• TIPLPR

A CRITICAL STUDY OF THE LEGAL FRAMEWORK OF TELEMEDICINE PRACTICE IN INDIA

Introduction

Amidst all the stress placed upon social distancing norms and the imposition of strict quarantine measures, a swift adoption of the telemedicine practice has appeared as a silver lining among the dark clouds of uncertainty. Online doctor consultations on the e-health service platform Practo have witnessed a sharp five-hundred percent increase, with more than five crore people utilising their services since March, 2020. Mfine, another online consultation platform, has recorded an eight-fold increase in demand for consultation services from urban areas during the lockdown period, highlighting the increasing penetration of technology in delivery of essential services such as healthcare.

The use of telemedicine services provide access to medical consultation without the need for both doctor and patient to be physically present in the same room. In a nutshell, telemedicine effectively facilitates larger access to healthcare services by eliminating the obstacle of distance, and also significantly reduces the cost for such access. The Indian Space Research Organization made the first attempt at providing telemedicine services when it launched its Telemedicine Pilot Project in 2001, linking Chennai's Apollo Hospital with the Apollo Rural Hospital in Chittoor. Another interesting example was observed during the Kumbh Mela, where a Mobile Telemedicine System was set-up, equipped fully with video conferencing systems, X-ray units and a small laboratory.

However, there did not exist any comprehensive framework laying down the rules governing the use of video, phone and internet platforms for rendering telemedicine services. The Recommended Guidelines & Standards for Practice of Telemedicine in India, 2003 along with the provisions under the Indian Medical Council Act, 1956 and the Information Technology Act, 2000 primarily governed the practice. The ensuing uncertainty resulted in hazards for both patients and medical professionals alike. Therefore, the need was felt for a detailed set of guidelines to regulate the expanding field. Pre-empting the rise in usage of telemedicine in the lockdown, the Telemedicine Practice Guidelines were released on March 25.

Important Features of the Guidelines

To start with, the guidelines endorse the WHO definition of telemedicine, which goes as follows, “The delivery of health-care services, where distance is a critical factor, by all health-care professionals using information and communications technologies for the exchange of valid information for diagnosis, treatment and prevention of disease and injuries, research and evaluation, and the continuing education of health-care workers, with the aim of advancing the health of individuals and communities.

Guideline 1.3 provides that Registered Medical Practitioners (RMPs) would be entitled to practice telemedicine with patients from any part of India, while upholding the same professional as well as ethical standards as applicable to traditional in-person care. It is specified that any RMP willing to offer telemedicine consultation must undergo an online course developed by the Medical Council of India (MCI) within three years of its notification. Post this period, the completion of this course would be a prerequisite to practice telemedicine.

The next set of guidelines are concerned with the telemedicine applications. It is clearly laid down that any tool capable of conducting tele-communication, such as a mobile, telephone, internet or even WhatsApp and Skype, can be used by the RMPs. The guidelines are very comprehensive in nature with respect to the tools that may be used. The strengths and weaknesses of various modes have also been laid down on the basis of various factors such as convenience, optimality of information exchange, privacy and requirement of infrastructure, to name a few.

Guideline 3.2 mandates that the consultation cannot be anonymous and the RMP should verify the identity of the patient with their name, age, address and registered ID. It must also be ensured that there is a mechanism for the patient to verify credentials of the RMP. This process of verification is very important, even more so for the patient as it would be fairly easy for an impostor to take advantage of vulnerable patients and mislead them about their health status.

Part 3.7.1 of the Guidelines talks about the principles of Medical Ethics, Data Privacy and Confidentiality which are to be upheld during the entirety of the process. It is stated that the RMPs must be cognizant of the current Data Protection and Privacy laws and to fully abide by the Indian Medical Council (Professional Conduct, Etiquette and Ethics) Regulations, 2002 along with the relevant provisions of the IT Act. RMPs, however, will not be held responsible for breach of confidentiality if there is reasonable evidence to believe that such compromise was the result of a technology breach.

A portion of the Guidelines has also been devoted specifically towards the technology platforms that work with a network of RMPs to facilitate telemedicine. It is mandated that the platforms providing telemedicine services shall make sure that the RMPs available on their platform are registered under the Indian Medical Council Act, 1956. It is required of the platforms to carry out due diligence before listing any RMP on its platform. The name, qualification, registration number and contact details of RMPs must necessarily be available on the platform.

In an interesting point, the Guidelines allow the use of new technologies, such as Artificial Intelligence, Internet of Things, advanced data science-based decision support systems and others to assist the RMPs in patient evaluation. However, for good measure, the scope of this assistance has been limited simply to patient evaluation, whereas the diagnosis and counselling of the patient, along with prescription of medicines, can only be done by the RMPs.

Critical Analysis

The biggest issue that could possibly crop up with an exercise involving the use of technology to host consultation sessions is the maintenance of confidentiality, an integral facet of the doctor-patient relationship. It is laid down in the Guidelines that all the ethical principles that are followed in the traditional practice are to be observed in telemedicine as well, nevertheless, there is no measure of certainty which reinforces the belief in a patient that his/her consultation remains confidential. Moreover, the fact that the Guidelines explicitly state that the RMPs would not be liable for any compromise caused by a technology breach, raises several red flags. However, there are certain safeguards which are ensured to patients under the Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

Rule 3 of the latter provides that information relating to physical, physiological and mental health condition, sexual orientation, medical records and biometric information, would constitute sensitive information. This has also been reiterated in Section 3(36) of the Personal Data Protection Bill, 2019. Rule 4 of the IT Rules, 2011 mandate that a body corporate shall provide a privacy policy for handling of sensitive personal information. Rule 5(4) establishes that a body corporate holding sensitive information shall not retain that information for longer than is required for the purposes for which the information may lawfully be used.

Further, Rule 8 states that a body corporate should follow reasonable security practices and procedures to safeguard the data. The Telemedicine Guidelines are found lacking in the fact that while they do mandate that the IT Act and its accompanying rules be followed, it does not specify crucial points such as the period for which data of a patient can be stored by the platforms. The penalties under section 43(a-h) of the principal Information Technology Act, 2000 may also be attracted in cases where any person, without permission of the owner, accesses a computer system, or downloads, damages, copies or extracts data from the computer.

As mentioned earlier, in a telemedicine set-up, there is a greater chance of vulnerable patients being drawn in and misled by quacks. While the guidelines do highlight that the technology platforms offering telemedicine services must conduct a due diligence on the RMPs before listing them, they fail to elaborate upon the scope of such a due diligence. Further, it is not the case that telemedicine services can be offered only by platforms who will have the obligation of due diligence. Consultations can be offered over any mode of communication, such as WhatsApp and Facebook Messenger. In such a scenario, it exposes a large part of the population, especially the elderly and those lacking in technological literacy, to miscreants who will be looking to take advantage.

The Way Forward

The Guidelines err in enabling each and every medical professional who is duly registered, to offer telemedicine consultations independently, as there is no mechanism for patients to ensure their credentials properly. On the other hand, had only technology platforms been given the permission to facilitate such consultations, it would be incumbent upon them to perform due diligence on the RMPs. In order to allow for RMPs to offer consultations independently, the MCI should create its own gateway, where RMPs can be enlisted and patients can contact them directly.

Further, in light of the pandemic situation, it can be reasonably anticipated that telemedicine services are here to stay and therefore, there will be an increase in the number of technology platforms hosting consultations. Hospitals will also be looking to create their own platforms to jump into the ring, thus, it is of paramount importance that a procedure be developed for accreditation and licensing of such platforms by the MCI, so that they can be held accountable in case of malpractice.

Therefore, the move to launch a detailed set of guidelines for regulating telemedicine services just as India entered into a lockdown was a well-intentioned move. However, these guidelines fall short in several aspects and since telemedicine services are only going to expand, the government must look towards bringing in suitable legislation to firmly lay down the rules regarding the practice, especially with respect to the issues of data privacy and role of technology platforms.


Title Image Source: InnoHEALTH magazine


This article has been written by Ritwik Tyagi who is a student of law at National Law University, Nagpur. Particularly enthusiastic about reading and writing, he can most often be found penning down creations of his mind.