Most online practitioners will operate from a website, but the legalities of website ownership, development and maintenance are not commonly understood. For that reason, our TMH Institute’s Telehealth Summit includes a full hour of discussion with Mike Young, Esq., who is an internet law specialist. His review of website legal issues are briefly summarized below, elaborated in this blog post and found in full detail in our Summit training audios and transcripts.
If you are going to be working online, it’s important to familiarize yourself with the business and legal issues unique to the internet. Owning your domain name and website as a corporation, a limited liability company or a professional liability company affords a much higher level of protection if you are subject to a lawsuit. Plaintiffs cannot go after personal assets, such as your home, in the event that you are sued. You may need to become informed of liabilities for professional practice in your state, however. Having a legal entity for your website may not protect you from liability as a professional for the direct services you render. Check with your state business website
When establishing your website, it is recommended that you register your domain name in your business name rather than in your personal name. It is also wise to register your domain name with a company other than the one who hosts you’re your website. By working with two different companies, you will still be able to access either your domain name or your web site content instead of potentially losing both at the same time if any kind of dispute, business problem or copyright infringement issue was to arise.
If you plan to use your website to communicate with people online by sending out mass emails, it is important to understand legal issues pertaining to auto-responders and SPAM. There are explicit laws to protect consumers from SPAM, which is unsolicited commercial email. Auto-responder services provide a convenient way to comply with anti-SPAM laws by allowing subscribers to opt in to receiving your emails and easily unsubscribe should they wish to do so. If you wish to sell online or send out regular newsletters, you should consider engaging a company providing Customer Relations Management Software to send your email. These companies offer many safety features that bring a high level of legal protection for practitioners wanting to send out mass emails.
There are several key considerations to bear in mind to protect the content of your website. First, make sure you actually own your content. Prior to posting anything online, you can run it through a service like www.CopyScape.com to check for unintended plagiarism. Copyright and plagiarism laws apply to all material on your website including photos, images, cartoons and buttons. If you write the content yourself, you can protect it by registering a copyright with www.copyright.gov. Using a reputable stock photography service is a practical way to get inexpensive licensed content for your use. Copyright infringement, even if unintended, can result in high fines and court costs, so it’s both ethical and prudent to take preventive measures.
FTC, HIPPA & HITECH
The Federal Trade Commission (FTC) requires that any claims made on your website must be backed up by at least two independent research studies. Testimonials in mental health practice are unethical and should not be used on your website. HIPAA guidelines apply to website interactions with patients. Most states have online privacy laws regarding websites as well. Your state professional association is generally your best resource for information regarding the state laws that are applicable to your website. HIPAA and the HITECH act apply to email and any entities, such as billing agencies or credit card companies that have access to personally identifiable patient or client data. They also apply to teleconferencing platforms and email services. For a service to be HIPAA compatible, it must follow three rules, the transaction rule, the privacy rule and the security rule. While free services like SKYPE seem convenient, they do not guarantee compliance with HIPAA and HITECH mandates. It is always best to work with a company that is willing to sign a business contract (Business Associate Agreement or “BAA”), stating they are aware of and abide by their responsibilities under HIPAA and the HITECH act.
Website Legal Documents
There are several legal documents that should always be included on your website. Here is an abbreviated list as discussed in the Telehealth Summit:
- You should include a disclaimer advising that the act of visiting your website doesn’t make someone a client or patient and that your website content does not constitute medical advice.
- You should also post website privacy, anti-SPAM and external links policies and a Digital Millennium Copyright Act (DMCA) notice.
- A clear and generous refund policy can also be useful for preventing disgruntled consumers who might retaliate with lawsuits or damage to your online reputation.
- If you are selling or promoting anything on your website or via email that is created by a third party, you should also consider providing a compensation disclosure policy if you have a material connection with that party.