InLaw: DAC Beachcroft’s Hamza Drabu navigates cross-border telemedicine

Hamza Drabu, partner DAC Beachcroft

Technical lessons learned from operating virtually during the pandemic will be carried through into an increasingly new, borderless digital age for health. The technology to take us to the next stage is already here but, as is often the case with step-change, the regulatory implications from offering services more widely requires close attention. In this article, Hamza Drabu, commercial law partner at DAC Beachcroft explores these legal and regulatory challenges and how to mitigate the risk.

As the pandemic unfolded, different models of care were adopted by healthcare providers, many of which focussed on ensuring that appointments, where clinically appropriate, were ‘digital first’ through virtual consultations to avoid human contact and the spread of Covid-19. The adoption of telemedicine has become an increasingly normalised part of a care pathway and, as the volume of diagnostic data grows, coupled with the rise of accessibility for electronic health records, the possibilities for cross-border healthcare services are brought into sharp focus.

These possibilities may include new models of collaborative healthcare provision or more people having access to world-renowned specialists for second opinions, regardless of location. Access to a consumer-led global market of healthcare services through these means is something that should not be considered too far away. However, regulation generally lags behind technological developments, and the implementation of telemedicine, even in a domestic setting, has raised a range of legal issues.

Cross-border telemedicine adds different jurisdictions and regulatory frameworks to the landscape, creating a complex legal area to navigate. At present, there is currently no cohesive regime that exists to regulate the delivery of international telemedicine.

Are things getting any easier?

Post-Brexit, it is worth noting that there are a couple of changes that alter the picture between EU Member States and the UK. Under the EU Directive on Electronic Commerce, the legal provisions that apply to ‘information society services’ (which would encompass telemedicine) are those in force in the member state in which the service provider is established, rather than the state in which services are received by a customer (or in this case, the patient). EU Directive 2011/24/EU on the application of patients’ rights in cross-border healthcare, states that cross-border healthcare shall be provided in accordance with the legislation of the member state on whose territory healthcare is provided to the patient. Art.3(d), states that ‘in the case of telemedicine, healthcare is considered to be provided in the Member State where the healthcare provider is established’.

While these directives still apply in the EU (simplifying the picture between EU Member States), those two Directives are not retained in UK law post 31 December 2020. The applicable position relating to the E-Commerce Regulations 2002 (as amended) means that UK-established telemedicine providers will no longer be able to benefit from the pre-Brexit position.

Instead, they will have to comply with the specific requirements of each jurisdiction in which they are active. This will mean that a UK-based telemedicine provider will need to both account for different contracting arrangements, requirements and information provision rules in each EU Member State and consider the regulatory framework for offering a telemedicine service to any patients in any EU Member State – rather than the previous position, where it could rely on the country-of-origin principles.

What next?

There is no doubt that while the adoption of telemedicine has been catalysed by the pandemic, it is an area that will continue to grow. Whilst there are a number of legal obstacles that need to be considered and worked through, there are ways that organisations can seek to mitigate the risk of cross-border telemedicine and operate safe and effective services – namely by understanding the relevant legal frameworks in place and complying with them.

The importance of understanding the risks and having robust mitigation plans in this area can’t be understated, but the prize for getting it right is likely to be significant.