Steering clear of pitfalls in physician Web sites
By Phyllis Maguire
A patient visiting your practice's Web site clicks on a link for more information and gets some bad medical advice. If she is harmed as a result, can you be held liable? And are you liable if she gets that information from a chat room hosted by your site?
These scenarios may seem unlikely, particularly because most physician Web sites now provide little more than office hours and directions. But as physicians build better Web sites to give patients more information, experts predict that medical practices will encounter a wide range of legal and regulatory issues.
Some sticking points, like antikickback and liability regulations, will be familiar to physicians. But other regulations concerning the electronic transmission of health related information are expected to break new legal and ethical ground.
Here are some of the pitfalls to avoid when you put your practice on the Web:
Problem: concerns about kickbacks. Several companies offer physicians free or subsidized sites, an arrangement that experts say can run afoul of antikickback statutes. Before you sign on, look closely at whether the discounts being offered constitute gifts that may get you in hot water.
"What's the quid pro quo and expectation?" asked Bruce M. Fried, JD, chair of the health law group at the Washington office of law firm Shaw Pittman. "When something of value is being given, the fraud and abuse enforcement authorities always look at what is being expected in return."
For instance, lawyers expect antitrust regulators to be leery of physicians accepting free sites from pharmaceutical companies or hospitals. They'd expect such a gift to lead to prescription preferences or increased hospital referrals.
Or take this business model: A Web site provider charges physicians a monthly fee to run their Web sites, but gives free sites to one group of subspecialists like cardiologists. The catch? The cardiologists have to agree to post certain drug ads on their site.
Lawyers predict that federal investigators won't like this type of targeted marketing arrangement. They will also question any ties between physicians' income from Web site drug ads and the number of prescriptions physicians write for that particular drug. Such a connection would be a clear sign of referral intent, according to John T. Bentivoglio, JD, special counsel for health care fraud for the U.S. Department of Justice (DOJ).
Solutions. Steer clear of free or subsidized sites from hospitals or drug makers. And avoid any kind of exclusive advertising arrangement with a particular pharmacy, pharmaceutical company or group of subspecialists. Analysts say that in the eyes of HHS Office of Inspector General, exclusive relationships imply some sort of referral.
This is not to say that physicians can't accept Web site ads. "If it's just a banner advertisement and there is no indication that the physician is saying, 'Go ahead and buy the product,' I don't think there's significant exposure for the doctor," said health care attorney Lloyd A. Bookman, JD, principal of Hooper Lundy & Bookman in Los Angeles. "That's the type of advertising that a physician can get paid for."
Privacy is of particular concern to physicians as they forge new types of online partnerships. With the growing use of "cookies"—text files stored on users' computers that track the Web sites they've visited—physicians must be vigilant about whom they partner with and how patient information gets used.
Privacy policies "should give people real choices, like the choice to be anonymous," Ms. Goldman continued. If you decide to allow some information to be disclosed from your site, give users the ability to exclude themselves or limit those disclosures. Users should also be able to access and correct submitted information.
And posted policies must reflect actual practices. Deceptive or incomplete policies may violate state consumer protection or false advertising laws—and invite scrutiny from the Federal Trade Commission, according to David Hellerstein, MD, a consultant with the Sacramento, Calif., office of PricewaterhouseCoopers.
There are several resources physicians can use to craft privacy policies. The Health on the Net (HON) Foundation (www.hon.ch) has published principles to help regulate user privacy; the Internet Healthcare Coalition (www.ihealthcoalition.org) and the Hi-Ethics (for Health Internet) Alliance (www.hiethics.org) have also issued guidelines. All three efforts are the industry's attempt "to self-regulate before the feds come down with a very heavy hand," said Vincent T. Kuraitis, JD, principal of Better Health Technologies, an e-health care business development company based in Boise, Idaho.
Privacy is also a major concern with physician-patient e-mail, because most e-mail is sent through unsecured commercial systems or sections of physicians' own unsecured sites. Unless you're using encryption and authentication procedures, experts say that you should discourage patients from sending sensitive or emergency information electronically. (For more on e-mail, see "How to avoid privacy problems with patient e-mail.")
Problem: liability. While physicians want to make sure that sites that they are linked to contain top-quality information, some wonder whether physicians will be held liable for misleading information on a linked site. And what if they host a chat room on their Web site where bad—or even dangerous—information is disseminated?
Another concern is whether standard malpractice policies cover cybercare. The AMA has argued, for instance, that no doctor-patient relationship exists if physicians communicate electronically with patients with whom they have no established relationship. Might a malpractice carrier claim that online communication, particularly with a new patient, is not legitimate and therefore not covered?
Solutions. If you refer users to information on another Web site and you don't modify or endorse that information, said Mr. Fried from Shaw Pittman, you probably will not be held responsible if that information is inaccurate. To play it safe, however, he suggested checking to see if linked sites display the "HON Code" logo. Sites displaying this logo agree to have only medically qualified professionals dispense advice and to give references for the information they provide.
Chat rooms, however, are another matter. Michael L. Blau, JD, partner in the health department of Boston law firm McDermott, Will & Emery, noted that Web sites have successfully argued that they are not legally responsible for misleading chat room content. But he added that these precedents occurred in non-health care settings.
Health care providers may have "a higher level of duty" for verifying health care information posted on their site, he continued. "There may be some responsibility to correct or amend misleading information or put out corrective bulletins if the physician becomes aware that that kind of information is being posted," he said.
Finally, experts urge physicians to check with their malpractice insurance carriers to see if they are protected from misinformation on the Web. Physicians may have to arrange for specialty riders to cover online activities, even with established patients.
Internist Archives Quick Links
ACP Clinical Shorts
Expert Education on Your Schedule
Short videos deliver highly focused answers to challenging clinical situations seen in practice and are a terrific way to earn CME credit on-the-go. See more.
New: Free Modules from ACP Practice Advisor!
Keep your practice moving in the right direction. ACP Practice Advisor is offering four modules that you and your staff can try for free. Get to know the premier online practice management tool at no risk. Explore the modules.