The Covid-19 pandemic led to the dismantling of regulatory, psychological and organizational barriers, and brought about an exponential increase in the use of tele-health.
For example, the number of meetings at HMOs conducted via digital means increased significantly. Many health care providers who thought they were unable to utilize tele-health, like psychologists and physiotherapists, began treating patients by digital means. Hospitals began monitoring patients' conditions from afar with mobile medical devices in order to minimize the medical team's exposure. Although a digital encounter is not devoid of limitations, and is not appropriate to all situations, medical staff and patients have both begun to get used to virtual treatment, and at times, even prefer it to physical encounters.

We do not know yet how tele-medicine will look in the future. Will physicians and patients "meet" through video talks or a virtual reality; will patients participate in examining themselves; will physicians conduct remote examinations by utilizing smart medical devices? Will physicians be solely responsible for medical documentation, or will they receive a patient's data from personal apps or social media; who will initiate medical encounters – the patient or an artificial intelligence software that identifies early symptoms of illness? These are unanswered questions. It does seem that tele-health will continue to have a significant place in medical treatment in the future.

If you wish to develop a product or service for tele-health, or develop a tele-health medical device or application, it is important to know and consider the legal regulations and implications. It is imperative to plan products and services while considering the legal issues upfront, and not as an afterthought, and of course draft commercial contracts accordingly.

What Should You Consider Legally when Planning a Telehealth Product or Service?

It is important to bear in mind the specific market you are aiming to reach. Various countries have their own regulations. In the U.S., for example, besides Federal law, each state has its particular set of laws; in Europe, alongside EU regulations, each country might have its own national regulations regarding the issues at hand. The following survey refers to Israel, unless otherwise stated.

Certification and insurance – one must verify that the medical staff has the required license in the country of service and that professional insurance covers tele-medical service.

Use of medical devices – medical devices must be registered and approved by the regulator (to be elaborated on in a future post).

Permits for tele-health, and particularly, in a medical facility – one must familiarize oneself with the Israel Ministry of Health's Director General's Directive on tele-medicine, or instructions of equivalent regulatory bodies abroad, especially concerning required permits for tele-medicine practice in a medical institution.

Data and Privacy Protection

The information on digital encounter between physician and patient is, of course, confidential, according to the Patient's Rights Act.

Regulations for privacy protection are determined in accordance with the national legislation of the home state, where the company operates, and/or the country of the patient whose data are involved. As a rule, privacy policy should be determined to clarify the purpose of data collection regarding the patient, the method or system of data storage, the method and procedure of data transfer to a third party in Israel or abroad, including via cloud. If information is used for purposes beyond the service provided, this should be explained to the user, and the user's consent must be obtained. Data storage and security must comply with the local regulations pertaining to information storage.

In Israel, policy regarding the protection of information must be determined in conformity with the Privacy Protection Law, Privacy Protection regulations, and the Director General's Directive on tele-medicine. (Other relevant regulations can include, for example, HIPAA in the U.S., in relevant cases, and GDPR in Europe.)

Regulation of Medical Practice

In addition, regulation of medical practice, and in Israel, the Patient's Rights Act, impact on consultations held in digital meetings between physicians and patients. This includes the duty to document those meetings and the right of medical confidentiality. Moreover, mechanisms must be put in place to positively establish the identity of a patient and to obtain a patient's informed consent to the tele-health service, that also verifies that the patient understands and agrees to accept its limitations. Other mechanisms need to deal with the issuance of digital prescriptions, track referrals and more.

On further legal requirements for tele-health products that include medical applications or artificial intelligence, please see forthcoming posts.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.