LIABILITY WITHOUT BORDERS: TELEMEDICINE MALPRACTICE IN CROSS-BORDER CARE

INTRODUCTION

“Imagine a patient in Chennai consulting a UK-registered specialist over video. Working from an incomplete history and no physical examination, the specialist misses a cardiac warning sign, and the patient suffers a serious event a week later. Which court hears the claim, what law applies, and does the specialist’s British licence extend to advice given to a patient in India?”

They are not edge cases, but common exposures in telemedicine across borders; they are delivered through video, audio, messaging, and remote monitoring across borders. The behaviour of telemedicine has increased faster during the COVID-19 pandemic and has continued to rise up to now, whereas liability regulations have been more sluggish.

This blog explores the interaction of medical malpractice, jurisdictional jurisdiction, licensing requirements, and data protection responsibilities when medical care services are provided on an international basis, especially focusing on the emergent guidelines in India.

MALPRACTICE IN TELEMEDICINE

Regardless of the face-to-face or virtual care, a claimant still has to demonstrate the presence of a duty of care, violation of the standard applied, causation, and actual harm. These can be applied in teleconsultations in their form.

It is agreed between courts and legal commentators that there is no special standard of care that applies in telemedicine, but that establishing such a standard is required, given the requirements of remote delivery. The lack of a lesser duty is not simply because care was shown by a screen. A miss of a diagnosis by a practitioner during a video call has the same exposure as that of a practitioner who misses the diagnosis in a clinic.

Two types of risks prevail in telemedicine claims. The former is misdiagnosis/late diagnosis, where a physical examination has not been required, not done or ordered, but distant examination may be substituted with major findings that cannot be done without a direct examination.

The second is the inability to escalate. Not every presentation is appropriate to telemedicine, and doctors who may still choose to proceed with virtual treatment instead of just directing a patient to an urgent examination and care might encounter difficulties with the androids, especially when it is timely.

CROSSING BORDERS OF CARE

Medicine is locally licensed. In India, the relevant State Medical Council or, from the National Medical Commission Act 2019, NMC[1] must be registered with a practitioner. Licensure in the US is state-based. The European Union has set up qualifications recognition in the European Union by the Directive 2005/36/EC,[2] which is under mutual recognition arrangements. Licensure in the United States is state-specific, and Multi-state practice is advocated in part by the Interstate Medical Licensure Compact (IMLC) that facilitates the simplification of licensure across participating states.[3] The broad principle that also governs all these systems is the same, which is that a practitioner must possess a valid licence in the jurisdiction in which the patient lives.

Three questions should be answered when sitting in different jurisdictions, such that before the malpractice claim can even be formulated, the practitioner and the patient must be sitting in different jurisdictions.[4]

Licensing Compliance: Will the practitioner be authorised to practise in the jurisdiction of the patient? This often depends upon litigating the location of practice that the jurisdiction specifies, be it where the practitioner sits, where the patient sits, or both. There are those systems which believe that advice handed over to a jurisdiction is practice in the jurisdiction; there are those which do not.

Adjudicatory Jurisdiction: In which court should the claim be heard? In India, this could be State Consumer Disputes Redressal Commissions under the Consumer Protection Act 2019[5], civil courts, or High Court writ jurisdiction. In the case of a foreign practitioner, service of process, enforcement of judgments, and evidence access all become greatly more complex.

Choice of Law: What is the substantive standard of law? Different liability results could be achieved by the law of the domicile of the patient, the place of registration of the practitioner, or the jurisdiction under which the platform was incorporated. There is currently no uniform international system that addresses this query.

The Telemedicine Practice Guidelines 2020 (TPG 2020)[6] made teleconsultations in India officially recognised, yet left the issue of cross-state and cross-border licensing mostly unsolved. When a practitioner registered in one Indian state touches a patient in another state, then they are practising in a regulatory void, which has so far not been closed by proposals to establish a National Telemedicine Registry.

PLATFORM LIABILITY, DATA PROTECTION, AND CYBERSECURITY

The majority of telemedicine encounters are not working with proprietary technology by a practitioner. They rely on third-party solutions, cloud platforms, and middle-proxies, all of which present a unique body of legal risk. The level of involvement also hinges on whether a particular platform will receive intermediary protection or provider-level liability under the Information Technology Act 2000[7], where a service that simply connects users would have a different status in law than one that vets practitioners, performs AI-assisted triage, or a service that edits clinical material. Platform design contributes to patient harm in the product liability, professional negligence, or both exposures.

Information security is another dimension. Teleconsultations produce sensitive health information that regularly crosses borders, facilitating third-party servers. In the EU, the General Data Protection Regulation classifies health data as a special category requiring heightened protection, with strict conditions on cross-border transfers.[8] In the United States, telehealth providers handling protected health information are subject to HIPAA privacy and security rules and related telehealth guidance; moreover, the HITECH Act strengthened enforcement and breach notification obligations for electronic health information.[9] In India, the Digital Personal Data Protection Act 2023[10] establishes a general framework for personal data, though sector-specific health data governance rules applicable to telemedicine platforms are still pending. The absence of that specificity is a material gap.

Practitioners cannot rely on standard indemnity policies to absorb these exposures. Most professional indemnity products exclude cross-border or virtual practice without specific endorsements, and underwriters are examining geographic scope and technology workflows with growing scrutiny. Effective risk management requires, at a minimum, a pre-consultation verification of licensing in the patient’s jurisdiction; telemedicine-specific informed consent addressing the limits of remote assessment; contemporaneous documentation of clinical restrictions; and clear escalation protocols.

India’s Telemedicine Practice Guidelines 2020[11], issued under the authority of the National Medical Commission, brought teleconsultations within the professional ethics framework and set documentation and prescription standards. They do not, however, resolve cross-state or cross-border licensing gaps, and the proposed National Telemedicine Registry remains non-operational.

CONCLUSION

Telemedicine does not somehow dilute the legal liability of any given practitioner, but it simply places them in a much more disorderly field, where a single consultation can collide with the legal frameworks of several disparate licensing regimes, conflicting data protection regulations, and liability systems that were never designed to interface with one another. Patients on the other end of that Chennai to London video call are literally vulnerable until licensing, conflict of laws, health data governance, and accountability of the platform are designed thinking cross border practice in mind. That gap does not represent a short-term lapse that can just await the maturation of technology. It is a decision, and the longer it remains unaltered, the more evident it is its being a conscious one.

Author(s) Name: Balla Rajanish (Indian Institute of Management, Rohtak)

References:

[1] National Medical Commission Act, 2019

[2] Directive 2005/36/EC of the European Parliament and of the Council of 7 September 2005 on the recognition of professional qualifications OJ L255/22

[3] Interstate Medical Licensure Compact (IMLC)

[4] Directive 2011/24/EU of the European Parliament and of the Council of 9 March 2011 on the application of patients’ rights in cross-border healthcare OJ L88/45

[5] Consumer Protection Act 2019

[6] Ministry of Health and Family Welfare, Government of India, Telemedicine Practice Guidelines: Enabling Registered Medical Practitioners to Provide Healthcare Using Telemedicine (25 March 2020)

[7] Information Technology Act 2000

[8] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) OJ L119/1

[9] Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, Pub L No 111–5 (US)

[10] Digital Personal Data Protection Act 2023

[11] Ministry of Health and Family Welfare, Government of India, ‘Telemedicine Practice Guidelines: Enabling Registered Medical Practitioners to Provide Healthcare Using Telemedicine’ (25 March 2020)

Sign Up to Our Newsletter

Be the first to know the latest updates

Whoops, you're not connected to Mailchimp. You need to enter a valid Mailchimp API key.