THE LEGAL IMPLICATIONS EMERGING IN TELEMEDICINE AND TELEHEALTH

– Nirali Jain & Anurag Mishra

ABSTRACT

Telemedicine in virtue of the development of Information and Communication Technology (ICT) has aided in addressing one of the biggest challenges in the health care quality i.e. access to specialised medical services by the people especially during COVID-19 like pandemics. It offers the opportunity to enhance preventive, clinical and supportive medical services to people by reducing existing health disparities in place due to structural barriers to health improvement, such as poverty, socio- economic differences and lack of specialists in rural settings, among others. In addition, it protects the doctors and healthcare workers from enhanced susceptibilities to widespread infection and thereby reducing their dependency on PPE kits. Though lacking personal touch and involving increased need of scrutiny, information privacy, confidentiality and cyber threats, telemedicine holds potential to prove to be a game changer with the government notifying Telemedicine Practice Guidelines (TPG) on March 25, 2020 and came up with a mandatory three months upskilling course for Registered Medical Practitioners (RMP). The paper analyses the rules as mentioned in the guidelines and legal dispute threats that the telemedicine practice poses in the absence of a codified act. Further, the need to provide adequate training, enhance the supply of quality and credible service providers, build-in investor confidence and protect the doctors, patients and third party providers from future legal implications has been emphasised along with the need to have an effective grievance redressal and dispute resolution mechanism with the institution of mandatory grievance cells, grievance officers and enforceability of Online Dispute Resolution (ODR) and e-mediation reached settled- agreements has been emphasised.

KEYWORDS: Telemedicine, Registered Medical Practitioner, information privacy, cyber threats, electronic medical records, legal disputes

INTRODUCTION

With Information and Communication Technology (ICT) and technology in general, seeping into the roots of all the societal and commercial facets, medical industry being considered as an essential one, could not go unaffected either. Health emergency imposed due to the outbreak of COVID-19 pandemic accelerated the need to adopt telemedicine, something that has been in use in the other countries since the 20th century for more than two decades, and was advocated to be adopted in India overnight. The health crisis exacerbated the persisting public and private healthcare vulnerabilities, with the poor being the most affected of all.

The need to provide affordable and accessible healthcare services to the people all over the country and on the other hand protect the doctors and health care workers from being susceptible to the infection and reduce their dependability on PPE kits, led the government to bring into force Telemedicine Guidelines in order to treat the patients in pandemic like situations and also otherwise from following up on chronic diseases such as diabetes, rheumatology , asthma, heart failure, minor infections, mental health concerns, continuous monitoring and routine check ups and other non- emergency related diseases and problems, by minimizing the contact.

Tele-medicine can be defined as the use of software and electronic communications to monitor and treat patients in lieu of an in-patient visit. It can be applied to pathology, intensive care , dermatology, primary care, mental and behavioural, cardiology, urology, other specialist care units, diagnosis or treatment of disease as per the provisions of the Indian Medical Act and IT Act, amongst others. It takes under its purview everything that a doctor would have been able to do in a clinic, just not being able to touch a patient. Nevertheless, physical examination is to be referred to without any delay by the doctor on the basis on objective- based criteria, taking all due care and precautions to mitigate any fatalities. What was being performed earlier by the private doctors over the phone or text was given legislative backing by taking accountability, need of informed consent, compliance with privacy and cyber laws and confidentiality, well into consideration.

With the notification of Telemedicine Practice Guidelines issued on March 25, 2020, another public notice was issued by the Board of Governors in Super Session of Medical Council of India, in which amendments were made in the Indian Medical Council (Professional Conduct, Etiquette and Ethics) Regulations, 2002 to make consultations through Telemedicine by the Registered Medical Practitioner under the Indian Medical Council Act, 1956 (“Act”) permissible in accordance with the issued Guidelines.

It is pertinent to note that the guidelines, though issued amid the pandemic, were not issued under the Disease Act or Epidemic Act and are rather incorporated as an amendment in the 2002 regulation, thus, are here to stay even in the post- COVID-19 era. A Registered Medical Practitioner (RMP) can be defined as a person who is enrolled in the Indian Medical Register or State Medical Register under the Act.

As per the Guidelines, telemedicine can be defined as ‘The delivery of health care services, where distance is a critical factor, by all health care professionals using information and communication technologies for the exchange of valid information for diagnosis, treatment and prevention of disease and injuries, research and evaluation, and for the continuing education of health care providers, all in the interests of advancing the health of individuals and their communities.’

It is imperative to draw a distinction between telemedicine and telehealth. While telemedicine concerns only the registered medical practitioners and pertain to the treatment or diagnosis of the patients by prescribing medicines over the text, phone or video, tele-health is a broader concept. It involves not just medical services delivered digitally but also health related, patient education and self care information from people who may not be licensed doctors.

BENEFITS ARISING OUT OF TELEMEDICINE

Adoption of telemedicine technology offers various benefits to patients, doctors and the healthcare workers, alike. In pandemic-like situation, where the whole nation is under lockdown and hospitals are flooded with patients, there has been a huge scarcity of doctors in rural areas, the ratio between doctors and patients has further skewed, shortage in the medical supplies, PPE kits and/or beds, amongst others, the need of medical services and consultancy, given the growing apprehensions and evidence of mild symptoms such as cold, cough, body ache, among others, is on an unprecedented rise.

In situations like these, telemedicine offers varies benefits in the form of access to best of the medical faculty, without any geographical boundation, availability to healthcare or ASHA workers in rural areas who can further consult the doctors over technology, given the inability of the poor due existing digital divide in the rural areas, better reach for small- sized dispensaries, clinics and/or doctors, to reach out to maximum people while keeping themselves safe, suitable for people with disabilities and children with special needs provided they have access to secure internet connection, providing treatment to vulnerable groups such as elder lies and women, among others, at their home, affordability given by reducing consultation charges, better personalized engagement with patients, services of a hospital virtually at the doorstep, 24*7 availability of specialized doctors and/or medical staff and the possibility of covering the crucial gap until a physician arrives in the hospital.

Other than the societal factors, telemedicine also has the potential of disrupting the commercialization of medical services by attracting more investor confidence and FDIs, given the guidelines, thereby, leading to better services at affordable prices, thus, breaking the existing monopolies of a few private players in the absence of a robust public healthcare system .

RESISTANCE TOWARDS ADOPTION OF TELEMEDICINE

While telemedicine has been in practice since the 20th century when radios were used to provide medical advices on ships and/or in war-zones and some visionaries have been advocating for its legislation and widespread adoption in India for more than two decades, in the absence of legal backing, it faced resistance from doctors, public authorities, patients, healthcare workers, NGOs, and third party platform providers due to lack of interest shown by insurance companies give that the users might use telemedicine services often if covered in health plans for a paltry amount, lack of personal touch, habitual behavior of people of visiting their doctor personally, inability to treat all diseases, lack of requisite technological skills, possibility of third party telemedicine platform provider collaborating with only a few hospitals and/or clinics that offer it a comfortable commission, risks associated with the storage of medical and health records of people giving rise to the cyber security and privacy threats and lack of robust telemedicine regulations up till the outbreak of COVID-19 which stretched to healthcare system across the country to the brink.

In addition, the persisting socio- economic and digital differences, illiteracy and the digital divide added to the cause of resistance towards adoption of telemedicine. While there have been reports of doctors using robotics and Artificial Intelligence (AI) in the past in conducting surgeries, the same is now prohibited under the guidelines with the onus being on the doctor himself/ herself to indulge into diagnosis and treatment of patients.

Vulnerable groups such as elderlies who live alone, children with special needs, people with disabilities, and patients of mental illness and women who are victims of domestic violence find it difficult to avail such services given their circumstances.

Telemedicine Practice Guidelines

Before the issuance of Telemedicine Practice Guidelines, telemedicine was being practiced through video- based application, internet backed chatting applications and/or through phones. While medicine and information technology were regulated by the provisions of the Indian Medical Council Act, 1956, Clinical Establishment (Registration and Regulation) Act, 2010, the Indian Medical Council (Professional Conduct, Etiquette and Ethics Regulation 2002), Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 and Drugs & Cosmetics Act, 1940 and Rules 1945, the judgment of the Hon’ble High Court of Bombay in the case of Deepa Sanjeev Pawaskar and Anr. v. State of Maharashtra in which it was held that the patient died because she was prescribed treatment by the doctor over telephone and without the appropriate diagnosis. Such practice was held to be an act of criminal negligence. The court, further, held that though telemedicine is important, it should only be used in places where physical consultation is not possible.

This judgment shook the investors, doctors, medical staffs, policy makers and general public’s confidence in telemedicine, consequently, its adoption faced further resistance and its future was in doldrums. However, with the outbreak of COVID-19 pandemic, the guidelines were put in place in order to enable registered medical practitioners to practice telemedicine. However, it is important to note that the guidelines are not codified yet, thus, face only limited legal sanctity and can’t be put at place with the robust legislations in various states of USA, Canada, Malaysia, etc.

Further, the BoG is yet to come up with a mandatory three- month’s course to be undertaken by registered medical practitioners in order set up their telemedicine portal or practice it on third party platform.

Persisting Legal Issues

While the guidelines have demystified all the concerns prevailing along with adoption of Telemedicine practice and have rather laid down a robust system to be complied with, failing which, civil and criminal liabilities might accrue, leading not only to cancellation of license and payment of monetary compensation but also imprisonment in cases of failure to exercise due care and taking proper measures while providing medical services over phone or laptop.

LEGAL ISSUES THAT PERSIST ARE:

• Jurisdictional disputes– There is absence clearly laid down rules or laws pertaining the jurisdictional aspect of internet related disputes, can give rise to various litigations with patients not being sure where to file a complaint – where they reside, where the doctor resides, where the COA arose or where the telemedicine provider is registered. As it is possible, for parties to be residing in different states given a doctor registered in one state can practice telemedicine in any state of India. Lack of clarification in this regard could be a cause confusion to the aggrieved party.

• Breach of confidentiality– While the confidentiality agreements are mandatory to be entered into by all the parties concerned, given the vulnerability or ulterior motive of any of the parties can lead to breaking of such agreement and sharing vital details with an unauthorised third party, giving rise to disputes.

• Compliance with IT and privacy laws– It is important to take into consideration that while the mode of communication prescribed in the guidelines is – video (such as Skype, Facetime, Zoom, etc.), audio and chat based (such as specialised telemedicine applications, Whatsapp, Google Hang Outs, etc), the privacy policy of these video or text based applications, which are usually managed by companies global in nature, must be in compliance with the privacy legislations (when enacted) or IT Act and the rules within India. At present, clause of Whatsapp terms and agreements states that any information whether audio, video, image or text that is published, becomes information in the public domain. Once the information becomes available in the public domain, it cannot be referred to as personal sensitive data and no remedies might be sought. It is pertinent to note that if such contradictions between the provisions of the guidelines and privacy policies of application that is used for telemedicine are settled, it shall give tremendous rise to disputes concerning breach of data.

Further, coding and encryption of data by specifying the safest hardware or software and making the same mandatory, investing well in infrastructure building, maintenance, data management systems to ensure privacy of the consultations and e-records of patients, must be undertaken by the service provider in order to prove its innocence given for any breach of data, according to the guidelines, holds the provider/intermediary liable. Privacy policies need to be in consonance with the IT Act (Rule 3(1) and Rule 3(2)).

• Evidentiary value of medical and health records– The records hold an evidentiary legal value and can be used as evidence in courts. They need to be maintained in good faith and any tampering with the primary or secondary evidence shall give rise to criminal liability. While at present a picture of the scanned copy of actual signatures could be considered reliable and authentic, with the advent of the privacy laws, only digital signatures would be accepted. All records need to be duly signed and attested to be considered a good evidence.

• Fraud– Possibilities of fraud or RPM registering with fake, morphed or photoshopped IDs persist. While the doctors are desired to wear their medical batch while giving consultation, patients have all their rights to ask for their identity in case of any suspicion. Any fraudulent activity can give rise to cheating u/s 420 IPC or other relevant provisions of the Indian Contract Act.

• Reimbursement and payment issue– In order to ensure that RPM are paid – safe and secure gateway must be in place and should be efficiently utilized. Prior payments, or charging a part of consultation charges could be put in place in order to dilute the chances of patients vanishing after the consultancy and deleting their contact id and account details could be a major cause of concern that could give further rise to cheating/ cyber fraud cases.

• Privilege and credentialed – Disputes might arise pertaining to the credentialed and privilege process. It needs to be ensured that doctors, healthcare providers and hospitals that have been empanelled on third party telemedicine platform provide services within the scope and quality of their practice and meet the desired standards of formal qualification, training, professional standing, experience and clinical competence to be able to provide consultations.

• Consent – Consent can be implied (if patient initiates the telemedicine consultation) or expressed (in the form of message, mail, fax, etc.). It is imperative to note that it holds the potential to give rise to the legal disputes if the patient later denies having given any informed consent. The onus lies on the RPM to ensure that the patient has understood the terms and conditions of the telemedicine provider in clear and unambiguous words and has consented accordingly. The record of the consent needs to be maintained for legal relevance. Also, consent being a grey area as in the absence of express terms, nodding of head can be construed as consent. If the consent is not informed and free, it can come under the purview of section – 87, 88, 90, 92 of Indian Penal Code (IPC).

• Medical Negligence– The principles laid down in Jacob Mathews v. State of Punjab are equally applicable in the virtual world as well. In case any RPM recommends any diagnosis or treatment without exercising due care and without understanding the problem clearly, he/she can be held liable under Sections 304,304A, 52, 80, 81, 337 and 338 IPC.

• Liability of doctors– In case of any breach of data i.e. electronic records of medical history and current problem are compromised from a doctor’s phone, he/she shall be held liable. Burden of proof lies on the doctor to ensure that his device was secure and has requisite encryption, firewall, anti-malware, anti-spyware, pseudonymization and other required cyber security applications in place. Cyber forensics are a way to ascertain whether and what data was leaked and from which device.

• Artificial Intelligence (AI) and Internet Of Things (IoT) – As per the guidelines, Artificial Intelligence or Internet Of Things cannot prescribe prescriptions and/ or give consultancy or diagnosis. It is the Registered Medical Practitioner who shall be held liable in case he/she lets some AI or IOT device to have access. It is pertinent to note, in the absence of a codified act, the guidelines might class with the provisions of other Acts, none of which hold AI or IOT an agent of a person as of now. This can give rise to litigation and can be claimed as a defense by the negligent RMP or service provider.

• Opt in and opt out – If either a RMP or a patient is not provided an option to enter or exit the consultation as per their will, it can give rise to a legal claim.

• Lack of due diligence– Due diligence needs to be exercised by RMP before registering with any telemedicine provider, also by the patient before initiating or accepting a consultancy. Telemedicine provider needs to ensure that that adequate security and safety features such as pseudonymization, encryption, use of blockchain technology if need be, firewalls, antispyware, anti malware are in place and are cyber audited quarterly. All concerned parties need to ensure carrying out due diligence before entering into any legally binding agreement.

DRAWBACKS OF USING TELEMEDICINE

While IRDAI in June, 2020 passed few instructions directing private and government insurance regulators to include telemedicine in their existing and novel medical policies, the possibility of collaboration by insurance companies with a few selected hospitals and/or doctors can be a matter of concern and thus, leading to uncompetitive practices. It is pertinent to note that as per Indian Medical laws; doctor registered with any state medical board has the right to practice all over the country.

With tie-ups with insurance companies, some doctors might receive an unprecedented reach and see a huge influx of patients; others may squander such opportunity given their technical inabilities. This might even prevent people from getting treatment from the best of the medical finds in case of their reluctance to embrace telemedicine.

Further, the possibility of established technological companies venturing into telemedicine sector exists. This, again, might provide a better reach to doctors and hospitals registered with their platforms, thereby, commercializing the noble practice in lieu of their brand name. An analogy can be drawn with retailers selling their goods on Amazon.

Further, the notion, even after the guidelines providing the exclusive lists of the medicines, it is known that some medical solutions cannot be resolved even while the technology persists. It is essential to note that though telemedicine is feasible and seems to be promissory in the future for follow-up consultancies upto 6 months but for first diagnosis of the disease and after several tele-consulations, an in-person medical consultation needs to be preferred.

Over burdening the doctors with technological and legal compliances or the third party- service provider charging commissions exorbitantly might compel a few registered practitioners to venture out. Furthermore, unstable internet access can lead to confusion and misinformation between the patient and the doctor, thereby, giving rise to legal disputes which might hamper the reputation of the doctor.

Telemental Health therapy

Accessibility and affordability, no- recording, preferring texts over video call due to privacy issues at home; stagnant sitting, might not make the person reveal their exact concerns given lack of touch, and assessment of body language of the issues arising concerning mental health worldwide. The amount of information shared must be in compliance with data protection laws, informed consent, digital signature, must engage with the same therapist even if one’s job requires one to dislocate, staying in touch with an English speaking therapist even in non- English speaking areas, lesser costs, removes the stigma of walking to a therapist, increased quality of personalized care, etc, thus, enabling telehealth to be a major breakthrough in rendering medical services.

The major drawbacks in the telemental health therapy are concern arising such as assessment of facial expression, body language, voice tone. Also, insurance companies do not show interest and neglect the cases. Ethics come to play a major role such as saying who he/she is, different prices, varying policies, reimbursement challenges are major threats to the shift towards telemedicine. The challenges impose critical legal implications towards the safety and security for the doctors, healthcare workers and patients.

CONCLUSION AND SUGGESTIONS

There is an imperative need for the change in the mindset and behaviour of individuals towards the medical practitioners. There is a difference in the mindset of a person when he/she visits a hospital and when he/she consults through an online conference. The patients need to maintain the decorum and ethics. Integrated technology, determining productivity, and healthcare interaction are the major mechanisms to be incorporated within the governing system in order to mitigate the risk arising out of disasters such as Covid19 that resulted in a pandemic.

Doctors must use only encrypted and anonym zed software with anti-malware and anti-spyware in place. There needs to be devising national response , sensitization, proper training and awareness regarding the benefits associated with telemedicine. Secure access and exit by patients, using provider’s ID, codes, digital signatures, OTP, etc must be efficiently regulated. Both the parties need to ensure that they can see and be seen, hear and be heard before and during the consultancy.

Policies, terms and conditions of telemedicine and the record portals of the telemedicine provider need to analysed and must undergo quarterly cyber audits. There needs to be a contingency plan in place in case of failure of transmission to deliver the medical services or consultancy amid the session, and time must be recorded the moment connection was lost.

A telemedicine association and resource centre like that of medical practitioners should be formed in order to provide them a negotiating power and promote mutual cooperation and understanding. Robust grievance redressal mechanism, e-mediation and ODR need to be provided to resolve the disputes between aggrieved patients and RMP and/or between RMP and third party providers and/or between patients and third party providers.

Telemedicine can supplement if not substitute the current medical system and promote access the healthcare by making the same available, accessible, affordable and accountable.