telehealth). These need to be in writing and a part of their registration packet. Further, informed consent is a conversation, not a form, and it needs to be done live with the patient and documented carefully during the visit.
- They must be sure that their liability insurer covers telehealth visits.
- They need to have a plan for what happens if the patient has a medical emergency, or for what happens if they are inadvertently disconnected from their patient during the visit.
- If they will be billing insurance, they need to be sure that they’re using the right billing codes. Insurance is regulated state-by-state, and insurer-by-insurer. The Medicare waivers implemented for some providers for telehealth parity are set to expire, so we’re watching the regs on that carefully. Be sure that patients aren’t surprised if telehealth visits aren’t covered when in-person visits were.
- Be careful about the business relationships with telehealth platforms. Many new platforms are coming online which want to be compensated by taking a per-booking fee or a percentage of patient revenues. Many of these payment schemes violate state practice act fee-splitting prohibitions.