Telehealth Archives - Page 19 of 35

Telehealth

Recent $2.5 Million OCR Settlement Is a Warning to Wireless Health Service Providers

by Amanda Enyeart, Drew Elizabeth McCormick and Lisa Mazur | May 3, 2017 | Consumer Protection, Cybersecurity, Data breach, Data Privacy, Telehealth

On April 24, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement in the amount of $2.5 million based on the impermissible disclosure of unsecured electronic protected health information (ePHI) by a provider of remote mobile monitoring, with a focus on patients who are at risk for cardiac arrhythmias.

In January 2012, the remote monitoring company reported that a workforce member’s laptop containing the ePHI of over a thousand individuals was stolen from a parked vehicle outside of the employee’s home. A little over one year later, the same company reported a second breach that compromised the ePHI of twice as many individuals (details regarding this breach were not provided by OCR).

OCR’s investigation revealed that the company allegedly had insufficient risk analysis and risk management processes in place at the time of the theft. Additionally, the company’s draft policies and procedures implementing the standards of the HIPAA Security Rule had never been implemented, and the company was also unable to produce final versions of any policies or procedures regarding the implementation of safeguards for ePHI, including those for mobile devices.

(more…)

More Federal Legislation Aimed at Expanding Medicare Coverage of Telehealth Services

by McDermott Will & Emery, Dale C. Van Demark, Lisa Mazur and Marshall E. Jackson, Jr. | Apr 11, 2017 | Consumer Protection, Data Privacy, General Interest, Telehealth

Late last month, Senator Cory Gardner (R-CO) and Senator Gary Peters (D-MI) introduced Senate Bill 787, the Telehealth Innovation and Improvement Act (Telehealth Improvement Act), which is focused on expanding Medicare’s currently limited coverage of telehealth services and opportunities for innovation.

The Telehealth Improvement Act would require the Center for Medicare and Medicaid Innovation (CMMI) to test the effect of including telehealth services in Medicare health care delivery reform models. More specifically, the Act would require CMMI to assess telehealth models for effectiveness, cost and quality improvement, and if the telehealth model meets these criteria, then the model will be covered through the Medicare program. (more…)

New York AG Settlement with App Developers Serves as a Warning for the Need for Evidence-Backed Commercial Claims

by Chelsea M. Rutherford and Jennifer S. Geetter | Apr 5, 2017 | Advertising & Marketing, Big Data, Consumer Protection, Data Privacy, Ecommerce, Electronic Contracting, Mobile Apps, Telehealth, Text Messaging

On March 23, 2017, the New York Attorney General’s office announced that it has settled with the developers of three mobile health (mHealth) applications (apps) for, among other things, alleged misleading commercial claims. This settlement highlights for mHealth app developers the importance of systematically gathering sufficient evidence to support their commercial claims.

Read the full article.

The TCPA: An Unexpected Deterrent to Patient Engagement Tools

by Amy C. Pimentel | Mar 31, 2017 | Advertising & Marketing, Consumer Protection, General Interest, Telehealth, Text Messaging

In an age where providers are increasingly taking the management of their patient’s health online and out of the doctor’s office, the creation of scalable and nimble patient engagement tools can serve to improve patient experience, health care outcomes and health care costs. While the level of enthusiasm for these tools is at an all-time high, there is a growing concern about the unexpected deterrent to the adoption of these tools from an unlikely source: the Telephone Consumer Protection Act of 1991 (TCPA).

Many professionals in the health industry have come to share two misconceptions about the TCPA: first, that the TCPA only applies to marketing phone calls or text message “spam,” and second, that the TCPA does not apply to communications from HIPAA covered entities to their patients/health plan members. These misconceptions can be costly mistakes for covered entities that have designed their patient engagement outreach programs without include a TCPA compliance strategy.

Compliance Challenges

As discussed in a previous post, the TCPA was originally intended to curb abusive telemarketing calls. When applying the law to smarter and increasingly innovative technologies (especially those that we see in the patient engagement world), the TCPA poses significant compliance challenges for the users of these tools that arguably threaten to curb meaningful progress on important public health and policy goals.

Despite its initial scope of addressing robocalls, the TCPA also applies to many automated communications between health care providers and their patients, and between plans and their members. There is a diverse array of technical consent requirements that apply depending on what type of phone call you make. For instance, most auto-dialed marketing calls to cell phones require prior express written consent, meaning that the caller must first obtain written consent before making the call. To make compliance more compliance, callers remain responsible for proving consent and the accuracy of the numbers dialed.

Indeed, the TCPA presents a serious challenge for patient engagement tools, especially when violations of the TCPA can yield statutory damages of up to $1,500 per call or text message. While Federal Communications Commission orders over the past several years have added some clarity and a “safe harbor” for HIPAA-covered entities to help entities achieve compliance, there is still no “free pass” from the TCPA’s requirements. Therefore, covered entities and the business associates who work for them should not assume that compliance with HIPAA offers any security of defense against a successful claim under the TCPA.

(more…)

Utah Provides Structure to Telehealth, Expands Access to Mental Health in Proposed Bill

by McDermott Will & Emery, Lisa Mazur and Marshall E. Jackson, Jr. | Mar 13, 2017 | General Interest, Telehealth

Utah is one of the many states that started off 2017 with proposals to change its existing telehealth laws and regulations. Proposed Utah HB 154 (the Proposed Bill), endorsed by Ken Ivory and Allen Christensen, amends the regulatory infrastructure for telehealth, with a focus on mental health. Two of the key components of the Proposed Bill are listed below:

The Proposed Bill creates a scope of telehealth practices within the Utah Health Code. Under the scope of practice requirements, any provider using telehealth to provide care will be held to the same standard of care as that applicable to in-person care. In addition, the Proposed Bill stipulates that a provider may not prescribe using telehealth unless the provider has obtained the patient’s relevant clinical history and documented the relevant clinical history and current symptoms. The provider must also be available for follow-up care and familiar with available medical resources near where the patient was located during the telehealth consult.
The Proposed Bill enacts a new provision to the Utah Medical Assistance Act specifically enabling the provision of mental health services—treatment of mental conditions that are approved in the DSM-V—via telehealth technologies. This provision of the Proposed Bill is Utah’s attempt to increase access to behavioral and mental healthcare services in Utah. In particular, the DSM-V addresses substance abuse disorders as mental health disorders, and the telehealth provision will enable providers to help treat addiction using telehealth services where treatment facilities may not otherwise be available. Importantly, the Proposed Bill’s Medical Assistance Act amendment applies to any managed care organization that contracts with Medicaid, or any provider who is reimbursed under the Medicaid program, and requires insurers to disclose whether they provide coverage for telehealth services for mental health as part of the price and value comparison requirement under Utah law.

The Proposed Bill was passed by both the Utah House of Representatives and Senate and was enrolled on February 24, 2017. The Proposed Bill now awaits Governor Gary Herbert’s signature. If approved, the Proposed Bill will greatly expand access to health care for the mentally ill in Utah, and additionally provide more guidance to assist in the expanded use of telehealth and telemedicine services within the state.

Texas to Take a Leap Forward in Telehealth – A Proposed Bill Drops the Controversial In-Person Evaluation Requirement

by McDermott Will & Emery, Dale C. Van Demark, Lisa Mazur and Marshall E. Jackson, Jr. | Mar 9, 2017 | General Interest, Telehealth

Texas telehealth requirements will significantly change in the near future if Texas Senate Bill 1107 is passed into law, as it removes the controversial “face-to-face” or in-person consultation requirement to establish a physician-patient relationship and lawfully provide telehealth and telemedicine services within the state. This bill comes after a six-year-long battle between telemedicine stakeholders and the Texas Medical Board, and will better align Texas’ regulations with those found in other states.

Read the full article.

Arkansas is at it Again! Telemedicine Regulation in Arkansas Undergoes Additional Change

by McDermott Will & Emery, Lisa Mazur and Marshall E. Jackson, Jr. | Mar 6, 2017 | Telehealth

Arkansas currently has one of the most restrictive telemedicine environments in the country, and was one of the last states to require an in-person examination to form a provider-patient relationship. Prior to September 2016, Arkansas telemedicine laws required an initial in-person encounter to establish a valid physician-patient relationship. In September 2016, the state expanded the formation of a provider-patient relationship to include a face-to-face examination using both real time audio and visual telemedicine technology that provides information at least equivalent to the information that would have been obtained through an in-person examination.

Then, early last month, Arkansas Senate’s Public Health, Welfare and Labor Committee approved Senate Bill 146, which was signed by the Governor and became Arkansas Act 203 on February 20th, which further amended the state’s telemedicine laws to, among other things, enable patients to access telemedicine services from their home or other remote locations. The Act modified the “originating site” location requirement, redefining “originating site” to permit services to be provided wherever the patient is located at the time of the consult. While this change has the potential to expand the use of telemedicine in Arkansas, the Act added more to its restriction on the formation of a professional relationship through telemedicine, as it states that a professional relationship cannot be formed through an internet questionnaire, email message, patient-generated medical history, audio-only communication, text messaging, fax machine or any combination of these technologies. This provision reaffirms that a patient relationship can only be formed in Arkansas with an Arkansas-licensed provider utilizing both real time audio and visual technology.

Notably, the Act also has implications for school-based telemedicine programs, which are increasing in popularity across the country. Arkansas requires school-based telemedicine programs that treat Medicaid recipients to utilize either the minor’s regular pediatrician or other primary care physician; a physician with a cross-coverage arrangement with the regular pediatrician or primary care physician; or have authorization from the regular pediatrician or other primary care physician of the minor. (In most cases, school-based telemedicine programs require a parent’s consent for telemedicine services, and a child’s pediatrician or other primary care provider is notified after the child treated via telemedicine.) This specific provision is particularly protective of the role of treating physicians, but does not include the requirement that a parent or guardian have the power to consent to the formation of a physician-patient relationship with a minor, which is ordinarily expected.

In sum, while the law will not make Arkansas a leader in expanded access to telemedicine, it will help bring Arkansas into line with the rest of the US.

The Joint Commission Puts the Brakes on Text Messaging Patient Orders

by Sandra M. DiVarco | Dec 28, 2016 | Data Privacy, General Interest, Telehealth, Text Messaging, Uncategorized

The Joint Commission (TJC) recently clarified that licensed independent providers (LIPs) or other practitioners may not utilize secure text messaging platforms to transmit patient care orders. TJC’s earlier position provided that use of secure text messaging platforms was an acceptable method to transmit such orders, provided that the use was in accordance with professional standards of practice, law and regulation, and policies and procedures.

TJC identified the rationale for the reinstated prohibition against secure text messaging for patient care orders as one of patient safety—after “weighing the pros and cons” TJC and the Centers For Medicare and Medicaid Services (CMS) concluded that as the impact of the modality on patient safety remained unclear, and determined that approving its use was premature.

Read more here about how this clarification impacts health care organizations.

Digital Health Solutions are Key to Success under Health Care Payment Innovations

by McDermott Will & Emery, Bernadette M. Broccolo and Lisa Mazur | Dec 20, 2016 | General Interest, Mobile Apps, Telehealth

Digital health—the intersection of health care related software applications, analytical tools, medical device technology and electronic data assets that are enabled and achieved through the use of the internet and hand-held devices—is empowering the innovation needed to meet the imperative for a transition from payment based on volume to payment based on value that is evaluated in terms of measurable improvements in care delivery and population health.

ODI post 2

One prominent example is the use of digital health solutions to implement the payment innovation contemplated by the Medicare Access and CHIP Reauthorization Act (known as MACRA)—which directly ties both payment increases and reductions to various, specific efficiency and value measures. The Merit-Based Incentive Payment System (MIPS), one of the two available payment pathways under MACRA, assigns points to clinicians in different performance categories, several of which promote the adoption of digital health solutions. To illustrate:

The Quality category requires six measures to be reported, many of which may be leveraged through the use of digital health tools. For example, the Maternity Care: Post-Partum Follow-Up and Care Coordination measure tracks the percentage of patients who were seen for post-partum care within eight weeks of giving birth who received particular evaluations, screening and education. Obstetricians, gynecologists and family medicine practitioners could earn points under this measure by using telemedicine technologies, like videoconferencing platform, to engage in virtual patient visits with post-partum patients to answer the patient’s questions, provide education on the recovery process and assess the patient’s physical and mental health status, including the performance of mandatory post-partum depression screenings.
The Advancing Care Information category requires the use of certified electronic health record technology to coordinate care through patient engagement (g., secure messaging). The implementation of patient portals with integrated messaging platforms facilitate communication between the patient and health care practitioner, providing additional functionalities like sending reminders, engaging in dialogue about follow-up care, encouraging preventative action and distributing educational materials. These portals typically also give the patient access to timely and informative data, like test results, that allow the patient to play a role in decision making and (hopefully) empower the well-informed consumption of care.
The Clinical Practice Improvement category is perhaps the best opportunity for digital health integration. Activities that improve beneficiary engagement, population management, expanded practice access and care coordination—among others—are assigned points and weighted. Here, mobile apps have the capability to enable e-visits via videoconference as an alternative method to an in-person visit; facilitate questionnaire reporting; and send reminders, materials and other notifications to alert and educate patients about services due. The apps also provide opportunities to generally inform the delivery of care for the specific patient by sending alerts to providers to indicate that it’s time for a visit or that a problematic symptom was noted on a questionnaire. Further, clinical practices could leverage app-sourced data to gain information about patient trends, clinical areas of concern or successes related to digital health tool utilization.

For [...]

Continue Reading

Digital Health’s Perfect Storm of Regulators

by McDermott Will & Emery, Bernadette M. Broccolo and Lisa Mazur | Dec 19, 2016 | General Interest, Telehealth

Both developers and users of digital health solutions face both immense opportunities and daunting challenges. One key challenge is compliance with the often complex state and federal laws and regulations adopted by the numerous regulatory bodies responsible for overseeing different aspects of digital health. The following illustration identifies the numerous regulatory bodies that have been increasingly focused on the use of technology in healthcare and are expected to continue their focus and enforcement activities in the coming years.

ODI blog

Because innovation is moving faster than the law in this area, in-house counsel and compliance officers must be prepared to identify and manage the myriad compliance and liability risk considerations arising from participation in and use of digital health tools. This will require an understanding of how each of these regulatory bodies oversees and regulates digital health today and close monitoring of how that evolves and changes in the future.

Health care providers, patients and consumers should approach the selection and use of digital health advancements with a reasonable degree of caution. As AMA CEO James L. Madara, MD, advised in his address at the recently concluded 2016 AMA Annual Meeting, “…. Appearing in disguise among these positive products are other digital so-called advancements that do not have an appropriate evidence base … or that just do not work well or that actually impede care, confuse patients and waste our time … from ineffective electronic health records to an explosion of direct-to-consumer digital health products to apps, some of which are of poor quality.” In this regard, providers would be well served by performing sufficient “due diligence” to determine whether the functionality of the digital health tool effectively meets their specific clinical and operational needs, as well as the needs of their patients, and to evaluate the developer’s compliance with applicable laws and regulations.

Older Posts »

« Newer Posts

BLOG EDITORS

Amanda Enyeart

Marshall E. Jackson, Jr.

BLOG EDITORS

STAY CONNECTED

TOPICS

ARCHIVES

RECENT POSTS