The coronavirus outbreak (COVID-19) is overloading healthcare facilities worldwide. Hospitals have their hands full with Corona patients, putting the care of regular patients at risk. To relieve the pressure on healthcare providers and prevent further spread of the virus, several measures are being taken in the Netherlands. Where possible, physical contact between patients and health care providers is being avoided. Digital applications for remote care, such as e-consultations, image calling and telemonitoring, can provide a solution.
Authors: Tamilla Abdul-Aliyeva & Patrick White
Many healthcare providers are already making extensive use of such digital applications, also known as e-health. The Netherlands Healthcare Authority (NZa), which as market master supervises the rates and services that healthcare providers may charge health insurers, recognizes the need to increase the use of e-health applications in the current corona crisis. Thus, for medical specialty care, the NZa is going to temporarily further expand its regulations for face-to-face consultations. This will also allow an initial digital or telephone consultation to be declared to the health insurer.
In addition, the Ministry of Health, Welfare and Sport has created a special emergency regulation for healthcare providers who want to invest extra on digital applications for remote care (the so-called e-health Incentive Regulation).
It is evident that e-health providers with their services can offer a solution to the situation that has arisen as a result of the pandemic. It is important for legal experts to provide maximum support for the rollout of these types of services. Below we outline the main legal aspects that e-health providers and healthcare providers should take into account.
For healthcare providers who offer their services online, the e-commerce regime applies. Particularly relevant is Article 3:15d of the Dutch Civil Code, in which the general information obligation for providers of information society services (i.e. online services involving an economic activity, such as e-health) is enshrined.
Pursuant to Article 3:15d of the Dutch Civil Code, those who offer services via the Internet must inform customers about a number of matters. In the case of e-health, this concerns the following information:
Name, mailing address, e-mail address and visiting address of the health care provider;
In the case of BIG-registered healthcare providers: BIG title and BIG registration number and how these data can be verified;
The professional title and professional association to which the health care provider is affiliated;
Reference to relevant professional rules applicable in the Netherlands and how to access them;
Information that allows for quick contact and direct communication with him, for example, a phone number where he can be reached in case of emergency.
Even when care is provided through or using e-health applications, a medical treatment agreement is established. Among other things, the obligation to provide information pursuant to the Medical Treatment Agreement Act (Wgbo) therefore applies in full to the use of e-health. For example, the Wgbo requires the healthcare provider to clearly inform the patient in writing, upon request, about the proposed examination, treatment and developments regarding the examination, treatment and health status of the patient. If e-health applications are used in the process, he must inform the patient in the same way.
Healthcare providers should be aware that e-health applications, on their own or together with another product, may qualify as medical devices and thus fall under the operation of the Medical Devices Act (Wmh). In addition, some medical apps qualify as a medical device. In addition to the obligation on manufacturers and suppliers of medical devices to comply with the Wmh, healthcare providers are also subject to a number of obligations when using medical devices. For example, the Healthcare and Youth Inspectorate (IGJ) requires healthcare providers to have a procedure in place for creating a file prior to acquiring a medical device.
Healthcare providers offering e-health have an obligation to ensure that the use of e-health leads to good and safe care. The Act on Quality Complaints and Disputes in Healthcare (Wkkgz) is particularly relevant in this regard. Among other things, the Wkkgz obliges healthcare providers to make a proper assessment of the risks involved in working with e-health. In addition, healthcare providers must document tasks, powers, responsibilities and competence requirements for those involved in digital healthcare provision. Finally, the IGJ requires care providers to adhere to the quality requirements in NEN 8028.
Through e-health applications, healthcare providers process patients' personal data. They must comply with the General Data Protection Regulation (AVG) when processing. Among other things, the AVG requires healthcare providers to properly inform patients about what happens to their personal data. In addition, based on the principle of data minimization, healthcare providers must not process more patient data than necessary. Another important obligation is that healthcare providers must properly secure patient data. According to the Autoriteit Persoonsgegevens (AP), an appropriate security policy for patient data includes authentication, authorization, logging and access control, and employee awareness of information security. Finally, with regard to data exchange between different healthcare providers, this is only allowed when the patient is informed about it and gives his or her consent.
In short, e-health can make a good contribution to solving current bottlenecks in healthcare. If supplier and healthcare provider observe a few key points, the rollout can also take place in the short term.
More articles by Kennedy Van der Laan
This article can also be found in the files Coronavirus and Privacy in Healthcare
