Recently, a media organization obtained the medical records of 281,000 patients from an individual who hacked a telemedicine platform. The platform specifically catered to patients seeking Ivermectin and Hydroxychloroquine prescriptions.
The hack appears to have uncovered a scheme through which patient referrals were generated by an entity called America’s Frontline Doctors and referred to a telehealth platform, SpeakWithAnMD.com. Thereafter, as a result of some electronic interaction with the patient, prescriptions for alleged COVID-19 treatments were issued and submitted to a pharmacy hub for distribution and fulfillment. It is unclear whether the electronic interactions with patients were telephone calls, video conferences, or simple web surveys. Accordingly, the sufficiency of the interactions and the subsequent validity of prescriptions is uncertain.
Of note, the U.S. Food and Drug Administration has issued alerts cautioning against the use of Ivermectin and Hydroxychloroquine for the treatment of COVID-19, and as such, providers prescribing such drugs, and pharmacies and pharmacists dispensing such drugs, may face scrutiny under both federal and state law arising out of their prescribing and dispensing habits, and any associated claims made by such prescribers or dispensers about the efficacy or use of these drugs.
Since the publication of the above media report, other outlets, including TIME Magazine, have addressed the story. The heightened media interest in the subject matter increases the risk of regulatory scrutiny; and the reported data breach nearly guarantees an investigation from a patient privacy perspective.
Key Takeaways
A telehealth model must be carefully structured to comport with the requirements of the law, as each person and entity involved in a telehealth model face liability on a variety of fronts. An improperly structured telehealth arrangement can create liability not only for the organizers of the model, but also for the individual physicians, pharmacists, pharmacies, and other providers rendering care through the scheme. Common issues affecting telehealth include data privacy and HIPAA; state prohibitions on the corporate practice of medicine; kickbacks and fee splitting; patient choice laws; and, professional board regulations enumerating the requirements for engaging in the practice of medicine and pharmacy.
Importantly, all persons and entities involved in a telehealth model must take care to ensure that their financial relationships do not violate federal or state kickback or patient brokering prohibitions, which often carry criminal penalties, and sometimes apply irrespective of payor source.
How Frier Levitt Can Help
If you are a healthcare provider, pharmacy, or pharmacist involved in the above-described arrangement, or a similar telehealth arrangement, it is important that you retain competent healthcare counsel to review the regulatory permissibility of your activities to evaluate and mitigate your potential exposure.
