E-mail, other computer use may increase liability risk

As physician-patient e-mail and other medical communications move on-line, so does the medical liability risk, according to the eRisk Working Group for Healthcare, a consortium of national medical societies and liability carriers representing more than 70% of insured physicians.

The eRisk Working Group for Healthcare has published an updated list of guidelines for physician office on-line communications with patients, other health care providers, and industry. Driving the creation of these guidelines is the continued growth of physician-patient e-mail, which is being motivated by strong patient demand and already involves roughly 25% of practicing physicians according to recent studies published by Boston Consulting Group, Jupiter Media Metrix, and Medem Inc. The new guidelines were developed by the carriers and medical societies at the second annual eRisk Working Group for Healthcare conference recently held in San Francisco.

The new guidelines address both routine on-line interaction with physician offices as well as on-line consultations, in which providers are reimbursed for providing care on-line, says Mark Gorney, MD, medical director for the Doctors Company, one of the largest national malpractice carriers. They emphasize the need for secure on-line messaging, with authentication and encryption, he says, as opposed to the use of standard e-mail for physician-office communications. A second set of guidelines for reimbursed on-line consultations was created in response to the growing interest among both patients and physicians for this service and an increased number of payers who reimburse physicians or are considering reimbursement for on-line consultations.

National survey data presented by Medem at the conference detailed substantial growth in the use of web sites and e-mail for physician-patient and physician-physician communications with tens of thousands of physicians now routinely using e-mail in their offices. Participating liability carriers focused on the use of standard e-mail systems by physicians and the inherent potential liability in these unsecure environments that often involve employer-provided patient e-mail.

"The new eRisk guidelines make it clear to physicians that there are risks in using standard e-mail to communicate with patients or to transmit patient information to third parties using standard e-mail," Gorney says. "Charging patients or payers for an on-line consultation likely increases those risks. Given these risks and the HIPAA [Health Insurance Portability and Accountability Act] guidelines, it makes good sense to use a network that includes both encryption and authentication for transmitting messages."

The liability carriers and the societies agreed that technology adoption among physicians is rapidly advancing and challenging the health care industry to keep up with appropriate guidelines and advice. Ed Gotlieb, MD, a pediatrician and representative from the American Academy of Pediatrics, whose board has formally endorsed the eRisk guidelines, says the frequency of on-line doctor-patient and doctor-doctor communications is rapidly growing.

"This is especially true among younger physicians. Pediatric residents use e-mail routinely," he says.

Gotlieb points out that many physicians may assume e-mail communication is acceptable to patients, but the guidelines specifically say that informed consent is necessary before beginning any e-mail communication with a patient. That means the doctor must explain to the patient e-mail communication may not be as private as other methods, and the patient must consent to communicating that way despite the shortcomings.

In particular, risk managers should warn physicians against routinely collecting e-mail addresses as part of data collection with patients and then using that address without informed consent. The new guidelines have this to say about getting informed consent for e-mail communication:

"Prior to the initiation of on-line communication between health care provider and patient, informed consent should be obtained from the patient regarding the appropriate use and limitations of this form of communication. Providers should consider developing and publishing specific guidelines for on-line communications with patients, such as avoiding emergency use, appropriate expectations for response times, etc. These guidelines should become part of the legal documentation and medical record when appropriate. Providers should consider developing patient selection criteria to identify those patients suitable for e-mail correspondence, thus eliminating persons who would not be compliant." (See story below for excerpts from the guidelines.)

The summary guidelines for on-line communications and reimbursed on-line consultations are posted on the liability carrier web sites and also are available at www.medem.com/erisk.