Addressing Risks Associated With Telehealth

August 17, 2021

Reading time: 3 minutes

Advances in telecommunication technologies over the years have increasingly made telehealth a viable option for healthcare delivery. The benefits and value of telehealth have become even more evident during and in the aftermath of the COVID-19 pandemic, which rapidly accelerated the adoption of virtual care.

In the current healthcare landscape, telehealth is helping address issues related to healthcare accessibility, staffing shortages, cost efficiency, infection prevention, patient satisfaction, and more. Yet, like any type of care, telehealth carries risks, including issues associated with licensing, credentialing and privileging, online prescribing, informed consent, health information privacy and security, standards of care, and care coordination.

Through careful consideration and risk assessment, healthcare organizations and providers can identify safety and liability issues associated with their telehealth services and proactively implement safeguards throughout the telehealth process. The following strategies offer guidance for addressing risks associated with telehealth.

  1. Be knowledgeable about federal and state laws and regulations related to telehealth, such as requirements for licensure, online prescribing, informed consent, clinical decision-making, and quality improvement. Check with your state medical, osteopathic, nursing, or dental board for specific guidance.
  2. Verify with your professional liability carrier that you have coverage for the telehealth services you plan to offer.
  3. Identify and implement telehealth best practices, and stay abreast of any changes in telehealth regulations and standards of care. The American Telemedicine Association and other professional associations have published a number of telehealth practice guidelines.
  4. Ensure that providers delivering telehealth services are properly credentialed (either by the originating site or the distant site) and qualified for their proposed scopes of service. Any privileges granted should comply with applicable scope of practice laws.
  5. Develop and implement patient selection criteria and standardized clinical protocols for telehealth services to ensure safety, consistency, quality, and efficiency of care.
  6. When multiple providers are involved in a patient’s care, have a clear understanding of duty of care and clinical responsibilities at both the originating and distant sites, including disclosure of any adverse events. Make sure the specific provisions and accountabilities are documented.
  7. Implement protocols to ensure that appropriate individuals promptly review communication from distant site telehealth providers and take any necessary actions.
  8. Ensure that technology and equipment used for telehealth services are high quality, functional, and properly maintained and serviced. Providers and staff should be aware of who is responsible for equipment maintenance.
  9. Assess the privacy and security risks of your telehealth systems, and implement safeguards at all points of risk exposure. Monitor the systems for possible security breaches.
  10. Make sure that any telehealth vendors who are considered business associates can demonstrate compliance with applicable laws and regulations. Have legal counsel review all contracts and business associate agreements.
  11. Train telehealth providers and staff on applicable telecommunication technologies, scope of telehealth services offered, equipment maintenance, and privacy/security standards.
  12. Train telehealth providers and staff members on patient care operations and workflow for telehealth encounters (e.g., confirming patient and provider readiness, verifying the patient’s identity, implementing a back-up plan in the event of a technological failure, etc.)
  13. Educate patients about the availability and types of telehealth services, required technology for successful telehealth encounters, potential limitations of telehealth services, and situations in which care delivery via telehealth is not optimal or viable.
  14. Identify barriers that might prevent certain patient populations (e.g., older patients and patients who have vision or hearing loss) from fully participating in telehealth services, and determine whether practical strategies can help address these issues.
  15. Conduct thorough informed consent discussions with patients that include information related to the proposed treatment or procedures as well as a discussion of risks specific to the delivery of care using telecommunication technologies.
  16. Develop a written policy related to documentation for telehealth services, and verify that providers and staff members are knowledgeable about and comply with the policy.
  17. Ensure that your organization’s mechanism for incident reporting supports telehealth events, and evaluate telehealth activities as part of ongoing quality improvement initiatives. Surveys or questionnaires can help gauge provider and patient satisfaction with telehealth services.


For more information about managing risks associated with telehealth, see Risk Resources: Telehealth/Telemedicine.

Additional Risk content


In the past two decades, social media has become ubiquitous in the United States and abroad. The widespread proliferation of…


Risk Checklist Documentation Essentials Documentation serves many purposes, from patient care record keeping, to communications, to coding and billing, and…


Risk Checklist Due Diligence of Business Associates In the current complex healthcare environment, it is increasingly common for healthcare organizations…

This document should not be construed as medical or legal advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and/or may differ among companies.

© MedPro Group Inc. All rights reserved.