Digital Healthcare In The United States — Trends And Developments

After more than four years, during which the COVID-19 pandemic captured headlines and affected billions of lives worldwide, it is an interesting challenge to reframe this annual report on the state of digital healthcare in the United States. While COVID-19 is still very much in the public health picture, the vast majority of US residents have had at least one bout with the illness, received at least one vaccination, or in most cases, experienced both.

The lessons of COVID-19 are perhaps most clearly evident in the approach of US federal and state officials toward the emergence of other infectious diseases. The late-2022 monkeypox outbreak was curtailed relatively quickly by deploying targeted, improved vaccination strategies that benefited directly from the experience of vaccinating hundreds of millions of people against COVID-19. As variations of avian flu and other diseases that might eventually make the leap to humans are identified, disease-tracking and -prevention strategies are likewise being developed and implemented more quickly.

In the current economic and political climate, legislative, regulatory, and public health officials — as well as private enterprise — are refocusing attention, resources, and money on other concerns. With regard to digital health and telemedicine, however, it appears that the lessons learned during the pandemic will have a long shelf life. Digital health solutions played a major role in providing cost-effective, high-quality healthcare to Americans across the country and from all backgrounds. Rural and underserved populations in particular benefited from the loosening of federal and state restrictions on telehealth, physician licensure, and other rules that often served as barriers to the delivery of modern healthcare.

This trend in the United States reflects a broader global commitment to digital health. In August 2023, the World Health Organization announced the Global Initiative on Digital Health (GIDH) — a network of organizations, institutions, and government technical agencies actively engaged in supporting national digital health transformation. Designed to accelerate the implementation of the Global Strategy on Digital Health, the GIDH aims to focus country-level efforts and align resources toward country-led digital health transformation through strengthened collaboration and knowledge exchange.

The GIDH was launched formally on February 20, 2024, with the goal of achieving the following objectives:

• Assess and prioritize country needs for sustainable digital health transformation
• Increase the alignment of country-level digital health resources and unfunded priorities
• Support the accelerated achievement of the strategic objectives of the Global Strategy on Digital Health 2020–25
• Build capacity and converge efforts to encourage local development and maintenance of digital health technologies and to adapt them to continuously changing needs

In the United States, many federal and state lawmakers and agency officials are continuing their concerted, coordinated efforts to make permanent a number of pandemic-related digital health measures that quite convincingly demonstrated positive effects on care delivery and patient outcomes. Legislatures continue to pass bills, and agencies are updating guidance relating to the following, among other areas:

• Pharmacist prescribing authority exceptions
• Teledentistry treatment
• The use of audio-only calls for telehealth services
• Expanded use of telehealth to provide mental health services
• The standardization of records related to patient consent for treatment and data collection and sharing

In this context, the following is a review of some of the key developments in the digital health space throughout the past year, with an eye toward the remainder of 2024 and beyond.

Licensure: Growing acceptance of interstate compacts

Prior to the COVID-19 pandemic, most states had strict limitations on the licensing of healthcare professionals to practice telemedicine within their borders. Physicians and nonphysician practitioners (including nurses, psychologists, and physical therapists) were required to hold licenses in the states where their patients resided. In certain states, "relationship requirements" also meant that the provider or someone in the provider's practice needed to examine the patient in person before initiating telemedicine services.

In early 2020, as the pandemic gained momentum, the United States Department of Health and Human Services (HHS) issued a series of bulletins, notifications, and FAQs announcing and then clarifying waivers of certain federal Health Insurance Portability and Accountability Act (HIPAA) regulations and Health Information Technology for Economic and Clinical Health (HITECH) Act noncompliance sanctions against covered entities and providers. As a result, state licensing boards began to loosen their telemedicine licensing requirements.

With the expiration of federal and state public health emergencies (PHEs), industry groups, elected officials, and other advocates have strengthened their efforts to officially expand licensure opportunities for providers. By way of example, the Interstate Medical Licensure Compact (IMLC) is an agreement among 39 states, the District of Columbia, and the territory of Guam to work together to streamline the licensing process for physicians wishing to practice in multiple states. Similar licensure compacts are also gaining momentum. During the past year, dozens of US states have passed or are actively pursuing legislation that allows participation in licensure compacts covering audiologists, speech pathologists, occupational therapists, mental health counselors, and more.

The IMLC is modeled after the Nurse Licensure Compact, which allows holders of a multistate nursing license to practice in all 40 participating jurisdictions. However, a key distinction between the two compacts is that physicians must still pay between $300 and $700 for each state license — a significant financial burden and an ongoing expenditure for providers practicing telemedicine at the national level.

CMS continues to update policies and reimbursement codes expanding the use of telehealth

As the COVID-19 PHE was winding down, major healthcare stakeholders had expressed fears that telehealth services made temporarily available would disappear. Since the expiration of the federal PHE in early May 2023, however, the US Centers for Medicare & Medicaid Services (CMS) has made a number of Medicare exemptions and policies permanent.

Much of this action has been the direct result of public comment on agencies' proposed rules. By way of example, on October 6, 2023, and after receiving more than 38,000 comments on its proposed telemedicine rules, HHS and the United States Drug Enforcement Administration extended a broad range of telemedicine rules. Examples of permanent changes include the following:

• Federally qualified health centers (FQHCs) and rural health clinics (RHCs) can serve as distant site providers for behavioral/mental telehealth services.
• Medicare patients can receive telehealth services for behavioral/mental healthcare in their home.
• There are no geographic restrictions on originating sites for behavioral/mental telehealth services.
• Behavioral/mental telehealth services can be delivered using audio-only communication platforms.
• Rural emergency hospitals are eligible originating sites for telehealth.

Temporary Medicare changes, in effect until December 31, 2024, include the following:

• FQHCs and RHCs can serve as distant site providers for nonbehavioral/mental telehealth services.
• Medicare patients can receive telehealth services in their home.
• There are no geographic restrictions on originating sites for nonbehavioral/mental telehealth services.
• Some nonbehavioral/mental telehealth services can be delivered using audio-only communication platforms.
• An in-person visit within six months of an initial behavioral/mental telehealth service, and annually thereafter, is not required.
• Telehealth services can be provided by all eligible Medicare providers.

From a reimbursement perspective, early pandemic initiatives emanating from federal agencies also included:

• Expanded telehealth codes for which providers can be reimbursed
• Equalized payment rates such that in-person (facility) and telehealth visits are reimbursed at the same level

CMS has published a final rule and tables listing Medicare telehealth services and codes for 2024, some of which have been made permanent and others provisional.

While these and other steps are encouraging, the future of telemedicine reimbursement will depend in large part on the ability of providers, insurers, and states to continue to convince relevant officials of the ongoing value of digital health services.

Capital is flowing to digital health technologies

During the past year, some of the pandemic-related economic challenges — labor shortages, supply chain disruptions, rising inflation, increased interest rates, and geopolitical tensions — have begun to ease. The healthcare industry and the digital health technology sector, in particular, have shown astonishing resilience.

By way of example, despite a strong sense of crisis among healthcare providers, in 2023 both the Association of American Medical Colleges and the American Association of Colleges of Nursing reported that applications to medical schools and nursing schools, respectively, had dipped only slightly after a 40-year history of steady growth.

While interest in the practice of medicine appears strong, one of the primary bottlenecks to bringing trained physicians to the workforce is a limited number of residency slots — postgraduate training that, in many cases, is required for a physician to obtain licensure in their respective state and/or employment in their chosen field. According to 2021 data reported by the National Resident Matching Program, the number of first-year residency positions was sufficient for only 80% of the medical school graduates who applied to these programs.

In its 2024 Global Healthcare Private Equity Report, Bain & Company reported that despite a drop in deal volume overall in 2023, digital healthcare and healthcare IT have seen a significant amount of activity, particularly in areas such as revenue cycle management, clinical workflow optimization, patient engagement, biopharma trials and analytics, and value-based care. In particular, the report highlighted the rise of AI tools and platforms that are transforming the healthcare IT landscape. Overall, healthcare IT comprises 10% of healthcare-sector deal volume; recent sizable deals include EngageSmart, Nextech, NextGen, and CorEvitas.

Corporate practice of medicine laws continue to stymie growth

Although many of the above-described deals offer distinct advantages (including expanded geographic reach and market share, greater efficiencies and economies of scale, synergies with current private equity holdings, and access to management expertise), they risk violations of state corporate practice of medicine prohibitions. This is a particularly pressing concern, given that digital health research, development, and implementation is typically expensive and often requires the level of financial resources available only through the types of private equity investments described earlier.

Generally speaking, state corporate practice of medicine prohibitions restrict corporations from practicing medicine or employing physicians to provide professional medical services. Although these regulations vary significantly across the three dozen states that currently have such prohibitions, they are generally designed to prevent the commercialization of the practice of medicine, avoid conflicts of interest between a corporation's obligations to its shareholders and physicians' obligations to their patients, and eliminate any interference with a physician's medical judgment.

Such "church and state" separations are becoming increasingly difficult to maintain in the healthcare sector. According to the Physicians Advocacy Institute, nearly three-quarters of physicians in the United States are salaried employees and half of all physician practices are owned by a hospital or corporate entity. Advocates for corporate practice of medicine laws see such statistics as an unwelcome indicator of the degree to which corporate interests may override patient interests.

By their very nature, telemedicine and digital health typically transcend jurisdictional boundaries. As a result, compliance with ownership, employment, and other obligations in one state may not ensure compliance in another. This diversity of rules and exceptions has the effect of limiting the formation, development, and use of telemedicine alternatives for fear of creating legal exposure, particularly when the very entities most likely to have the resources and scale to provide effective telemedicine are often corporations.

Typically, attempts to tighten corporate practice of medicine laws have come from within state legislative bodies, while enforcement of these laws has been the focus of state attorneys general. However, recent court cases — including the American Academy of Emergency Medicine Physician (AAEMP) group lawsuit filed in December 2022 against Envision Healthcare — may offer a view of things to come. In the suit, AAEMP (backed by the California Medical Association) alleges that Envision is using "shell business structures" in order to circumvent California state corporate practice of medicine regulations and improperly allow it to maintain ownership (or effective control) of emergency department staffing groups. In May 2023, Envision filed for Chapter 11 bankruptcy; however, the litigation continues and is worth watching, as it may encourage other private parties to use state corporate practice of medicine laws as a means of winning business disputes.

In any case, until such time as state legislatures take into account new methods for delivering care — and the financial and operational arrangements that support those methods — telemedicine providers and healthcare entities that contract with providers will need to scrutinize their contracts and structures on a state-by-state basis to avoid running up against state corporate practice of medicine prohibitions.

Regulatory scrutiny of telehealth fraud and overutilization gains strength

In September 2022, the HSS Office of the Inspector General (HHS-OIG) issued a data brief that identified Medicare provider billing practices that it was concerned posed a high risk to program integrity. Subsequently, in April 2023, the HHS-OIG issued a new toolkit that would enable public and private entities, private health plans, state Medicaid fraud control units, and federal healthcare agencies to conduct compliance assessments and self-assessments that could identify potential healthcare program risks.

In the summary of its report, "Exploring Fraud, Waste, and Abuse in Telehealth," CMS' Healthcare Fraud Prevention Partnership (HFPP) noted: "Although questions surrounding policy aspects of telehealth remain, it is anticipated to remain an essential mode of healthcare delivery beyond the PHE due to its benefits and convenience. Therefore, it is important to create and implement systems to help prevent and detect related fraud, waste, and abuse. Specific areas of focus for prevention efforts include developing strong data analytics to improve detection of potential telehealth schemes and creating robust awareness programs for patients and healthcare providers to learn about potential schemes. Lastly, many HFPP [p]artners emphasized the benefits of fostering collaboration and information-sharing between payers, healthcare systems, law enforcement, and policymakers to proactively monitor telehealth fraud, waste, and abuse."

In its overview of the toolkit, the OIG noted that telehealth services are "now an important part of our healthcare system" and pointed to the fact that Medicare beneficiaries used 88 times more telehealth services during the first year of the COVID-19 pandemic than in the previous year. The toolkit is designed to provide stakeholders and policymakers with a better understanding of the program integrity risks associated with telehealth services as well as help them develop necessary safeguards and address individual cases of potential fraud, waste, and abuse.

The toolkit consists of two components:

• Tools for identifying and analyzing telehealth claims data
• A set of seven program integrity measures that use the gathered data to determine the existence of potential risks

Coupled with an uptick in law enforcement actions, the HHS-OIG's series of initiatives makes it clear that, in some cases, fears of fraud and abuse from a minority of telemedicine practitioners have been realized. That said, despite increased use of telemedicine services, there appears to be no clear evidence that this method of care delivery gives rise to higher rates of fraudulent or inappropriate activity compared with other care delivery methodologies. If anything, the investigations conducted and charges filed throughout the past several years indicate that, when applied, fraud and abuse laws are strong and that payers will — and should — continue to scrutinize programs regardless of source or focus.

Dobbs decision shines a spotlight on reproductive telehealth

No review of the state of digital health in 2024 in the United States can fail to take note of the ongoing, widespread impact of the US Supreme Court's landmark June 2022 ruling in Dobbs v. Jackson Women's Health Organization. In reversing its prior decisions in Roe v. Wade and Planned Parenthood of Southeastern Pennsylvania v. Casey, the court stated that the US Constitution does not confer a right to abortion and returned the authority to regulate abortion "to the people and their elected representatives." In lieu of congressional action at the federal level, the Dobbs decision has essentially created a state-level system of access (or not) to abortion and many other reproductive health services.

In the eyes of many, the decision has also created chaos. The decision whether to have or perform an abortion is extraordinarily complex, and few areas of healthcare practice and regulation give rise to as much debate in this country. Although opinions on the subject vary from one extreme to another and include a vast middle ground, there is one point of almost universal consensus: Dobbs has had an unprecedented impact on the ability of individuals to obtain — and physicians and nurses to provide — effective, comprehensive maternal and reproductive healthcare without fear of legal, financial, or reputational ruin.

While the purpose of this section is not to take a deep dive into the moral, political, and other arguments in favor of or against abortion (or even propose a balanced approach that attempts to resolve the numerous concerns surrounding the issue), it must be noted that telemedicine and digital health solutions are at the center of many of the discussions, state-level legislative debates, and federal regulatory actions occurring today.

In the wake of Dobbs, a number of states quickly passed laws restricting access to abortion or had existing laws against abortion that came into effect immediately following the Supreme Court's decision. Many of these laws had significant unintended consequences, particularly for patients needing — and physicians performing — lifesaving medical procedures.

At the same time, many other states have actively expanded access to abortion treatment and enshrined in law protections for in- and out-of-state individuals providing or seeking medical treatment within these states' jurisdictions.

Even within single states, patients have been whipsawed by successive legislative actions, judicial decisions, and ballot initiatives that address this complex issue. In April 2024, for example, the Arizona Supreme Court approved enforcement of an 1864 law that bans nearly all abortions, including those that result from rape or incest. As of this writing (spring 2024), several legislative efforts to repeal the 1864 law have failed. Organizers are now attempting to gather enough signatures to add a measure to the November 2024 ballot asking voters to approve a constitutional amendment that protects the right to abortion until fetal viability (when a fetus could survive outside the womb).

On May 1, 2024, a Florida law went into effect banning all abortions after six weeks of pregnancy. This law potentially gives a pregnant woman less than two weeks after recognizing her pregnancy to make a decision about whether or not to seek an abortion legally in the state. As in Arizona, a proposed constitutional amendment to protect the right to abortion up to about 24 weeks of pregnancy is expected to appear on the ballot in November.

For individuals and practitioners caught between conflicting state laws, telehealth solutions are providing a notable option. Since the onset of the COVID-19 pandemic and following the Dobbs decision, there has been a surge in demand for telehealth medical abortion services. According to a December 2022 update by the Guttmacher Institute, medication-based abortions accounted for more than half of all abortions in the United States, and one-fifth of these procedures occurred via telehealth.

Given the speed with which advocates on both sides of the issue are pursuing — and realizing — legislative action that supports their interests, it is difficult to summarize, with any clarity, the status of abortion-related maternal care in the United States. At the time of this writing, US states are split almost evenly when it comes to legal telehealth medication abortions, with two dozen states and the District of Columbia allowing the procedure and slightly less than half of states either expressly or in effect banning this form of medical treatment.

The courts are also split with regard to the legality of the primary drug used for telehealth medication abortions: mifepristone. In January 2023, among other actions, the US Food & Drug Administration (FDA) lifted restrictions that prevented patients from obtaining medication abortion pills from retail pharmacies in states that do not have bans against medication abortions. On April 21, 2023, the Supreme Court weighed in, blocking the decision of the US Court of Appeals for the Fifth Circuit to allow limited implementation of the Texas court's earlier decision to fully ban the use of mifepristone. While the Court's decision means that the drug will be widely available in those states where abortion is legal for up to 10 weeks in a pregnancy, it was not until March 2024 that it heard arguments in the case (FDA v. Alliance for Hippocratic Medicine).

Given the current, divided federal government, it is unlikely that abortion-related reproductive health legislation will be passed at the national level anytime soon, leaving millions of patients and practitioners with extremely difficult choices.

Patient data privacy and cybersecurity are ongoing concerns

Like all healthcare professionals, telemedicine providers in the United States are subject to HIPAA and the HITECH Act, as well as a range of more recent federal and state data privacy and breach notification laws, such as the California Consumer Privacy Act and the Illinois Biometric Information Privacy Act. Such laws have been established because healthcare data and personally identifiable information are rich targets for hackers and cybercriminals.

According to The HIPAA Journal, 725 data breaches involving 500 or more healthcare records were reported to the HHS Office of Civil Rights (OCR) in 2023. This number, fully twice that noted in 2017, was the highest since the OCR began publishing records of data breaches.

Despite these risks, wider exposure to telemedicine has led to rapid acceptance among patients, providers, and insurers — indicating a degree of enthusiasm that should be encouraged while stakeholders also advocate for more stringent health IT security standards. Providers should ensure that they seek out and retain the services of reputable vendors that provide full interoperability with existing electronic medical record systems, are willing to sign business associate agreements, and provide reliable customer service while maintaining robust data security measures.

Telemedicine providers will also need to establish and document clear guidelines about what types of patient information can be collected and how such data can be disseminated and used to guide care. Patients are in a uniquely vulnerable position when working with providers, particularly those patients whose mental and physical health issues may impair their ability to understand fully or agree to the terms of a telemedicine visit.

Conclusion

Telemedicine has gained wider acceptance among patients, providers, hospitals, and insurers. Although the rollback of some pandemic-related waivers is likely to continue, increased pressure on lawmakers and regulators will likely act as a counterweight, encouraging the implementation of laws and policies that will enable digital health services to reach their full potential. To achieve this potential, however, digital health services will need to overcome a number of persistent barriers.

A version of this article was previously published on the Chambers and Partners website in June 2024.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.