The coronavirus has undoubtedly changed the way we live and interact. One industry that has perhaps been impacted most is healthcare, which has been forced to adjust and level up. The reality is the current pandemic has given us a glimpse of the future of the healthcare industry in real time by relaxing regulatory barriers thus allowing for the expansion and use of telehealth. This was not only authorized by the federal government but essential to ensuring continuity of care for a number of physical and mental health patients.
As a result of the pandemic, and more specifically the resulting stay-at-home-orders, state and federal governments have been forced to lift barriers to ensure patients receive the care they need without having to leave their home. The goal was rather simple – keep patients away from crowded and potentially infected medical facilities. To make it make sense financially, government and private insurers have increased the payment of telemedicine visits so they are on par with in-person visits. This wasn’t the case before the pandemic; in fact, less than half of the amount was paid, which undoubtedly dissuaded a number of providers from offering telemedicine services. Things have changed though, at least for the near future.
The thing is telehealth is officially here and it’s changing the landscape of the healthcare industry creating an interesting business opportunity for those interested in the cross-section of technology and healthcare.
What is telehealth?
Telehealth is the use of digital information and communication technologies, such as computers and mobile devices, to access health care services remotely and manage your health care. The Health Resources and Services Administration (“HRSA”) of the U.S. Department of Health and Human Services (“HHS”) defines telehealth as the use of electronic information and telecommunications technologies to support and promote long-distance clinical health care, patient and professional health-related education, public health and health administration. Technologies include videoconferencing, the internet, store-and-forward imaging, streaming media, and terrestrial and wireless communications.
Although underutilized, getting health care by phone or videoconferencing has been around for several years. The problem is, in the past, embracing new technology, particularly in health care, was ripe with doubt due to concerns over cost and quality of care. That said, the times have propelled both patients and doctors, as well as state and federal governments, to be more accepting of its use.
Notably, over the past three years, the Centers for Medicare & Medicaid Services (CMS) has encouraged the rise of telemedicine by allowing doctors to bill for their time talking to patients over the phone and doing video chats to help triage medical issues. In reality, this was typically limited to and reserved for those patients who had a harder time gaining access to doctors, such as those who lived in rural areas. Perhaps, this is the reason the door has effectively been opened – everyone now has a “hard time” gaining access to doctors given the need to minimize public appearances. The timing seemed to be right and ripe for telehealth, which is now seemingly well positioned and poised to make a major push in the healthcare industry. This push is somewhat dependent on protecting the privacy and security of protected health information.
So, here’s how we got here…
Opening the Door for Telehealth
On March 6, 2020, President Trump signed the Coronavirus Preparedness and Response Supplemental Appropriations Act, which effectively empowered the U.S. Department of Health and Human Services (“HHS”) to waive certain Medicare requirements to expand access to telehealth and reimburse providers for virtual office visits. On March 13, 2020, President Trump declared the pandemic a national emergency, thus allowing HHS to temporarily drop requirements for telehealth consultations and let providers work in states without licenses. On March 17, 2020, HHS’s Office for Civil Rights (“OCR”) waived potential penalties for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). On March 30, CMS issued its first set of telehealth waivers on authorized payment for professional services in a wide range of specific health care settings, some of which were not previously eligible for any form of telehealth reimbursement. On April 9, CMS announced that it was expanding the emergency blanket waiver even further to allow additional health care services across state lines and to the maximum extent permitted by state law.
Collectively, these actions more than opened the door, it fast-tracked telehealth and placed it at the forefront of patient and provider interaction.
Relaxed Enforcement Policy by the Office of Civil Rights
As a result of these actions, for the first time, millions of Americans are now connecting with their doctors electronically. According to HHS’s website, the OCR will exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA rules (with the good faith provision of telehealth) during the COVID-19 nationwide public health emergency. In effect, by doing so, HHS recognized that certain telecommunication platforms may not fully comply with all of the requirements of HIPAA., but nevertheless needed to be accepted.
HHS relaxed the HIPAA privacy and security requirements to allow telemedicine providers to use relatively less secure methods of communication to reach patients. These methods include:
- Skype for Business / Microsoft Teams
- Zoom for Healthcare
- Google G Suite Hangouts Meet
- Cisco Webex Meetings / Webex Teams
- Amazon Chime
- Spruce Health Care Messenger
Although these methods are not HIPAA compliant, they are HIPAA accepted. Such acceptance appears to be based upon the private nature of these telecommunication technologies. In other words, they are not public-facing products. That said, it is important to note that the OCR does not allow for use of public-facing products like Facebook Live or Tik Tok, which are not intended to be private in even their intended use. In short, the overall expectation is telehealth services will be provided in private settings and privacy remains a strong consideration. Although it is virtually impossible, at least at this stage in the game, to in fact ensure total privacy when communicating remotely, HIPAA safeguards should always be considered. Other practical safeguards should also be used, which, for instance, should include:
- Speaking in a lower voice;
- Avoiding speakerphone; and
- Recommending the patient move to a place where there are no people
Providers should inform the patient of situations with increased privacy risks, and the risks should be addressed accordingly. Further technical assistance on telehealth is provided at HealthIT.gov.
We live in a world where telecommunication is not only widely used, but it’s rather sophisticated. Can it be improved? Sure, but the point here is much simpler. The pandemic has effectively changed the rules of the game in terms of how patients interact with healthcare providers. As a result of the pandemic, how healthcare is administered and provided very well could have changed right before our eyes. The fact of the matter is the transition was inevitable and telehealth will continue to mature as technology advances – and technology always advances.
As noted above, there are some telecommunication platforms that exist, but the question is which will rise to the level of virtual sophistication needed to shift the paradigm. This makes the real question – and perhaps opportunity in the very near future – how can telehealth more seamlessly and fluently integrate a more sophisticated telecommunication platform technology into how we interact with healthcare providers while ensuring the needed privacy of that interaction?
Telehealth looks like it is here to stay and the rules will continue to change to allow for its growth. It is likely more legal and legislative changes will happen in the months and years to come to make this transition possible as well as more user-friendly so to speak. The next logical step in the telehealth evolution will then be the development and, more importantly, acceptance of a dominant HIPAA compliant telecommunication technology.
Stay tuned – I think it’s safe to say telehealth is here to stay, but this is far from over…