Ensure confidentiality, privacy and informed consent
(excerpted from article posted on American Psychological Association website, September 2013)
The potential risks of treatment are more complicated with telepsychology than in a traditional practice. With in-person visits, providers can be more confident of a secure environment. "But when you move into cell phones, land lines, video conferencing and Internet, these media all allow for eavesdroppers," says Palomares. One way to mitigate these risks is to have detailed discussions with your clients at the outset of teletherapy so that clients understand the potential risks to privacy. For example, if a client is having the telepsychology session from home, family members may be able to overhear the therapy, posing a confidentiality risk. Similar breaches can occur if a client is in a public place — at work, in a coffee shop or even a park. Make sure the client clearly understands these risks, then have him or her sign an informed consent form, says Palomares. But informed consent isn't always enough, adds Deborah Baker, JD, director for legal and regulatory policy in APA's Practice Directorate. Skype and some other technologies do not seem to comply with the requirements under the Health Insurance Portability and Accountability Act (HIPAA), which is overseen by the U.S. Department of Health and Human Services' Office for Civil Rights. And yet health-care providers are still responsible for protecting their patients' and clients' personal health information — and liable should a breach of confidentiality occur. "Anything that's electronically created through a telehealth encounter is subject to HIPAA," says Baker. She recommends that psychologists who want to practice telepsychology think twice about using Skype or other free Web-based platforms. Instead, psychologists ought to consider investing in audio-video conferencing programs designed with HIPAA compliance in mind, she says.
To read the article in its entirety from the APA website: