Documents and Resources from the April 17, 2019 Press Conference | OPA | Department of Justice

HIPAA Compliant Video Conferencing Software Is the Key to Telemedicine’s Future – VC Daily

Telemedicine is a way of digitizing our bodies. Conducting physical examinations over remote digital connections such as video calling literally exposes our most sensitive information to the wilds of the internet.

As we’ve all no doubt seen and heard by now, hacks of even the most seemingly impenetrable governmental, social media, and big business websites and data vaults are not only possible but starting to feel a little common.

If telemedicine is going to win broad public support–and there is evidence that the majority of us are in favor of the concept even if we’ve never actually tried it–then airtight privacy and security is going to be paramount.

In telemedicine, meeting the requirements of HIPAA standards is the responsibility of the video conferencing vendor.

HIPAA compliant video conferencing software is the starting point. Less frequently known as the Health Insurance Portability and Accountability Act, HIPAA was enacted largely to ensure the privacy of personal patient information, and it provides strict guidelines for the transfer and storage of sensitive patient data across digital channels. In telemedicine, meeting the requirements of HIPAA standards is the responsibility of the video conferencing vendor–and the responsibility is critical.

Accordingly, if we are to benefit from the advantages offered by telemedicine, the technology we use must be as private as a room at the local doctor’s office.

Meeting HIPAA Requirements

Telemedicine is no longer science fiction. The debate around its use is no longer about its efficiency or effectiveness. Research across a range of medical fields has found that remote consultations can be as reliable as in-person appointments in the fields of mental healthaddiction treatmentoptometry, outpatient care, and dermatology.

All these telehealth services must comply with HIPAA guidelines.

The most familiar uses of telemedicine at the moment are of the doctor-to-doctor variety (in which a general practitioner consults with a specialist), and the kind of doctor-to-patient consultation offered over some telehealth apps.

All these telehealth services must comply with HIPAA guidelines; that includes the following physical and technical standards:

  • Limited and authorized access to servers and facilities
  • Data encryption and decryption safeguards
  • The use of unique identification across all processes
  • Audit reports and tracking logs for hardware and software
  • Restrictions on transferring, storing, removing, disposing of, and re-using data

Meeting all those standards requires more attention to security than just password protection. The good news is that there are many video conferencing providers that have passed the test.

Finding HIPAA Compliant Video Conferencing Software

Meeting HIPAA standards is the responsibility of video vendors. Before any telemedicine network can be established, the vendor must provide a HIPAA-required Business Associate Agreement (BAA). This binds the vendor to secure all patient information and report any breaches of security.

As such, there’s no overriding list of HIPAA-approved vendors available from which a telemedicine startup could simply choose a partner. Instead, HIPAA compliance is assessed on a project-by-project basis and has more to do with a provider’s willingness to abide by the rules rather than their ability to technically do so. There are, however, examples of vendors that have and haven’t embraced their HIPAA responsibility.

Each telemedicine project or network is assessed individually and each vendor must agree to a BAA whenever it undertakes such a partnership.

Apple, for instance, has not agreed to subject FaceTime to HIPAA regulations, but Zoom did in 2017 before launching its cloud-based telehealth service. And it gets even more complicated once you drill down into specific services offered by video vendors. Skype, Teams, and Office 365, for instance, are all treated as separate entities when it comes to HIPAA regulations, despite their common parentage.

The bottom line is that each telemedicine project or network is assessed individually and each vendor must agree to a BAA whenever it undertakes such a partnership. This agreement is less a license to dispense virtual medicine than a promise to be held accountable should HIPAA breaches take place.

Regardless, it’s a responsibility that is critical to the future of telemedicine.

Are You Telehealth Confident?

The results of a survey undertaken by Cisco reported that only about 40 percent of consumers in the U.S. believe that data protection is sufficient to keep their medical information private. Skyhigh Networks reports that healthcare companies often use multiple cloud services, which can increase the risk of a data breach.

Telemedicine, of course, is particularly susceptible to online attacks and data breaches, which means that increasing adoption of telemedicine is only possible if users are convinced that the technology is safe and secure.

That starts with the implementation of more advanced video security features. Digital security company Theta Lake, for example, has released video conferencing-compatible compliance software that uses artificial intelligence to scour recordings of video meetings in search of potential data integrity risks. The app uses machine learning to detect spoken and visual compliance risks in media sources such as meetings, marketing materials, social media content, and workflow messaging and exchanges.

Provided Theta Lake can deliver on its promises, that kind of initiative could go a long way toward showing the public that the technology of communication is backed up by new technological ways of securing privacy.

Just as companies are finding new ways to bring virtual medicine to rural and remote areas, into schools and offices, and every available minute of our lives, they should be developing new ways to keep us safe.

Digital innovation made telemedicine possible, and digital privacy can make it popular.

Source: HIPAA Compliant Video Conferencing Software Is the Key to Telemedicine’s Future – VC Daily

Ocular telemedicine company sues Indiana over prohibition of at-home vision tests

Visibly, an eye care telemedicine company, filed a lawsuit last week against Indiana agencies that enforce the statewide ban on ocular telemedicine, Indy Star reports.

Visibly sued the Medical Licensing Board of Indiana, Indiana Professional Agency and Indiana Attorney General Curtis Hill, among others, alleging the state’s telemedicine law is unconstitutional. The law, which was passed in 2016, allowed for the practice of telemedicine in the state, but it specifically excluded use of the technology for ophthalmic devices as well as prescriptions for most opioids and abortion drugs, according to the report.

The Indiana attorney general’s office said April 11 that it received a copy of the complaint and its attorneys were in the process of reviewing it. Visibly argues that telemedicine lowers the cost of eye exams for otherwise healthy patients. However, the company does not offer a replacement for comprehensive eye exams. Thirty-nine states currently allow for telemedicine eye exams.

Indiana Optometry, the state’s affiliate of the American Optometric Association, only supports in-person vision prescriptions, Indiana Optometry President Christopher Browning, MD, said.

More articles on telehealth:
Mount Sinai receives $6M for telemedicine-equipped surgery suite
IU Health launches telepsych in EDs systemwide
What a $1.2B fraud scheme means for telemedicine

Source: Ocular telemedicine company sues Indiana over prohibition of at-home vision tests

Telemedicine, walk-in clinics cloud role of family doctor | The Seattle Times

Lisa Love hasn’t seen her doctor of 25 years since she discovered telemedicine.

Love tried virtual visits last summer for help with a skin irritation and returned for another minor problem. She doesn’t feel a pressing need to seek care the old-fashioned way, especially since she also gets free health screenings at work.

No more waiting for the doctor’s office to open. Convenience rules in health care now, where patients can use technology or growing options like walk-in clinics and urgent care centers to get help whenever they need it.

A survey last year found that about a quarter of U.S. adults don’t have a regular doctor. Some like Love wonder how much they still need one.

“Telemedicine probably can’t do everything … but for most of the things I might ever have, I’m pretty sure they can take care of it,” the Twin Falls, Idaho, resident said.

Health care experts say the changing, fragmented nature of care is precisely why people still need someone who looks out for their overall health, which is the traditional role of primary care physicians like family doctors and internists.

They know patients’ medical histories, and they’re trained to spot problems that may be developing instead of just addressing symptoms that prompted the patient’s visit. They also can make sure medications don’t conflict with regular prescriptions, and they can help make sense of the information patients dig up with a Google search.

But the nature of primary care is changing as patients branch off to drugstore clinics and urgent care centers. Practices are slowly shifting to more of a team-based approach that focuses on keeping patients healthy and reserves visits with a doctor for the more serious cases.

“The idea that the primary care physician is the one-size-fits-all solution … that’s going to change pretty dramatically,” said Sam Glick, an executive with the research firm Oliver Wyman.

This evolution began years ago when drugstores started providing flu shots and opening clinics that handle minor issues like ear infections or pink eye. The two largest chains, CVS Health and Walgreens, now run about 1,500 clinics combined.

More recently, employers have started adding worksite clinics, and thousands of urgent care centers have opened around the country to treat emergencies that aren’t life-threatening. Then there’s telemedicine, which patients can use to connect to a doctor in minutes without leaving their home or office.

Love said she’s hooked on virtual visits. They only cost $42, or less than half the price of an office visit under her insurance plan.

“I like technology and I like new things and I like saving money,” Love said. “It was worth it to me to try it.”

About 25% of adults don’t have a regular doctor, the nonprofit Kaiser Family Foundation found last year. That jumps to 45% for those under age 30.

On top of all the competition for patients, the field also is fighting a shortage of doctors as medical school students opt for higher-paying specialties.

Primary care practices have adjusted by adding physician assistants or nurse practitioners to handle annual physicals and other routine care.

They’re also creating teams that help them take a broader look at patient health. Those teams might include mental health specialists who screen for depression and health coaches who can improve diet and exercise.

The idea is to keep patients healthy instead of waiting to treat them after they become sick.

“We want to do as much outside the walls of the clinic as we can,” said Stanford University’s Dr. Megan Mahoney, noting that this push depends on insurers expanding what they will cover.

Doctors also are continuing to focus more on coordinating care for people with complex health needs.

Bryant Campbell’s care team includes a primary care doctor, a pharmacist and specialists to help manage his chronic liver condition and rheumatoid arthritis. The Portland, Oregon, man said his team members talk frequently to avoid problems like duplicate tests, and their approach gives him more confidence.

“I sometimes think as patients we feel isolated in our health care, and this team-based approach helps a patient be as involved as you need or want to be,” he said.

Doctors say the expanded scope of their practices is changing how they interact with patients. Dr. Russell Phillips frequently responds to email or cellphone questions from his patients. He also refers them to clinics for minor issues like urinary tract infections.

The Harvard Medical School professor says primary care is evolving into more of a flowing, virtual relationship where patients have more frequent but briefer contact with their doctor’s office instead of just office visits maybe twice a year.

“Getting medical care is such a complex activity that people really need somebody who can advise, guide and coordinate for them,” Phillips said. “People still really want a relationship with someone who can do that.”

Source: Telemedicine, walk-in clinics cloud role of family doctor | The Seattle Times

Telemedicine Providers Charged in Medicare Fraud Investigation

 – Five telemedicine companies are at the center of what federal officials are calling one of the largest healthcare fraud cases in history, charged with facilitating virtual care sessions that cost Medicare roughly $1.2 billion in fraudulent charges.

The companies – Video Doctor USA, AffordADoc, Web Doctors Plus, Integrated Support Plus and First Care MD – “allegedly participated in an expansive and sophisticated fraud to exploit telemedicine technology meant for patients otherwise unable to access health care,” Assistant US Attorney General Benczkowski said in an April 9 press release from the Department of Justice.

Charges have been filed against individuals and businesses in New Jersey, South Carolina, Florida, Texas, Pennsylvania and California.

According to federal officials, the telemedicine providers were allegedly part of a complex scheme in which healthcare providers and an international call center convinced Medicare beneficiaries that they needed back, shoulder, wrist and/or knee braces, regardless of medical necessity. Those braces were prescribed either without any sort of evaluation or a phone call and were channeled through more than 100 durable medical equipment (DME) companies.

“The international call center allegedly paid illegal kickbacks and bribes to telemedicine companies to obtain DME orders for these Medicare beneficiaries,” the DOJ release noted. “The telemedicine companies then allegedly paid physicians to write medically unnecessary DME orders. Finally, the international call center sold the DME orders that it obtained from the telemedicine companies to DME companies, which fraudulently billed Medicare. Collectively, the CEOs, COOs, executives, business owners and medical professionals involved in the conspiracy are accused of causing over $1 billion in loss.”

The proceeds were allegedly laundered through international shell corporations and used to buy automobiles, yachts and real estate.

The DOJ was joined in the investigation by the FBI and the US Department of Health and Human Services’ Office of the Inspector General, executing more than 80 search warrants and charging 24 people.

In addition, the Center for Medicare & Medicaid Services’ Center for Program Integrity announced that it is taking “adverse administrative action” against 130 DME companies that had submitted over $1.7 billion in claims and were paid more than $900 million.

“The indictments we are unsealing today charge the defendants with running a complex, multilayered scheme to defraud our Medicare system and avoid detection by government regulators,” U.S. Attorney Craig Carpenito said in the press release. “The defendants took advantage of unwitting patients who were simply trying to get relief from their health concerns.  Instead, the defendants preyed upon their weakened state and pushed millions of dollars’ worth of unnecessary medical devices, which Medicare paid for, and then set up an elaborate system for laundering their ill-gotten proceeds.”

Source: Telemedicine Providers Charged in Medicare Fraud Investigation Overshadowed by opioids, meth is back with a vengeance Overshadowed by opioids, meth is back with a vengeance.

DOJ charges telemedicine executives, doctors in $1.2B Medicare fraud scheme | FierceHealthcare

New Mexico OKs New Telemedicine Rules, Including Coverage Parity

The bill, awaiting the governor’s signature, would expand telemedicine and telehealth coverage to include remote patient monitoring and store-and-forward services and set coverage and payment guidelines for health plans.

 – New Mexico is set to become the latest state to expand access to telehealth and telemedicine by mandating coverage and payment parity for health plans.

By an almost unanimous vote, state lawmakers this week approved SB 354, which amends connected care laws passed in 2013 to include remote patient monitoring and asynchronous (store-and-forward) services and sets new guidelines for payer coverage.

Roughly 36 states and the District of Columbia now have legislation in place setting coverage guidelines for health plans, and 10 of those states also mandate payment parity, according to Nathaniel Lacktman, a partner in and chairman of the Telemedicine Industry Team at the Foley & Lardner law firm, which helped draft the New Mexico bill.

“If signed into law, the bill should bring New Mexico to the forefront of telehealth coverage, benefitting patients and helping catalyze the growth of these technologies throughout the state,” Lacktman said in a Health Care Law Today blog this week.

The bill, titled “Health Coverage for Telemedicine,” would prevent payers from imposing any “unique restrictions” on telehealth, including originating site restrictions, and would compel them to reimburse providers “on the same basis and at least the same rate” for comparable in-person care.

It would also enable payers to charge a deductible for virtual care as long as the deductible, co-payment or co-insurance doesn’t exceed that charged for in-person care, and it would prevent payers from setting an annual or lifetime dollar cap on telehealth coverage “other than an annual or lifetime dollar maximum that applies in the aggregate to all items and services covered under the health insurance plan, policy or contract.” Also, the bill would prohibit payers from limiting that coverage to providers who are part of the health plan’s provider network where no in-network provider is available or accessible.

It would also expand telemedicine services to include two new platforms, both of which now qualify for some Medicare reimbursement.

“’Telemedicine’ allows health care professionals to evaluate, diagnose and treat patients in remote locations using telecommunications and information technology in real time or asynchronously, including the use of interactive simultaneous audio and video or store-and-forward technology, or remote patient monitoring and telecommunications in order to deliver health care services to a site where the patient is located, along with the use of electronic media and health information,” the bill states. “’Telemedicine’ allows patients in remote locations to access medical expertise without travel.”

The bill now heads to Gov. Michelle Lujan Grisham for her signature.

Source: New Mexico OKs New Telemedicine Rules, Including Coverage Parity

‘Eye Contact Is Evil’: Frustrated Doctors Flock To Twitter Parody Of Electronic Medical Records

Business Insider: Telemedicine is projected to boom but barriers loom – Business Insider

Business Insider: Telemedicine is projected to boom but barriers loom – Business Insider.