Tag Archives: telehealth

Data Leakage: The Threat of Not Knowing Where PHI Resides . . .

By:  Alaap Shah

Most health care companies are aware of their central repositories of electronic protected health information (“e-PHI”).  Unfortunately, e-PHI often leaks out of central repositories and exists in a variety of “hidden” places.  This data leakage can create real headaches for health care companies, and can lead to violations of privacy and security laws.

Read full article

Telehealth, Remote Monitoring & Medical Records: What Data Must Providers Include in a Patient Medical Record?

Telehealth creates unique health information management challenges for various reasons, including: aggregating large data sets (i.e. remote monitoring); using and storing numerous file formats (video, audio, text, digital images, film); establishing safeguards for sharing data with virtual providers and distant sites; determining the appropriate location for data storage (if more than one provider or entity is involved); and more.  All of these challenges create issues relating to medical record management, maintenance, ownership, and storage.

Read full article

Removing State Barriers to Telehealth: Where do we strike the balance?

About two weeks ago, the Governor of Nevada signed into law new legislation that removes a number of barriers to the practice of telehealth within the state of Nevada.  Among the most significant changes, the Nevada legislation allows physicians to establish a physician-patient relationship (which is a precondition for prescribing drugs, rendering diagnoses, and performing other medical services) through a telehealth encounter.  In doing so, Nevada joins only a small number of states that have taken this step.  However the Nevada law is significant not only because it allows a physician to establish a physician-patient relationship through telehealth, but also because it broadly expands the state’s definition of telemedicine to include telephonic communications (in addition to electronic face-to-face).

Read full article

Proactively Approaching Telehealth Informed Consent

Before initiating treatment, health care providers must generally obtain their patients’ informed consent. The purpose of the informed consent process is two-fold. First, it allows patients to gain an understanding of the risks and benefits of the proposed treatment, and alternative courses of action. Second, it helps shield providers from legal exposure.

A formal informed consent process is particularly critical for procedures that carry a high risk of patient injury. When considering such “high-risk” procedures, neurosurgery or radiation therapy may come to mind. However, in the practice of telehealth, reliance on imperfect technological tools, as well as the “distance” factor, can propel otherwise routine treatments into a higher risk category.

Read full article

THINGS THAT SHOULD KEEP THE TELEHEALTH COMMUNITY AWAKE AT NIGHT (Part 1)

We all know that telehealth is going mainstream.  The numbers speak for themselves.  A leading research firm predicts that 2.8 million patients worldwide used home-based remote monitoring devices in 2012—expected to increase to 9.4 million connections globally by 2017.  Another firm projects that the number of patients using telehealth services in the United States will grow to 1.3 million in 2017, up from 227,000 in 2012.  Even less rosy projections predict growth to 2 million patients worldwide by 2017.  The news is even better in subspecialties like telepsychiatry   that are showing tremendous adoption rates all across the country.  And the federal government is voicing its support for telehealth adoption in a variety of ways including awarding millions of dollars in grant funding for telehealth projects under its Centers for Medicare and Medicaid Services Health Care Innovation Awards program.

Read full article

Mobile Privacy & the FTC Act: Advice for Health Technology Companies

In the healthcare industry we often associate information privacy and security enforcement with HIPAA and state privacy laws.  However, a lesser known but in some cases just as significant regulator of information privacy is the Federal Trade Commission (“FTC”). This is especially true with regard to mobile health applications, which depending on how they function and collect personal information, may not be regulated by HIPAA.  Regardless of whether or not you have to comply with HIPAA, if you run applications or software that can access personal information, then the FTC’s privacy requirements should also be on your radar.

Read full article

Telehealth and Standards of Care

While telehealth technology advances, unresolved legal issues continue to deter wider adoption of telehealth as a means of delivering health care services. One issue that telehealth providers must consider is the standard of care that applies in telehealth encounters. Generally, a plaintiff in a medical malpractice suit must prove, among other things, that the provider breached the standard of care. Therefore, knowing what standard of care applies is critical for any telehealth provider that wishes to insulate itself from potential malpractice liability.

Read full article

Telehealth: The Final Frontier (Q&A)

Telehealth is going mainstream. Once limited to rural or remote communities, the use of telehealth is increasingly being used to address critical shortages within many medical specialties (such as dermatology, neurology, radiology, critical care and mental health), and as a more efficient means to provide health care services. Many leading nationally-recognized health care providers, health plans and others have significant telehealth initiatives underway often in partnership with telecommunications vendors and government entities.  And developments in this space tend to occur at a breakneck pace.  In fact, since our discussion with the Advisory Board, two more states have passed telehealth statutes.

Read full article

Physically Securing Electronic PHI in a Telehealth Environment

As the technologies used to deliver telehealth services become more complex, telehealth providers as well as other HIPAA “covered entities” have an increasingly demanding role to play in ensuring the security of protected health information (PHI).  To fulfill this role, both telehealth providers and their business associates (such as the information technology companies and data storage providers that support telehealth platforms) must implement not only technical safeguards, but also physical security measures.  From locks, to security guards, to alarm systems, physical security measures are a critical piece of the overall data protection equation.  While physical security may be an obvious concern for organizations that store sensitive data on-site, this topic deserves renewed attention in light of the growing popularity of off-site, cloud-based storage; new regulations; and more aggressive enforcement of Health Insurance Portability and Accountability Act (HIPAA) and state health privacy laws.

Read full article

Why Not Getting Paid Directly for Telehealth May Not Matter

During and after a recent presentation regarding telehealth before a health care executive group, we were inundated with the following question:  Why should a hospital provide telehealth services when often times it will not get paid for those services?  It is, on its face, a great question.  After all, few of us would want to provide services we know will not be reimbursed.  But, in many ways, the question misses the boat.  While a hospital may not be paid directly for providing telehealth services, it nevertheless could significantly benefit in a number of ways that prove just as valuable to the hospital.  This is especially the case as we transition from a fee-for-service system to one rewarding quality of care, patient outcomes, and clinical integration.  In other words, measuring the value of telehealth services solely based on direct reimbursement is misguided.

Read full article