WRITER Jack Connor

Virtual care has become a cornerstone of modern healthcare, offering convenience and accessibility for both patients and practitioners. In eye health, virtual care is particularly valuable for managing chronic conditions like glaucoma, where regular monitoring and timely intervention are critical. Virtual care delivery methods, like telehealth (which includes telephone and video conferencing), enable this care to be provided beyond the clinic walls and, at times, without eye contact.

Virtual care isn’t, however, without legal risk. Remote consultations are subject to the same standards of care as in-person consultations and failing to meet these standards has the potential to lead to compromised patient safety, regulatory breaches, and potential liability.

In this article, Jack Connor from Burke Lawyers explores legal considerations for Australian eye care practitioners adopting virtual care methods like telehealth, as well as practical steps to support compliance.

Under the National Law, all eye care professionals in Australia are regulated by the Australian Health Practitioners Regulation Agency (Ahpra) and its respective National Boards, which includes the applicable codes, guidelines and policies published by these bodies.

For medical practitioners, the Medical Board of Australia requires the standard of care provided in remote consultations to be safe and adhere, as closely as possible, to the same standards of care provided face-to-face.1

Ahpra recently reinforced this for all registered healthcare providers in its updated telehealth guidance, stating that “the same professional obligations apply whether consultations are in-person or by telehealth”.2 Ahpra’s telehealth guidance also highlights that patient safety and practitioner accountability are paramount and “the individual practitioner, not their employer or business, is responsible for the healthcare provided via telehealth”.3

These principles, which apply to all registered eye care professionals (including optometry, ophthalmology, and orthoptics), are a reminder that telehealth is an extension of clinical practice, not a lesser form of care or a substitute for in-person consultations, and that practitioners are expected to ensure that virtual care consultations meet the same standards of quality and care as those conducted in-person.

CLINICAL (AND PRACTICAL) APPROPRIATENESS

Telehealth isn’t appropriate for every patient or situation given that it changes the clinical environment and the examination options available to the practitioner. Ahpra advises practitioners to only use telehealth if:

• they are appropriately skilled and competent; and

• it is safe and clinically appropriate for the health service being provided; and

• it is suitable for the patient.3

In eye care, this means using your professional judgement to balance the risks and benefits to decide when, how, and with which patients to utilise telehealth. Ask yourself: “Can I adequately assess and treat this patient via telehealth?”. In many cases, telehealth is well suited for follow-ups, minor ailments, preliminary triage, or ongoing management of stable chronic conditions; however, when a patient’s condition is serious or ambiguous, or if physical examination results like eye pressure or retinal imaging are indispensable, an in-person review is a safer choice.

When considering telehealth, practitioners should be mindful of external requirements, including Medicare Benefit Schedule (MBS) rebate requirements that may prevent patients from qualifying for rebates on certain MBS items if they haven’t attended a face-to-face consultation within prescribed timeframes.

It is important to realise that the National Boards do not support or consider it good practice to prescribe medicines or assistive technologies (including glasses) to a patient whom the practitioner has never consulted in real-time (either in-person visit or by telehealth) where prescriptions are requested via text, email, online chat or questionnaire without formal consultation.4

Additionally, differing prescribing laws may apply to patients located in other states or territories.

Ahpra recommends regularly assessing (and re-assessing) whether telehealth is “safe and clinically appropriate for the patient or whether good care can only be provided by the patient and practitioner being in each other’s physical presence”.3 If complications arise from a telehealth case where in-person care was clinically appropriate or necessary, this could constitute a breach of professional standards of care. For both patient and practitioner safety, practitioners should document clinical reasoning about why telehealth was appropriate for each consultation or prescription. When in doubt, err on the side of caution and meet with the patient face-to-face.

INFORMED CONSENT AND PATIENT COMMUNICATION

Obtaining informed consent and communicating effectively remain equally, if not more, important in virtual care. In virtual care, Ahpra considers informed consent to be “a person’s voluntary decision about healthcare made with knowledge and understanding of the benefits and risks involved”.5 In everyday practice, this means:

Clarifying the scope and limits. Explain what a telehealth session will and won’t cover, how any exclusions might affect the evaluation, and whether the session will be recorded or transcribed by an artificial intelligence (AI) scribe. Informed consent to the virtual care methods should always be obtained and documented.

Technological preparation. Notify patients of any required technology, apps, or devices, and the potential costs ahead of time. Ensure you can see and hear each other throughout the consultation. If technological limitations interfere with care, seek alternatives (e.g., different platforms or an in-person appointment).

Communicate effectively. Share information in a way that the individual patient understands. The use of clear and simple language is important given that non-verbal communication and visual cues are less effective over telephone or video. Support culturally safe care practices by considering appropriate language or cultural safety requirements (e.g., interpreter or support person) before the consultation.

Protect privacy. Safeguard patient privacy and confidentiality by asking patients to access telehealth services from a private and secure setting, and not in a location where others might overhear.

Outline follow up. At the end of consultations, clearly explain any follow up or next steps, ensuring patients know about booking an in-person appointment or tests.

PRIVACY AND CYBERSECURITY

Virtual care consultations come with added cybersecurity risks and privacy responsibilities. Health information transmitted by telehealth remains subject to the Privacy Act 1988 (Cth) and other applicable state and territory health records legislation. Mishandling patient information risks complaints and/or penalties.

Practitioners should carefully select and thoroughly understand chosen virtual care technologies, including how they capture, transmit, and store patient communications and clinical data. Telehealth technologies must meet clinical requirements and patient needs, as well as comply with privacy legislation and other requirements (e.g., MBS telehealth prerequisites).

Practices should consider whether chosen telehealth technologies store patient information in servers in Australia or overseas. Cross-border storage may trigger additional privacy risks as foreign data storers may not comply with Australian privacy laws. Privacy policies and patient onboarding forms should accurately reflect the practice’s digital infrastructures.

Clinical records from telehealth consultations should be maintained just as thoroughly as in-person consultations and include additional information, such as the platform used and any technical issues or limitations that occurred. Ensure consent is obtained before recording any session.

PRACTICAL STEPS FOR COMPLIANCE AND RISK MANAGEMENT

Following are some additional practical measures to help strengthen compliance and reduce legal risk associated with virtual care:

Develop a telehealth protocol. Have a checklist for before, during, and after each telehealth appointment. Include steps like a clinical appropriateness assessment, technical preparation, privacy checks, patient identity verification, obtaining informed consent, and follow-up actions.

Optimise your setup. Use a high-quality webcam/microphone and stable internet connection. Conduct calls from a secure location where others can’t overhear. Ensure you and the patient can clearly hear and/or see each other. Be prepared to reschedule or switch to another platform if technical issues persist.

Be wary of remote-only practice. Telehealth-only services that offer quick prescriptions based solely on online questionnaires are a red flag to Ahpra. Remember Ahpra’s position that prescribing without ever having a real-time consultation is not good practice. Your professional duty of care overrides any business model that encourages inappropriate prescribing.

Review insurance coverage. Check that professional indemnity insurances cover telehealth services and any geographical limits (if providing telehealth to interstate or overseas patients). Ensure virtual consults with travelling patients won’t inadvertently void cover.

Technology has revolutionised access to eye care across Australia. Embracing virtual care comes with tremendous opportunities – and significant responsibilities. Eye care professionals must approach telehealth with their eyes wide open to the legal essentials: obtain informed consent, communicate effectively, protect privacy, and document diligently. Compliance ultimately boils down to upholding existing standards of care and safety, regardless of the delivery method – and even if without eye contact.

This article does not constitute legal advice and is intended to provide general information only. Readers must seek independent legal advice in relation to their own specific circumstances.

No action should be taken, nor reliance placed, on the contents of this article whatsoever as an alternative to obtaining independent legal advice. The author, Burke Lawyers, and mivision accept no responsibility or liability for any loss or damage that may arise from reliance on this article.

Jack Connor is a lawyer in the Commercial, Business, and Private Client Services Division at Burke Lawyers, a law firm based in Melbourne, Victoria servicing clients across Australia and overseas. He works closely with medical and healthcare businesses and professionals, helping them to achieve their business goals while effectively managing risk. Mr Connor’s core practice areas are contract law, commercial and business advisory, corporate governance, data and privacy, employment law, dispute resolution, business succession planning, and asset protection. Email: jconnor@burkelawyers.com.au.

References available at mivision.com.au.a