Telehealth and the Law

By Reganne Hardy, Staff Writer

Photo courtesy of

The growing digital age and the revolutionary global pandemic have fueled the rise of telehealth.[1] Telehealth provides healthcare services, from physical therapy to counseling, through a virtual medium that generally focuses on wellness management rather than diagnostics.[2] Through telehealth, patients can leverage video conferring to voice their concerns or complaints and receive recommendations from their providers.[3] While telehealth provides convenient access to healthcare, telehealth and emerging technology pose risks in licensing, special relationships, tele-prescription, fraud, and privacy.[4]

A perpetual risk to telehealth is the licensing of the physician because of the variable jurisdictions.[5] A physician must be licensed to practice in the subject state and topic.[6] Due to the virtual offerings of telehealth, a physician may be licensed to practice medicine in a different state than the patient.[7] In United States v. Valdivieso Rodriguez, the United States District Court for Puerto Rico held that most states require the physician to be licensed in the state where the patient is located.[8] Thus, physician’s licensing in the patient’s state or country among the emerging telehealth technology is binding.[9]

The common law recognizes a special relationship between physicians and their patients, which gives rise to a standard of care. However, the formation of the relationship may require a physical examination, which poses a legal hindrance to virtual physician-patient relationships.[10] The Appellate Court for Illinois recognized that a physician-patient relationship could be established without a formal meeting between the parties.[11] Thus, a physician-patient relationship could be established once the physician begins offering services to the plaintiff.[12] Nevertheless, establishing a physician-patient relationship is essential to minimizing the legal implications of telehealth consultations.

Physicians virtually prescribing medicine poses legal risks with the existence of federal law requiring in-person examinations.[13] The Ryan Haight Online Pharmacy Consumer Protection Act of 2008 requires that physicians conduct one in-person evaluation of the patient prior to distributing a prescription drug over the internet.[14] U.S. Code Title 21, in Section 841, broadly prohibits the distributing of controlled substances outside the scope of traditional professional practice.[15] In United States v. Birbragher, an online-based company (“Pharmacom”) hired doctors to prescribe medication without meeting with the patients or reviewing the patient’s health records in depth.[16] Here, the court held that Pharmacom misaligned with professional practices, as the examinations were inadequate, test results were disregarded, and dosages were unregulated.[17] Therefore, in-person examination to conform to professional standards in medicine is a risk to telehealth.[18]

Fraud mitigation and privacy protection are vital considerations in the medical profession and are increasingly essential to address in telehealth.[19] Telemedicine providers may be held liable under kickback statutes, self-referral laws, and the federal False Claims Act (“FCA”) to prevent fraud and abuse.[20] The FCA illegalizes submitting payment claims to Medicare or Medicaid which are false or fraudulent.[21] Under the Anti-Kickback Statute, 42 U.S.C. § 1320a-7b(b), physicians are held liable for remuneration payments to induce patient referrals payable by Federal health care programs.[22] The Stark Law, also known as the physician self-referral law, illegalizes physicians referring Medicare and Medicaid patients to any entity with which the physician has a financial relationship.[23] All in all, mitigating illegal practices through fraud and abuse is essential to the success of telehealth practices.

Maintaining privacy amidst telehealth is critical to ensure practices align with federal requirements, such as the Health Insurance Portability and Accountability Act (“HIPAA”).[24] Privacy and confidentiality were subjects of litigation brought forth by a class of inmates against the county and medical group to enforce a settlement agreement in Hernandez v. Cnty. of Monterey.[25] The inmates moved to modify the agreement to ensure that telepsychiatry sessions provided by the medical group were private insofar as not within proximity to another inmate or corrections officer.[26]The agreement also mandated informed consent of telepsychiatry, and more specifically, of the record-keeping used and confidentiality matters.[27]

Telehealth serves as a pioneer in the future of law, technology, and healthcare. Telehealth offers greater access to healthcare. Additionally, patient satisfaction with the ability to engage with physicians through telehealth opportunities is reportedly high.[28] The mitigation of legal risks in telehealth can be accomplished through licensing as required, establishing a physician-patient relationship, conforming to professional standards, mitigating fraudulent and abusive practices, and ensuring privacy and confidentiality.[29]


[2] Id.

[3] Id.

[4] Id.

[5] Id.

[6] Id.

[7] Id.

[8] See United States v. Valdivieso Rodriguez, 532 F. Supp. 2d 316, 325-326 (D.P.R. 2007).

[9] Id. at 326.


[11] See Weiss v. Rush N. Shore Med. Ctr., 372 Ill. App. 3d 186, 310 Ill. Dec. 231, 865 N.E.2d 555 (Ill. App. Ct. 2007).

[12] Id.


[14] See United States v. Birbragher, 603 F.3d 478, 489 (8th Cir. 2010).

[15] Id.

[16] Id. at 481.

[17] Id. at 486.


[19] Id.

[20] Id.


[22] Id.

[23] Id.


[25] See Hernandez v. Cnty. of Monterey, No. 13-cv-02354-BLF, 2017 U.S. Dist. LEXIS 182188 at 4-5 (N.D. Cal. Nov. 1, 2017).

[26] Id. at 10.

[27] Id.


[29] Id.

Comments are closed.