Addressing Risks Associated With Telehealth

Patient Safety & Risk Solutions

Advances in telecommunication technologies over the years have increasingly made telehealth a viable option for healthcare delivery. The benefits and value of telehealth have become even more evident in the wake of the COVID-19 pandemic, which rapidly accelerated the adoption of virtual care.


In the current healthcare landscape, telehealth is helping address issues related to healthcare accessibility, cost efficiency, infection prevention, patient satisfaction, and more. Yet, like any type of care, telehealth carries risks, including issues associated with licensing, credentialing and privileging, online prescribing, informed consent, health information privacy and security, standards of care, and care coordination.


Through careful consideration and risk assessment, healthcare organizations and providers can identify safety and liability issues associated with their telehealth services and proactively implement safeguards throughout the telehealth process. The following list offers key strategies for addressing risks associated with telehealth.

  1. Be knowledgeable about federal and state laws and regulations related to telehealth, such as requirements for licensure, online prescribing, informed consent, clinical decision-making, and quality improvement. Check with your state medical, osteopathic, nursing, or dental board for specific guidance.

  2. Verify with your professional liability carrier that you have coverage for the telehealth services you plan to offer.

  3. Identify and implement telehealth best practices, and stay abreast of any changes in telehealth regulations and standards of care. The American Telemedicine Association and other professional associations have published a number of telehealth practice guidelines.

  4. Ensure that providers delivering telehealth services are properly credentialed (either by the originating site or the distant site) and qualified for their proposed scopes of service. Any privileges granted should comply with applicable scope of practice laws.

  5. Develop and implement patient selection criteria and standardized clinical protocols for telehealth services to ensure consistency, quality, and efficiency of care.

  6. When multiple providers are involved in a patient’s care, have a clear understanding of duty of care and clinical responsibilities at both the originating and distant sites, including disclosure of any adverse events. Make sure the specific provisions and accountabilities are documented.

  7. Implement protocols to ensure that communication from distant site telehealth providers is promptly reviewed and necessary actions are taken.

  8. Ensure that technology and equipment used for telehealth services are high quality, functional, and properly maintained and serviced. Providers and staff should be aware of who is responsible for equipment maintenance.

  9. Assess the privacy and security risks of your telehealth systems, and implement safeguards at all points of risk exposure. Monitor the systems for possible security breaches.

  10. Make sure that any telehealth vendors who are considered business associates can demonstrate compliance with applicable laws and regulations. Have legal counsel review all contracts and business associate agreements with vendors.

  11. Train telehealth providers and staff on applicable telecommunication technologies, scope of telehealth services offered, equipment maintenance, and privacy/security standards.

  12. Train telehealth providers and staff on patient care operations and workflow for telehealth encounters (e.g., confirming patient and provider readiness, verifying the patient’s identity, implementing a back-up plan in the event of a technological failure, etc.)

  13. Educate patients about the availability and types of telehealth services, required technology, potential limitations, and situations in which care delivery via telehealth is not optimal or viable.

  14. Conduct thorough informed consent discussions with patients that include information related to the proposed treatment or procedures as well as a discussion of risks specific to the delivery of care using telecommunication technologies.

  15. Develop a written policy related to documentation for telehealth services, and verify that providers and staff members are knowledgeable about and comply with the policy.

  16. Ensure that your organization’s mechanism for incident reporting supports telehealth events, and evaluate telehealth activities as part of ongoing quality improvement initiatives. Surveys or questionnaires can help gauge provider and patient satisfaction with telehealth services.

Resources

For more information about managing risks associated with telehealth, see Risk Resources: Telehealth/Telemedicine and take MedPro’s on-demand continuing education program Telemedicine: Evaluating Virtual Care From a Risk Management Perspective.

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.