WHAT
E-HEALTH COMPANIES NEED TO KNOW ABOUT HEALTH LAW
Opportunities abound for Internet
companies, physicians and other health care professionals, and health
plans interested in connecting patients through the Internet with health
care providers. For those
interested in e-health or e-medicine, it is clear that the fast-moving
development of the Internet has quickly outpaced any corresponding
evolution of the law. There
is very little statutory or case law authority or guidance for e-health
companies today.
1.
Interstate Practice of Medicine and E-Health
In the area of e-health, legal concerns have been
raised regarding the practice of medicine through electronic transmissions
such as the Internet over state lines.
Although the conventional wisdom is that physicians may not
practice medicine in states where they are not licensed, the law has begun
to evolve in the direction of allowing the interstate practice of medicine
where the Internet allows the practice to be a clear benefit to the
patient in the form of improved health care.
For example, the use of electronic imaging to transmit x-rays and
other diagnostic scans for examination by radiologists across state lines
have been the subject of new legislation to permit this developing form of
medical practice.
Other examples include new state legislation to
permit nurses employed by health plans to operate 24 hour advice lines
across state lines, and new legislation to make it easier to permit
pharmacies to operate across state lines over the Internet.
It appears that if the Internet can be used in a
rational fashion to benefit patients, interstate licensing concerns have
fallen by the wayside as legislatures operate to remove interstate
licensing barriers.
2. Internet and the Right to Privacy in E-health
Another major area of interest in e-health legal
issues is that of privacy. There
is no greater area of potential liability for e-health companies than the
unauthorized disclosure of confidential medical information about an
individual. Most states have
some kind of legislation protecting the confidentiality of medical
information of its citizens. Federal
law has also extended similar protections through the Health Care
Financing Administration and its Medicare and Medicaid programs.
Stringent new confidentiality requirements are now being developed
as a part of the regulations under the federal Health Insurance
Portability and Accountability Act of 1996 to protect individually
identifiable health information from unauthorized disclosure.
In addition, e-health companies need to take
extraordinary steps to protect client confidentiality.
Those actions should be prominently displayed as privacy policies
in e-health websites. Consideration
should be given to obtaining the approval of third party companies such as
Health on the Net for the privacy policy of an e-health company.
3.
How E-health Companies Seek to Protect Themselves From Liability
To protect themselves from liability, e-health
companies have utilized various disclaimers in the form of user agreements
that attempt to limit the potential liability of e-health companies.
These user agreements are extensive and attempt to cover every
conceivable possible ground of liability against an e-health company.
They are often prominently displayed in e-health websites and the
use of a “clickwrap” to force users to acknowledge the agreement have
been liberally utilized. The
enforceability of user agreements has not been extensively tested in
courts.
E-health websites often use mandatory arbitration
clauses and/or forum selection clauses in their user agreements in an
attempt to minimize liability
4.
E-health and Credentialing
However, e-health companies that utilize health care
providers and seek to provide medical advice to specific individuals face
daunting problems over liability issues.
E-health companies desire to provide quality professional services
on-line and are generally obligated by law to insure that their providers
are adequately qualified and credentialed.
Although the credentialing process may be contracted out to third
parties, the e-health company must insure that the third party is
conducting their investigation in a reasonable and thorough manner, and
that the third party is insured and has the financial ability to defend
and indemnify the e-health company for the third party’s negligence.
Further guidance by the e-health company as to
specific policies and procedures for providers to follow may expose the
company to liability for the malpractice of the provider since the
doctrine of vicarious liability or principal-agent law could be used to
transform an e-health company’s guidelines into a legal duty of care to
be met.
Needless to say, e-health companies should consider
purchasing insurance to protect them and their officers and directors from
any liability. Insurance
products are now coming on the market to protect e-health companies from
such liability.
5.
Other Liability Issues Facing E-Health
E-health companies often seek to generate revenue
through advertising, the referral of professional services, or the sale of
products. Such companies
should be concerned about breaches of confidentiality by advertisers on
their site, federal and state laws prohibiting self-referrals and
kickbacks, and Federal Trade Commission regulation over diagnostic
products deemed regulated medical devices.
Consideration should also be given to obtaining the approval of
third party companies such as eTrust for the revenue generation portion of
an e-health company’s website.
6.
Conclusion
Internet companies engaged in e-health or e-medicine
should consult with an attorney experienced in health care law and
familiar with the Internet concerning the interaction between health law
and the Internet.
-May 2000
