Book Review Enterprise Risk Management (ERM) Technology

ASHRM Whitepaper – Telemedicine: Risk Management Considerations

The American Society for Health Care Risk Management White Paper Telemedicine Risk Management Considerations offers a brief history and definitions of telemedicine and then examines telehealth risks using the eight ASHRM enterprise risk management (ERM) domains.

Telemedicine is not a new concept. Originating in the mid-1800s with the invention of the telegraph and telephone, it was featured on the cover of Radio News magazine in 1924 with a picture of a family and physician interacting via a video screen. In the mid-1900s, with military applications and space industry technology, telemedicine developed into more of what we know today. It included education, electrocardiogram monitoring, transmitting radiology images and supervising advanced practice professionals and students. It did not gain widespread adoption until the 1980s and 1990s, when costs were reduced and equipment was widely available.

Many words are used to describe electronic health care: telemedicine, telehealth, e-health, virtual visits, etc. The American Telemedicine Association (ATA) defines telemedicine as “the remote delivery of health care services and clinical information using telecommunications technology. This includes a wide array of clinical services using internet, wireless, satellite and telephone media.”

The Federation of State Medical Boards (FSMB) defines telemedicine as “…using electronic communications, information technology or other means between a licensee in one location and a patient in another location with or without an intervening health care provider. [It] is not an audio-only, telephone conversation, email/instant messaging conversation or fax, [but] involves … secure videoconferencing or store and forward technology…” This definition clarifies that telemedicine is not simply telephone and electronic communications between the provider and patient.

In the future, telemedicine is expected to grow in both geographic reach and technology. The four areas below are expected to see the greatest growth.

  • Critical Care
    • Tele Stroke care often involves a provider site team of neurologists, radiologists, critical care nurses and intensivists or emergency physicians with expertise in stroke care and guidelines. It can provide stroke services to emergency departments and intensive care units, as well as in the field via mobile intensive care and stroke units.
    • Tele ICU services are provided in a variety of ways, depending on the resources at the provider site and the needs of the patient sites services. They may range from continuous monitoring and fully collaborative care to scheduled interactions or event-based interactions initiated by an alarm, pager or phone call.
    • Tele Burn care is increasing in the rehabilitation of severe burns, as well as identifying, staging and providing assistance with managing less severe burns in emergency, urgent care, outpatient and pediatric settings.
  • Behavioral Health and Substance Use
    • Talk therapy is being provided by telemedicine. Medication Assisted Treatment (MAT) can also be provided, however, controlled substances cannot be prescribed via telemedicine. At least three states are evaluating their rules and regulations to potentially create formularies of controlled substances that may be managed and prescribed using telemedicine.
  • Outpatient Virtual Visits
    • Telemedicine providers have begun teaming up with retail outlets and pharmacies. The retail sites are convenient for patients, provide access to simple diagnostic tools, and have prescriptions and supplies available.
  • Alternative Settings
    • Long-Term Care (LTC) facilities can benefit by decreasing a provider’s response time, supporting the staff to make better decisions about the need for emergent care or hospital admission. Specialized carts with video cameras, wound cameras, electronic stethoscopes, otoscopes and 12- lead electrocardiograms can be used to assess patients and residents.
    • Prison Healthcare could be improved by providing access to routine medical services, such as an ophthalmologist evaluating diabetic retinopathy. Telemedicine can also remove a risky and costly transfer to a provider’s location.

Potential risks of telemedicine can be evaluated by applying the domains from the ASHRM Enterprise Risk Management (ERM) Framework.

  • Operational
    • Credentialing was addressed by the Centers for Medicare and Medicaid Services (CMS) in a final rule that was published in July of 2011. It stated that the site providing the service (location of the provider) is responsible for appropriately credentialing the provider, and that the site receiving the service (location of the patient) does not have to replicate the credentialing process for that provider. For physician practices and other outpatient care entities, guidelines will need to be developed to govern provider use of telemedicine to deliver services, as many outpatient settings do not use privileges.
    • Standard of Care has not been fully outlined by all states, and for many practices and services, telemedicine-specific standards are not legally established. Professional organization positions on telemedicine can provide some guidance. For specific settings, advanced practice professionals’ roles should also be clearly defined. Are they providing telemedicine services directly to patients or are they being supervised or providing supervision to remote workers? In all case, boards of licensure will be involved.
    • Documentation in the patient’s health record should occur for any telemedicine encounter, similar to any provider-patient interaction. It should include any involved team members (at the provider and patient locations) and all patient-related electronic communications, such as informed consent, prescribed medications, diagnostic test results, clinical evaluations and instructions related to telemedicine technology. In instances where the provider does not have direct access to the patient’s electronic health record, processes should be established in advance.
  • Clinical/Patient Safety
    Decreased cost, increased access to care, and higher levels of patient and provider satisfaction are strong reasons to implement telemedicine initiatives. To ensure high quality care, providers must have a private, dedicated space that is comfortable and has ample room for the providers and other team members, work surfaces and any equipment necessary for the visit (cart, telephone, camera, etc.). The patient must also have adequate room to allow for the telemedicine cart or robot and technicians as well as other members of the care team and patient’s family. It must be conducive to privacy, preferably with solid walls and a door. Informed consent should be obtained prior to any provided services and, although not all states require a specific informed consent for telemedicine, it should be considered a service requirement. Patient safety initiatives to prevent or reduce errors, such as communication of test results, patient instructions, patient education and follow-up care, should be applied to telemedicine.
  • Strategic
    Telemedicine can improve access to services that are limited or unavailable locally, such as stroke and burn care, behavioral healthcare and access to specialists. It can lead to increased revenue and decreased costs by helping reduce admissions or readmissions, and decreasing the need for transfers out of a system or practice. Population management may also be improved. Virtual visits to a physician practice can decrease missed appointments, increase appropriate use of services and improve throughput.
  • Financial
    A significant investment of both equipment and staff is required for implementing telemedicine services and reimbursement by commercial payers has historically lagged behind reimbursement for face-to-face provision of care. However, many states have adopted parity laws requiring payers to provide comparable coverage and reimbursement for telemedicine services. Currently existing insurance policies should be reviewed with counsel, the insurance broker and underwriting to determine what gaps in coverage are created by adding or expanding telemedicine services. Example policies to review include professional liability coverage, cyber and regulatory liability, errors and omissions, and business interruption.
  • Human Capital
    All providers and staff who participate in telemedicine services or care for patients who may receive telemedicine services should receive appropriate telemedicine training either at hire or initiation of telemedicine services, as well as periodically thereafter. Role-specific telemedicine expectations and competencies should be developed and used to evaluate providers and staff, and should be included in job descriptions and annual performance evaluations.
  • Legal/Regulatory
    Since organizations may contract for telemedicine providers, equipment, software, communication technology, and/or consulting, risk managers should confer with legal counsel to determine which state laws apply to the organization’s telemedicine services, monitor changes in applicable regulations, and take steps to ensure that procedures for education and compliance are in place.
  • HIPAA and HITECH apply to telemedicine encounters, similar to other technologies, like electronic health records. The rules are the same for privacy and security of any protected health information (PHI) that is generated and shared. Organizations considering adding or expanding telemedicine services must consider how the services will be incorporated into privacy and security policies, procedures and workflow.
  • CMS regulates hub and spoke telemedicine in the medical staff section of hospitals (42 CFR §485.616 c.) and critical access hospitals (42 CFR § 482.22 a.). The Conditions of Participation (CoPs) specify the steps for credentialing providers to practice telemedicine, and require a written agreement between the originating site and distant site. To be reimbursable under the Medicare Fee Schedule, telemedicine services must meet the requirements outlined in Chapter 12 of the Medicare Claims Processing Manual section 190.
  • State-Specific Regulations require that telemedicine providers be licensed in the state from which they are providing services, as well as the state where the patient is receiving services. To help improve access to providers, in 2013, the FSMB established the Interstate Medical Licensure Compact, which allows for an expedited licensure pathway for physicians to practice in multiple states.
  • Technology
    When telemedicine equipment is selected (purchased or leased), agreements between organizations, facilities and vendors should clearly outline responsibilities for choosing and maintaining equipment. Information technology (IT) leadership at the provider and patient locations should be consulted and involved in decision making. Backup plans and downtime policies and procedures should include provisions for communication and documentation during service interruptions, and should be tested.
  • Hazard
    Capabilities of telemedicine should be considered in hazard disaster planning, particularly for surge management. Virtual visits can be particularly useful during disasters, since they can be managed from mobile devices, as long as there is cellphone service or internet access.

Read the complete White Paper Telemedicine: Risk Management Considerations

Editor Denise Russell, MJ, MHM, RN, CHRM, CPPS, FASHRM

Associate Editors

Maureen E. Burke, MSN, RN, CPHRM
Denise McCord, RN, CPHRM
Susan Heathcote, BSN, CRM
Kathleen Shostek, ARM, RN, CPHRM, CPPS, FASHRM

This book review is written by Sarah B. Roberts, MPH, CHES, CPHQ, CPHRM, ARM, AIS, AINS, a risk management analyst with The Risk Authority Stanford Global Service Center, Columbia, South Carolina, and a member of the ASHRM Forum Task Force.


Sign Up for ASHRM Forum Updates

Provide your information below to subscribe to ASHRM email communications