Legal considerations
Here we’ve summarized a few of the legal considerations when providing telehealth visits and resources for additional information.
Protecting patient health information
Cybersecurity
Electronic health records are often targeted by malware and hackers. These resources can help you ensure that you are taking the necessary steps to protect patients’ health information:
- Cybersecurity 101: What You Need to Know (PDF) — from the American Medical Association
- Physician cybersecurity — from the American Medical Association
- Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (PDF) — from the Health Sector Coordinating Council
- Cyber Security Guidance Material — from the U.S. Department of Health and Human Services
HIPAA compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) ensures that health care providers protect patients’ personal health information. All of the telehealth services you provide need to be in compliance with HIPAA rules.
The U.S. Department of Health and Human Services Office for Civil Rights released guidance to help health care providers and health plans bound by HIPAA and HIPAA rules understand how they can use remote communication technologies for audio-only telehealth. Information in the guidance includes the ability to comply with HIPAA when using remote communications to provide audio-only telehealth services, the need to meet HIPAA rules for electronic protected health information transmitted over electronic media, and when a business associate agreement with a telecommunication service provider is not necessary.
Protecting yourself from liability and malpractice
Before you offer telehealth:
- Check with your insurance company to make sure they cover telehealth. In some cases, liability insurance will already cover it, and in others, you may need to purchase supplemental coverage.
- If you plan to offer telehealth in more than one state, you will need to confirm that your insurance policy covers you for all locations.
- You will also want to be aware of any state laws that regulate how you collect and store protected health information. To find out more about the state laws where you practice, visit State Health Care Law .
Tip: Telehealth Privacy Tips for Providers (PDF)
For more information on legal considerations:
- Legal Considerations for Implementing a Telehealth Program — from the Rural Health Information Hub
- Privacy and liability in telehealth webinar — from the National Consortium of Telehealth Resource Centers
Read more about licensing requirements and obtaining informed consent.