Onset of COVID 19 pandemic created an urgency in provision of medical services to remote areas through digital and online means and adoption of technology. Prior to March 25, 2020, there was no single consolidated regulation or guideline in India which dealt with the practice of telemedicine. Telemedicine was accordingly governed by the same statutes that govern the ‘practice of medicine’ in India such as Indian Medical Council Act, 1956 (as superseded by the National Medical Commission Act, 2019, the “IMC Act”) and the subsequent rules and regulations issued thereunder.
The Ministry of Health and Family Welfare on March 25, 2020 issued the Telemedicine Practice Guidelines (“Guidelines”) for enabling Registered Medical Practitioners1 (“RMPs”) to provide healthcare using telemedicine. RMPs need to follow these Guidelines while providing telemedicine consultation to patients. The Guidelines have been adopted as an amendment to the Indian Medical Council (Professional Conduct, Etiquette and Ethics) Regulations, 2002 by adding regulation 3.8 titled as ‘Consultation by Telemedicine’ in the said regulations. In accordance with these regulations, the consultation through telemedicine by the RMPs under the IMC Act will be permissible in accordance with the Guidelines.
The Guidelines cover norms and standards for RMPs to consult patients via telemedicine. Telemedicine includes all channels of communication with the patient that leverage information technology platforms, including voice, audio, text, and digital data exchange (refer to our article at https://lexcounsel.in/wp-content/uploads/2020/04/Newsletter-March-27-2020-.pdf for more details on the Guidelines).
RMPs are entitled to provide telemedicine consultation to patients from any part of India. However, if consultation centres or clinics are intended to be set up to deal with patients, their reports, primary care and in-person consultation and advice post discussions with doctors via telemedicine, the consultation centres or clinics would need compliance with certain central/state specific legislations.
The Central Government has enacted the Clinical Establishments (Registration and Regulation) Act, 2010 (“CE Act”) to provide for registration and regulation of all clinical establishments in India with a view to prescribe the minimum standards of facilities and services provided by such establishments. The term ‘clinical establishment’ has been defined widely under the CE Act and includes a hospital, maternity home, dispensary, clinic, diagnosis centre or an institution that offers services, facilities requiring diagnosis, treatment or care for illness, injury, deformity, abnormality, or pregnancy in any recognized system of medicine established and administered or maintained by any person or body of persons, whether incorporated or not.
Initially, the CE Act was applicable in the States of Arunachal Pradesh, Himachal Pradesh, Mizoram, Sikkim, and all Union Territories except the NCT of Delhi. Subsequently, the States of Uttar Pradesh, Uttarakhand, Rajasthan, Bihar, Jharkhand, Assam and Haryana have adopted the CE Act.
Considering that not all states have adopted the CE Act, many states such as Tamil Nadu, West Bengal, Karnataka have enacted state specific clinical establishments regulations. For instance, the Karnataka Private Medical Establishments Act, 2007 (“KPME Act”) provides for the regulation of private medical establishments in the State of Karnataka. Although the KPME Act does not expressly include ‘Telemedicine’ within its ambit, the KPME Act requires mandatory registration to establish or carry on any ‘private medical establishment’ which includes clinical laboratory, diagnostic centre, physiotherapy centre, clinic, polyclinic, consultation centre. A private medical establishment can be established, run or maintained in the State of Karnataka in accordance with the terms and conditions of registration granted under KPME Act. An application for registration is required to be made to the district registration authority with a fee of Rs. 1,500 (Rupees One Thousand and Five Hundred) if the centre is proposed to be uni-specality and Rs. 5,000 (Rupees Five Thousand) if the centre is proposed to be multi-specality. Registration is granted after satisfaction of the pre-requisites for registration.
Similarly, the Tamil Nadu Clinical Establishments (Regulation) Act, 1997 (“TNCE Act”) provides for the regulation of the clinical establishments in the State of Tamil Nadu. Although the TNCE Act does not expressly include ‘Telemedicine’ within its ambit, the TNCE Act requires mandatory registration to establish or carry on any ‘clinical establishment’ which incudes a dispensary, consulting room, clinic, polyclinic, or nursing home etc. An application for registration of the clinical establishment is required to be made in Form – 1 of the Tamil Nadu Clinical Establishments (Regulation) Rules, 2018. If the clinical establishment is offering services in more than one recognized system of medicine, separate applications would be required to be made for each such system of medicine such as Allopathy, Yoga, Naturopathy, Ayurveda, Homeopathy etc.
Selling, stocking, exhibiting or offering for sale or distribution of drugs by the consultation centre or clinic post consultation with doctors via telemedicine would need to comply with the Drugs and Cosmetics Act, 1940 (“DC Act”) and the Drugs and Cosmetics Rules, 1945 (“DC Rules”). The consultation centre or clinic would need to seek a licence under the DC Act. An original licence or a renewed licence to sell drugs, unless suspended or cancelled, is valid for a period of five (5) years on and from the date on which it is granted or renewed. The form and categorization of the license to be obtained by the consultation centre or clinic under the DC Act and DC Rules is dependent on the drugs proposed to be dispensed at.
The Bio-Medical Waste Management Rules, 2016 (“BMWM Rules”) would also become applicable to the consultation centre or clinic if it generates, collects, receives, stores, disposes, or handles bio-medical waste in any form. The term ‘bio-medical waste’ includes any waste, generated during the diagnosis, treatment or immunization of human beings or animals or research activities pertaining thereto or in the production or testing of biological or in health camps including the categories of bio-medical waste mentioned in Schedule I appended to the BMWM Rules. The BMWM Rules requires the clinic to take all necessary steps to ensure that bio-medical waste is handled without any adverse effect to human health and the environment.
Considering that consultation via telemedicine would require exchange of personal and sensitive medical information about the patient, the collection and storage of such ‘personal information’ and ‘sensitive and personal data or information2’ would be regulated by the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“Data Protection Rules”), enacted pursuant to section 43A of the Information Technology Act, 2000 (“IT Act”). In terms of section 43A of the IT Act, if a body corporate possessing, dealing or handling any ‘sensitive personal data or information’ in a computer resource, which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected.
If the local consultation centres or clinics fall within the ambit of the definition of the term ‘clinical establishment’ under the applicable clinical establishment legislations, then the practice of telemedicine through centralized hub and state-wise consultation centres or clinics would need to comply with the above discussed regulations and many other ongoing compliances stipulated under the applicable legislations.
1 A person who is enrolled in the State Medical Register or the Indian Medical Register under the Indian Medical Council Act 1956.
2 ‘Personal information’ as defined under the Data Protection Rules means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person. Further, the term ‘sensitive personal data or information’ as defined under the Data Protection Rules means such personal information which consists of information relating to:
ii. financial information such as bank account or credit card or debit card or other payment instrument details;
iii. physical, physiological and mental health condition;
iv. sexual orientation;
v. medical records and history;
vi. biometric information;
vii. any detail relating to the above clauses as provided to body corporate for providing service; and
viii. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.