Serious psychiatric illnesses and critical incidents require close and direct treatment or in-person intervention rather than relying on teletherapy or online therapy. Complex situations require treatment that is accessible directly and often immediately.
On the other hand, there are benefits to using teletherapy and/or online therapy modalities. The first obvious benefit is that it takes the waiting room and office risk out of play for virus transmission. However, that creates a new and different kind of transmission risk when information becomes more accessible and travels through third-party channels which increases the risks of records and information breach.
Teletherapy and online therapy are effective alternatives to in-person client care. Also, clients may have physical problems that pose challenges, and for that matter, practitioners as well. Travel costs are reduced, and session scheduling is more efficient. Online sessions and certain telephonic applications such as ZOOM can include visual tools and communication. However, in-person therapy sessions provide the best opportunity to read body language, signals, and to interpret more client sensory cues.
On the cautionary side, three issues are top of mind: state licensing laws, exclusions in your liability policy, and HIPAA information breach.
During the current COVID-19 pandemic, some states have loosened their licensing requirements. Some may still require you to hold a license in their state before you can practice in that state. Providing teletherapy or online therapy across state lines becomes an interstate practice venue challenge. Before using online and teletherapy with your clients, read and understand each state’s laws, which may have been recently modified due to the pandemic. All state regulatory boards have these regulations on their websites.
Many insurance carriers have exclusions written in their liability insurance policy contracts. A frequent exclusion is for electronically distributed information. Another exclusion is for third-party information breach for which HIPAA holds you accountable. Some insurance carriers charge a $500 or $1,500 deductible before you can claim any benefits when a cyber liability incident occurs.
If or when you decide to deliver professional services through teletherapy or online channels, make sure that you take security precautions. For example, do not talk in a public place over the phone or online with your client. If people hear or see client-related material it is a HIPAA breach. If your laptop, mobile phone, or other device is stolen, the information stored on those devices is breached, and you are liable for the information breach. Third-party companies provide access to email, social media channels, digital storage warehouses, and the cloud. If any of these third parties’ systems are breached, you are responsible under HIPAA 45 CFR Part 160 HIPAA HITECH Law.
The NASW Risk Retention Group’s professional liability policy covers information electronic breach such as misdirected faxes or client information that is burglarized or otherwise, and breached office files at no extra charge, and has zero deductibles. There are no deductibles in any of the NASW RRG’s suite of liability insurance policies. The NASW RRG offers a comprehensive extremely economical yet high-value suite of cyber liability products that cover third-party breaches such as an email or social media provider or digital or paper storage company breaching your client information. These products cover the key liability perils listed under HIPAA HITECH, have an array of limits to choose from, sell at very low premium rates, and are unmatched by any competitor.