We all know that telehealth is going mainstream.  The numbers speak for themselves.  A leading research firm predicts that 2.8 million patients worldwide used home-based remote monitoring devices in 2012—expected to increase to 9.4 million connections globally by 2017.  Another firm projects that the number of patients using telehealth services in the United States will grow to 1.3 million in 2017, up from 227,000 in 2012.  Even less rosy projections predict growth to 2 million patients worldwide by 2017.  The news is even better in subspecialties like telepsychiatry   that are showing tremendous adoption rates all across the country.  And the federal government is voicing its support for telehealth adoption in a variety of ways including awarding millions of dollars in grant funding for telehealth projects under its Centers for Medicare and Medicaid Services Health Care Innovation Awards program.

All this good news notwithstanding, there are a number of issues and barriers that remain—many of which threaten to stifle the progress being made.  I have boiled these down to the few I think will keep the telehealth community awake at night because, in my view, they hold the greatest potential to stifle the greater adoption of telehealth.

Not Complying with State Licensure and Prescribing Laws.  I have seen a number of regional and national telehealth care models that don’t appear to be in compliance with the various state licensure and prescribing laws. This could have serious ramifications for telehealth as state regulators begin to focus more on telehealth enforcement.  Unfortunately, providing telehealth in more than one state will mean that providers need to comply with multiple state laws, which are often confusing and burdensome.  Nevertheless, telehealth providers should pay particular attention to state prescribing laws, the majority of which require a physical examination before a provider may prescribe drugs—a difficult requirement to meet for telehealth providers operating in multiple states.  Some providers seem unaware of these requirements or simply ignore them.  While I acknowledge that enforcement in this area has not historically been a priority for most state regulators, this is changing in many states as telehealth continues to blossom. As an example, I note the case of the Colorado doctor convicted in 2009 for prescribing an anti-depressant medication to a patient in California who later committed suicide.  The doctor had not performed a face-to-face evaluation nor established physician-patient relationship as required under California law.  It will only take a few similar high-profile cases to bring the kind of unwanted scrutiny that dogs other parts of the health care sector.

Lack of Highly Developed Protocols and Guidelines.  In my discussions with various state regulators and payers, there seems to be a consensus that telehealth lacks the robust, highly developed protocols, guidelines, and best practices to foster greater acceptance.  I applaud organizations such as the American Telemedicine Association for its continued work in developing a suite of protocols and guidelines for telehealth.  But a lot more needs to be done.  Physician and other health care professional organizations and trade associations need to take the lead in developing serious, well-conceived protocols and guidelines to provide the kind of uniform standards that regulators and payers rightly believe is lacking in telehealth.  Without such protocols, many regulators and payers will continue to view telehealth with skepticism—not to mention the potentially greater liability exposure that exists for practitioners operating in disciplines with no well-established protocols.

Lack of Greater Coverage and ReimbursementI have discussed before why providers not getting directly reimbursed for telehealth may not be as much of an issue as many providers believe.  Nevertheless, the lack of widespread coverage and reimbursement is preventing many providers who would otherwise consider providing telehealth from dipping their toes in the water.  To be sure, through so-called telehealth parity statutes, many more private payers cover telehelath than ever before.  But that is not enough.  Payers cite many reasons for failing to provide more telehealth coverage:

  • Not persuaded by clinical efficacy of telehealth for many indications.
  • Bias towards keeping telehealth benefit only available for rural beneficiaries in areas with shortage of health care professionals.
  • Fear of increased costs with expansion of telehealth benefit.
  • HIPAA privacy and security concerns.
  • Many studies have been inconclusive regarding efficiency, cost savings, preventable hospitalizations from the use of telehealth services.

Telehealth stakeholders have more power than they think—and should engage with regulators and payers in a coordinated way to help fashion a more coherent reimbursement approach to telehealth.  There are many developments     stakeholders could point to, including: 1) the number of newer studies showing the benefits of telehealth; and 2) the significant results achieved by the Veterans Health Administration (53% reduction in bed days of care; 30% reduction in hospital admissions), long a leader in telehealth adoption.  Absent a more coherent reimbursement approach, many providers will continue to sit on the sidelines—stalling the greater widespread adoption of telehealth.

HIPAA Privacy and Security. Telehealth HIPAA privacy and security issues are not necessarily different than those facing more conventional providers.  However, within telehealth, privacy and security issues take on greater significance given that telehealth is usually delivered by electronic means and that health information is often stored electronically.  In other words, there are ample more opportunities for unauthorized third parties to access patient health information.  Data breaches are becoming increasingly common with one study showing that 94% of healthcare organizations surveyed have experienced at least one data breach during the past two years, and 45 percent experiencing more than 5 data breaches each during this same period.  In my mind, nothing threatens the future viability of telehealth more than lax privacy and security.  We have written many posts regarding the kinds of privacy and security issues telehealth providers need to have top of mind.

Back to Health Law Advisor Blog

Search This Blog

Blog Editors

Related Services



Jump to Page


Sign up to receive an email notification when new Health Law Advisor posts are published:

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.