Telemedicine Amidst Healthcare Reform: Practicalities and Pitfalls

by CMCP - California Minority Counsel Program

The Supreme Court’s recent decision upholding the Patient Protection and Affordable Care Act underscores the need to deliver and make accessible quality healthcare to patients throughout the United States in an efficient and cost-effective manner. The stage has been set for an upsurge in telemedicine practices.

What is telemedicine?

The Federal Department of Health and Human Services and its Centers for Medicare and Medicaid Services (“CMS”) defines “telemedicine” as “the provision of clinical services to patients by practitioners from a distance via electronic communications.” Telemedicine covers a broad range of services, from remote monitoring of stroke and cardiac patients to diagnostic interpretations completed at a distant location. Telemedicine is transforming the way healthcare is delivered and monitored, permitting the delivery of a wide-range of healthcare services anywhere at any time.

Why the recent interest in telemedicine?

Telemedicine practices have been discussed within the healthcare industry for several decades. In recent years, as technological innovations more rapidly influence how healthcare organizations provide care to patients and the shortage of specialty providers becomes more apparent, the relevance and popularity of telemedicine services has grown remarkably.

In May 2011, to help patients receive medically necessary interventions in a more timely manner, CMS issued a much-awaited final rule on telemedicine credentialing and privileging, effective July 5, 2011. This final rule revised the federal Medicare Conditions of Participation (“CoPs”) for hospitals and critical access hospitals (“CAHs”) to permit a more flexible process when credentialing and privileging practitioners who provide telemedicine services. Under the revised CoPs, hospitals and CAHs may now rely on the credentialing and privileging decisions made by distant-site hospitals or the information provided by other telemedicine entities when determining privileges for distant-site practitioners who provide telemedicine services without an independent review, as long as certain conditions are met, including a compliant written agreement, an internal review process for evaluating telemedicine practitioners, and revised medical staff bylaws.

What legal pitfalls must healthcare organizations avoid to effectively implement telemedicine practices?

Recognizing the benefits of telemedicine, and encouraged by recent developments in federal laws, healthcare organizations have increased their reliance on telemedicine technologies and services to meet their patients’ healthcare needs. Nevertheless, new legislation provides little guidance as to how healthcare organizations should implement changes to effectively provide telemedicine services while appropriately protecting patient safety. Therefore, when providing healthcare via telemedicine, these organizations must take into account the following significant unaddressed legal issues to ensure that their telemedicine services are compliant with federal and state requirements:

  • Reimbursement: Currently, Medicare reimbursement for telemedicine services is limited. Medicaid reimbursement varies from state-to-state, and only about thirteen states have enacted statutes that recognize or require reimbursement for certain telemedicine services by commercial insurers. Due to this varied climate, healthcare organizations should be aware of the federal and state reimbursement requirements and restrictions that may affect their billing practices, know what telemedicine services will and will not be reimbursed, know how to bill for telemedicine services, and only submit compliant claims to avoid liability for fraud and abuse and false claims.
  • Physician Credentialing and Privileging: To mitigate possible negligent credentialing claims and associated risks, when entering into written agreements with distant sites that claim to credential and privilege their practitioners, healthcare organizations must determine that any written agreement they sign reflects current legal requirements, establish specific responsibilities of distant-site hospitals and other telemedicine entities, and ensure that written agreements include adequate representations, warranties, and indemnifications regarding the quality of services provided by the distant site and any entity with which the distant site subcontracts.
  • Medical Staff Bylaws: Healthcare organizations that rely on information from a distant site to credential and privilege telemedicine practitioners must review and revise their medical staff bylaws and credentialing and privileging policies to include criteria for granting privileges to distant-site practitioners, and a procedure for applying the criteria to those practitioners. Revisions should also address what category of the medical staff distant-site telemedicine practitioners will join, the level of involvement they may have in medical staff committees, and what procedural rights they should be given.
  • Physician Peer Review: Healthcare organizations and telemedicine entities must develop policies and procedures for monitoring telemedicine practitioners and sharing internal review information so that the privacy of physician peer review and patient information is protected while information needed to make accurate credentialing and privileging decisions is regularly shared. At a minimum, this information must include all adverse events that result from telemedicine services provided by a practitioner to patients, and all complaints the healthcare organization has received about a practitioner. Information should only be disclosed in a manner that preserves all peer review privileges under state law.
  • Patient Privacy and Consent: Prior to relying on any telemedicine technology to collect and transfer patients’ protected health information, healthcare organizations should ensure that they have secure communication channels in place; have implemented entity- and technology-specific business associate and other confidentiality and privacy agreements; have created policies and educated all administrators, employees, and medical staff members regarding the appropriate use of telemedicine technologies; and understand how and what patient information is being collected, communicated, and stored. When information is shared between two distinct entities, all disclosures must comply with federal privacy laws, including the Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act. Written agreements between entities should identify what patient health information may be shared and how telemedicine practitioners will use or maintain patient health records for both patient care and healthcare liability purposes. Likewise, to mitigate the risk of malpractice claims, practitioners must comply with individual state requirements, which vary from state to state, when providing telemedicine services to ensure that patients are properly aware of the method in which healthcare is being delivered.

Telemedicine is an exciting area of healthcare that opens the door to greater access, greater efficiency, and more effective healthcare delivery. As can be seen, successful implementation of telemedicine practices requires a preemptive approach to addressing potential pitfalls.

Jee-Young Kim is an Associate at Fulbright & Jaworski LLP; 213-892-9360


Written by:

CMCP - California Minority Counsel Program

CMCP - California Minority Counsel Program on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.