Regulation of Medicine


Guidelines for Telemedicine Policies and Procedures

By: Marshaleen King, MD


The American Telemedicine Association defines telemedicine as “the use of medical information exchanged from one site to another via electronic communications to improve a patient’s clinical health status”.

Telemedicine technologies include the use of scientific machinery and equipment to enable secure electronic communication and information exchange between a healthcare provider in one location and a patient in another location, with or without an intervening healthcare provider. Telemedicine does not consist of audio-only communication, but typically includes use of video technology which allows the healthcare provider to replicate interactions that occur in traditional, in-person, physician-patient encounters. Modes of communication used by healthcare providers to interact with patients should comply with HIPAA regulations and allow for verification of the individuals transmitting and receiving information.

Although telemedicine has the potential to improve several aspects of medical care, such as facilitating physician-patient communication and monitoring treatment of chronic conditions, telemedicine poses unique challenges in ensuring patient-safety and privacy of health information. It is therefore prudent for telemedicine providers to implement measures that safeguard the integrity of the care they provide to patients. Healthcare providers should ensure that their recommendations and treatment plans are feasible based on the resources available to patients. It is also important that telemedicine providers get feedback from their patients regarding what they expect during telemedicine encounters and the aspects of telemedicine in which they wish to participate.

Telemedicine policies and procedures should address the following: licensure; establishment of the physician-patient relationship; evaluation and treatment; informed consent; continuity of care; referrals for emergency services; medical records; privacy and security of the patient records and exchange of information; disclosures and functionality of online services; and prescribing.

The Federation of State Medical Boards (FSMB) has published guidelines for the practice of telemedicine in order to ensure that telemedicine meets standards consistent with the current practice of traditional medicine. Below you will find general guidelines adopted from the FSMB’s “Model Policy” and the American Telemedicine Association.


The patient’s state of residency must be established prior to treatment. Most state medical boards require the physician to be licensed in the state where the patient resides or is located. This rule may vary for each state, ensure you know the law for your state, as well as the state where your patient resides.

Establishing the relationship

It is sometimes difficult to establish the exact point when a physician-patient relationship begins. The FSMB states that the physician-patient relationship is “clearly established” once the physician agrees to diagnose and treat the patient, and the patient agrees to be treated, whether or not an in person encounter has occurred between the physician (or any other appropriately supervised health care practitioner) and patient.

In order to provide medical advice and/or practice telemedicine the FSMB recommends that physicians take the following steps:

1.     Verify the location and identity of the patient to the best extent possible.

2.     Provide and validate your own credentials to the patient, i.e. medical license or other clinical qualifications.

3.     Disclose communication and treatment methods to patients and obtain consent where appropriate.

Ensure you know all applicable state laws since some states require a pre-existing relationship or an in-person physical exam, in addition to an exam conducted via telemedicine.

Evaluation and treatment

The standard of care for practicing telemedicine is the same as that of traditional medicine. Ensure that your evaluation, consultation and prescribed treatment are all thoroughly documented in the patient’s medical record or electronic health record (EHR). If, for any reason, you as a physician believe the evaluation, diagnosis or treatment will be too complicated for telemedicine, you must request an in-person appointment before any medical advice is given.

Informed consent

State requirements for obtaining informed consent to practice telemedicine vary. Several states require patient informed consent before telemedicine encounters however, a number of states do not require informed consent. Some states only require informed consent for specific forms of electronic communication (such as e-mails or text messages). The FSMB recommends that physicians obtain informed consent for using telemedicine technologies (e.g. video-conferencing or text-messaging).

If patient informed consent for telemedicine is required by the state where you practice or the state where your patient resides, you should consult your state policy to ensure that you fulfill your state’s requirements when obtaining and documenting informed consent.

Continuity of care

Follow-up care should be readily available to the patient, either from the physician conducting telemedicine or a provider designated by the physician. If the patient-physician encounters are done exclusively using telemedicine, then all documentation must be accessible to the patient. Patients may also request that the information be provided to their other healthcare providers.

Referrals for emergency services

Physicians practicing telemedicine should establish an emergency plan that can be implemented when the information obtained (via telemedicine) indicates that the patient requires referral to an acute care facility. The physician must provide the patient with this emergency plan and the plan should include a formal, written protocol that is appropriate to the services being rendered via telemedicine.

Medical records

The medical record for telemedicine should be consistent with standards required for documentation in traditional medicine. Medical records for telemedicine should include copies of all patient-related electronic communications, laboratory tests and results, evaluations and consultations, prescriptions, records of past care and any instructions produced in connection with telemedicine. In states where informed consent is required to use telemedicine technologies, the FSMB recommends that a copy of the informed consent should be placed in the chart.

Privacy and security of the patient records and exchange of information

All applicable federal and state legal requirements for the privacy and security of medical records and health information should be met or exceeded. This includes compliance with HIPAA, HITECH, and state privacy, security, confidentiality and medical record retention rules and laws. All data transmitted by healthcare providers electronically (audio, video, written etc.) should be sent via use of encryption that meets current standards.

Devices used to transmit protected health information should have up-to-date security software to guard against cyber-attacks. Healthcare professionals should have a backup plan in place regarding how to communicate with patients if a technology failure occurs and patients should be aware of the plan.  

Disclosures and functionality in online services

All services offered online, via telemedicine, should be clearly disclosed to the patient.


When prescribing via telemedicine, precautions should be taken to ensure patient safety in the absence of a traditional physical examination. Measures taken should guarantee patient safety through informed, accurate and error-prevention practices. Medications prescribed using telemedicine technologies should only include medications considered safe by the physician’s state board.  In addition, any medications prescribed must be done at the professional discretion of the physician. Healthcare providers who engage in telemedicine should have knowledge of the availability medications in the patient’s geographic location and the other providers caring for the patient. Caution should be exercised in prescribing medications that require close monitoring or that could lead to acute changes in a patient’s condition, particularly if the patient is not in close proximity to a health facility or healthcare provider.  


The practice of telemedicine should be consistent with current standards that exist for traditional medicine. Telemedicine is intended to improve the accessibility and delivery of healthcare but, based on inherent limitations, is not expected to completely replace traditional medicine.  

Healthcare providers who engage in telemedicine should be guided by the following core principles:

  • Practices implemented should ensure patient-safety
  • Communication methods utilized should be secure and effective
  • Treatment options recommended should be appropriate and practical
  • Mechanisms that allow for patient feedback should be in place
  • Strategies should be taken to ensure patient satisfaction

Published March 31, 2015, First Revision March 8, 2016, Second Revision October 3, 2016


Federation of State Medical Boards’ Model Policy for the Appropriate Use of Telemedicine Technologies in the Practice of Medicine.

American Telemedicine Association. What is Telemedicine.

American Telemedicine Association. Core Operational Guidelines for Telehealth Services Involving Provider-Patient Interactions.


American Telemedicine Association. State Telemedicine Gaps Analysis. Physician Practice Standards & Licensure. May 2015.

Center for Connected Heath Policy. The National Telehealth Resource Center. State Telehealth Laws and Reimbursement Policies. October 2021.

Telehealth Resource Centers.


Want to learn more?

Interested in how MagMutual can help?

View our products


The information provided in this resource does not constitute legal, medical or any other professional advice, nor does it establish a standard of care. This resource has been created as an aid to you in your practice. The ultimate decision on how to use the information provided rests solely with you, the PolicyOwner.