Telemedicine, telecare and eHealth are becoming common terminology in the health and technology world, but they present many complex legal, technical and medical quandaries which providers and users of these new services have to deal with. There is also an increase in consumer and patient understanding and acceptability of these types of services, due to the fact that many trials and pilots of the services have been implemented over the past ten years, including full commercial offerings of the services.
This means that patients, healthcare professionals, telemedicine service providers and government authorities alike must adapt to the growing and evolving landscape of such services. This is not without its challenges as telemedicine is at the crossroads of issues such as health policy, ICT, data protection, licensing, liability and regulatory compliance.
WHAT IS TELEMEDICINE?
Telemedicine uses technology to monitor and manage patients' healthcare, usually from a remote location such as the patient's home. These services aim to proactively manage healthcare by offering faster reaction times and avoiding costly hospitalisation.
Providers in the Irish market have grown from offering online prescriptions to extending a range of services typically associated with a GP, such as the examination of symptoms and the treatment of minor ailments and injuries via an online consultation. Many of these services permit patients to contact their GP via a computer, tablet or smartphone. For example, patients at a Tallaght GP practice are the first in Ireland who can consult their doctor online, using app-based technology called VideoDoc, which is in its pilot stage.
There are also various medical devices such as blood pressure monitors, glucometers and lung capacity monitors which can be used at the patient's home while regular measurements are made and data is transmitted back to a monitoring base. There, decision support systems feature pre-set alarms, alerts and management care flows.
THE CHALLENGES OF TELEMEDICINE
The complexity in delivery of remote services means healthcare providers and companies offering telemedicine services need to understand telemedicine and its multi-faceted regulatory framework to better serve this growing area.
Although Ireland and the EU have adopted various position papers, strategies and communications on a framework for governing telemedicine or eHealth services , there is no current overarching legislation regulating telemedicine in Ireland or the EU. This means that healthcare providers and companies offering telemedicine services must adopt a piecemeal approach in assessing levels of compliance when offering these services.
For example, when using remote blood pressure monitors, providers must consider numerous elements, such as:
- whether the device itself has been CE marked in accordance with medical device legislation;
- whether the GP is based in Ireland or abroad and what, if any, implications this has for offering the service;
- whether the GP is licensed in accordance with local requirements;
- who owns the IP, in relation to the monitor itself, or the various technology used to transmit and analyse the data; and
- who will be liable, in the event of injury to a patient or the failure to secure the patient's data.
In addition, manufacturers of mobile health applications and devices that support telemedicine services must comply with multiple, and often conflicting, regulatory and data protection regulations promulgated by various regulatory authorities.
There are also wider concerns about the confidentiality of patient data online, and whether current technology is secure enough to protect patient's health data. As patient health data is considered sensitive personal data in the context of Irish and EU data protection legislation, it is subject to more stringent requirements than other forms of personal data. Prior to relying on any telemedicine technology to collect and transfer patients' health data, providers need, among other things, to ensure that they have secure communication channels, to implement confidentiality and privacy agreements, and to educate administrators and users regarding the appropriate use of telemedicine technologies.
While it is not certain that legislation will be adopted either at an EU or Irish level governing the services anytime soon, companies must be in a position to anticipate and prepare for such legislation. One of the ways to do this is to take a holistic approach when navigating the relevant legal and regulatory requirements at an early stage of development of the services and related technology. Getting the key players involved at this early stage will also help identify any gaps in assessment. As telemedicine is a moving target, companies should also keep a dialogue with the relevant regulatory authorities to confirm whether the authorities are drafting or preparing any guidance that might be relevant.
This article contains a general summary of developments and is not a complete or definitive statement of the law. Specific legal advice should be obtained where appropriate.