Update: 16-04-2020
The COVID-19 coronavirus outbreak has led to strain on healthcare systems worldwide. Hospitals have their hands full with coronavirus patients, and care for regular patients has been somewhat neglected as a result. In order to reduce the burden on healthcare providers and to prevent the further spread of the virus, a variety of measures are being taken in the Netherlands. Where possible, physical contact between patients and healthcare professionals is being avoided. Digital applications for remote care, such as e-consultations, video calling and telemonitoring may offer solutions.
Such ‘e-health’ digital applications are already widely used by many healthcare providers. The Dutch Healthcare Authority (NZa) which, as market supervisor, regulates the rates, goods and services which healthcare providers may invoice to healthcare insurers, acknowledges the necessity of making increased use of e-health applications in the current coronavirus crisis. For example, where medical specialist healthcare is concerned, the NZa intends to further relax its rules around face-to-face consultations. Consequently, the initial digital or telephone consultation may now also be claimed from the healthcare insurer.
In addition, the Dutch Ministry of Health, Welfare and Sport has created a special emergency measure for healthcare providers wishing to invest further in digital applications for remote care (the so-called e-health incentive scheme).
It is clear that the services of e-health providers may offer solutions in the situation that has arisen due to the coronavirus pandemic. It is important that lawyers support the rolling out of these kinds of services to the utmost. Below, we provide an outline of the most important legal aspects which e-health providers and healthcare providers need to take into account.
Duty of disclosure in case of remote service
For healthcare professionals offering their services online, the regime for e-commerce applies. Section 15d of Book 3 of the Dutch Civil Code, in which the general duty of disclosure on the part of service providers in the information society (i.e. online services involving economic activity, such as e-health) is laid down, is particularly relevant.
Under Section 15d of Book 3 of the Dutch Civil Code, those providing services via the internet must inform purchasers of certain things. In the case of e-health, this includes the following information:
- Surname, postal address, email address and the visitor address of the healthcare professional;
- For BIG registered healthcare professionals: BIG title and registration number and the manner in which these details may be verified (BIG is a Dutch governmental register of individual healthcare professionals);
- The healthcare professional's professional title and the professional association to which he/she is affiliated;
- Reference to relevant rules of professional practice which apply in the Netherlands and the means of access thereto:
- Details which make quick contact and direct communication with him/her possible, for example a telephone number at which he/she can be reached in emergency situations.
A medical treatment contract is also entered into when healthcare is provided through or using e-health applications. The duty of disclosure under the Medical Treatment Contracts Act (Wgbo) is therefore among the laws which apply in full where e-health is used. Under Wgbo, the healthcare professional is required to inform the patient clearly and, if requested, in writing of (among other things) the proposed examination, the proposed treatment and any developments concerning the patient's examination, treatment and health. If e-health applications are used in this process, he/she must inform the patient thereof in the same way.
Software as a medical device
Healthcare providers must be aware that e-health applications - either of themselves or together with other products - may qualify as medical devices, and that they subsequently may fall under the scope of the Medical Devices Act (Wmh). In addition, some medical apps qualify as a medical device. Aside from the obligation resting with manufacturers and suppliers of medical devices to comply with Wmh, a number of obligations also apply to healthcare providers when they make use of medical devices. As a result, the Inspectorate for Health and Youth Care (IGJ) requires that healthcare providers have their own procedures for compiling files prior to their acquisition of any medical devices.
Safe use of e-health
Healthcare providers who offer e-health are obliged to ensure that the application of that e-health leads to good quality, safe healthcare. The Healthcare Quality, Complaints and Disputes Act (Wkkgz) is of particular relevance here. Among other things, Wkkgz obliges healthcare providers to make a reasonable assessment of the risks accompanying working with e-health. In addition, healthcare providers must set out in writing the duties, authorisations, responsibilities and standards of competence of those involved in the provision of digital healthcare. Lastly, the IGJ requires that healthcare providers remain in compliance with NEN 8028 quality standards.
Processing of personal data
Healthcare providers process patients’ personal data by means of e-health applications. In doing so, they must comply with the General Data Protection Regulation (GDPR). The provisions of the GDPR include the obligation on healthcare providers to inform patients properly of what happens with their personal data. In addition, under the principle of data minimisation, healthcare providers may not process more patient data than are strictly necessary. Another important obligation is that healthcare providers must secure patient data properly. According to the Dutch Data Protection Authority (AP), an appropriate patient data security policy should include authentication, authorisation, logging and verification of access and the creation of awareness among employees in respect of information security. Lastly, where data exchange between various healthcare providers is concerned, this is only permitted when the patient is informed of such exchange and grants his/her permission for it.
Put briefly, e-health can contribute significantly to resolving current bottlenecks in the healthcare sector. If provider and healthcare provider pay due attention to a number of important points, its roll-out can take place sooner rather than later.
If you have any further questions, please do not hesitate to contact Patrick Wit.