René Quashie and Amy Lerman were featured in an article titled "With Use of Telehealth Expected to Grow, Hospitals Confront Fraud, HIPAA Pitfalls."
"Organizations that anticipate using telehealth should consider implementing compliance measures," Lerman said at a March 13 webinar sponsored by the Health Care Compliance Association. She said that policies and procedures related to telehealth regulatory requirements should be crystal clear.
Quashie, who also spoke at the webinar, believes telehealth has a bright future. "With the skyrocketing costs of health care, many providers, patients and payers see telehealth as a means to deliver health care in a more efficient, cost-effective way…while maintaining quality — important principles in the success of accountable care organizations, for example," Quashie said. "But there are legal and regulatory barriers."
Now "hospitals and critical access hospitals may rely on the credentialing and privileging conducted by the distant-site facility for telemedicine practitioners providing telemedicine services," he said, which "removes one of the biggest stumbling blocks."
This is almost a contradiction in telehealth terms because "you can be in one state and provide care to a patient in another state," Lerman said.
And some states allow physicians to prescribe through telehealth only if there's a pre-existing relationship with the patient "even if the physician is licensed in the state where the patient is physically located," Lerman said.
To promote compliance with patient privacy and data security requirements, Quashie recommended a comprehensive intake procedure. It would include a HIPAA authorization form and consent form for certain technology (e.g., videoconferencing) "in which the potential risks and consequences are disclosed." For example, "the transmission of health information could be disrupted or distorted by technical failures and/ or the transmission of the health information could be intercepted or accessed by unauthorized persons," he said.