key: cord-0774437-8doaz9aw
authors: Kaplan, Bonnie
title: REVISITING HEALTH INFORMATION TECHNOLOGY ETHICAL, LEGAL, and SOCIAL ISSUES and EVALUATION: TELEHEALTH/TELEMEDICINE and COVID-19
date: 2020-07-31
journal: Int J Med Inform
DOI: 10.1016/j.ijmedinf.2020.104239
sha: 8d6d09f278c04086a4268d05dac6e48f50aa4fb3
doc_id: 774437
cord_uid: 8doaz9aw

BACKGROUND: Information technologies have been vital during the COVID-19 pandemic. Telehealth and telemedicine services, especially, fulfilled their promise by allowing patients to receive advice and care at a distance, making it safer for all concerned. Over the preceding years, professional societies, governments, and scholars examined ethical, legal, and social issues (ELSI) related to telemedicine and telehealth. Primary concerns evident from reviewing this literature have been quality of care, access, consent, and privacy. OBJECTIVES: To identify and summarize ethical, legal, and social issues related to information technology in healthcare, as exemplified by telehealth and telemedicine. To expand on prior analyses and address gaps illuminated by the COVID-19 experience. To propose future research directions. METHODS: Literature was identified through searches, forward and backward citation chaining, and the author’s knowledge of scholars and works in the area. EU and professional organizations’ guidelines, and nineteen scholarly papers were examined and categories created to identify ethical, legal, and social issues they addressed. A synthesis matrix was developed to categorize issues addressed by each source. RESULTS: A synthesis matrix was developed and issues categorized as: quality of care, consent and autonomy, access to care and technology, legal and regulatory, clinician responsibilities, patient responsibilities, changed relationships, commercialization, policy, information needs, and evaluation, with subcategories that fleshed out each category. The literature primarily addressed quality of care, access, consent, and privacy. Other identified considerations were little discussed. These and newer concerns include: usability, tailoring services to each patient, curriculum and training, implementation, commercialization, and licensing and liability. The need for interoperability, data availability, cybersecurity, and informatics infrastructure also is more apparent. These issues are applicable to other information technologies in healthcare. CONCLUSIONS: Clinicians and organizations need updated guidelines for ethical use of telemedicine and telehealth care, and decision- and policy-makers need evidence to inform decisions. The variety of newly implemented telemedicine services is an on-going natural experiment presenting an unparalleled opportunity to develop an evidence-based way forward. The paper recommends evaluation using an applied ethics, context-sensitive approach that explores interactions among multiple factors and considerations. It suggests evaluation questions to investigate ethical, social, and legal issues through multi-method, sociotechnical, interpretive and ethnographic, and interactionist evaluation approaches. Such evaluation can help telehealth, and other information technologies, be integrated into healthcare ethically and effectively.

Telehealth services have been saving lives during the COVID-19 pandemic, allowing patients and clinicians to come together without infecting each other. Until the outbreak, uptake was limited. A 2016 study reported that a mere 15.4% of US physicians worked in practices using telemedicine to interact with patients, and 11.2% in practices using telemedicine for interactions between physicians and healthcare professionals, mostly via video-conferencing [1] . In the US, although more than fifty health systems used telehealth technology for home care [2] , only one percent of the US rural population, where teleservices would be expected, had experienced it by 2019 [3] . Even though 66% of those surveyed that year were willing to use telehealth, only 8% had tried it, while two-thirds of respondents used personal health monitoring devices [4] . By January 2020, as COVID-19 was becoming apparent, only 24% of US healthcare organizations had a telehealth program in place [5] .

Suddenly, an unprepared clinical workforce and patient population was thrust into telemedicine to respond to COVID-19. Demand for commercial telemedicine services in the US spiked [2] . Vendors reported that they got a year's worth of traffic in one month. Amwell, saw a 2000% increase in visits to its platform before the end of April, 2020. Deployments that typically took two to four months were implemented far more rapidly [5] . Just the month before, MDLIVE reported that urgent care visits doubled in Washington state, where the outbreak hit early and hard, and American Well, about to be rebranded to Amwell, said that usage increased there 650% and 158% nationwide [6] .

Telehealth is valuable for "forward triage" to sort patients before they go to an emergency room [2] . For example, daily averages for Virtual Urgent Care visits at New York University's Langone Health, which was well-situated to expand telecare, grew by 683% and nonurgent video doctor visits grew by 4,345% in response to COVID-19 over six weeks during March and the first half of April 2020. In-person visits declined 80% while forty emergency medicine providers were increased to 289 "surge" providers from multiple specialties. Ambulatory care video visits similarly increased [7] . For critically ill in-patients, telehealth allowed intensive care specialists elsewhere to step in. University of Pittsburgh Medical Center intensivists advised on COVID-19 patients at the New York-Presbyterian Weill Cornell Medical Center in overwhelmed New York City [8] .

Telehealth is proving its value in areas identified as early as 1996 at the American Medical Informatics Association's Spring Congress. Their focus included integrating access to health data and knowledge-based information, and to sharing and aggregating patient data across networks, as well as licensure and privacy [9] . Along with consent, quality of care, and regulatory challenges, these themes were discussed internationally for years. They are particularly relevant now considering the rapid implementations and regulatory changes that helped encourage telecare by providing reimbursement for services, and by relaxing enforcement of privacy and data sharing rules so patients could use telehealth services and apps, and of requirements for licensing, credentialing, supervising non-physician providers, and previously established doctor-patient relationships.

Professional organizations' and EU guidelines and international literature primarily from the past decade discussed ethical concerns that were little addressed as the pandemic hit. With telemedicine's expansion now expected to change healthcare delivery even as the pandemic ends [10] , it is all-the-more imperative to revisit these issues, identify emerging ones, and learn from experience. Past guidelines and analysis may need revising for today's healthcare needs. To identify what remains relevant and what might need updating, this paper summarizes previously identified telemedicine ethical, legal, and social issues (ELSI). Based on that, it discusses additional considerations and then calls for learning from the experience by posing potential evaluation and assessment questions intended to make telehealth as effective and ethical as possible.

As early as 1999, the World Medical Association defined "telemedicine" as "the practice of medicine, from a distance, in which interventions, diagnostic and treatment decisions and recommendations are based on clinical data, documents and other information transmitted through telecommunication systems [11] ," the same definition they used in 2018 [12] . Early in 2020, the American Medical Association defined "telehealth" as: (1) real-time audio and visual connections between patients and physicians in different locations, (2) image and data collection store-and-forwarded for later interpretation, (3) remote patient monitoring tools, including mobile health (mHealth) tools, wearables, and devices, and (4) virtual check-ins through voice-only patient portals, messaging technologies, and the like [13] . Because of the similarities, and because different practitioners prefer one of these terms over the other, "telemedicine" and "telehealth" are used interchangeably below and encompassed in the term "telecare."

Literature was selected in ways similar to [14] to get a sense of what already had been said specifically about telemedicine and telehealth ELSI. For the broadest and most frequently accessed selection, Google and ssrn.com searches were done on "telehealth ethics" and "telemedicine ethics." By taking advantage of Google's ranked search results, the first few pages of results were used to find and then include the scholarly papers since 2008 that presumably were most viewed, so most likely influential. All ssrn entries were included if they were primarily about ethical and general legal issues. Papers identified by forward and backward citation chaining and the author's knowledge of scholars and works in the area also were examined. Review papers little overlapped other publications, and therefore were included, but to avoid redundancy, papers and guidelines prior to 2008 were not because they were summarized in [15] and [16] . Including review papers further expanded the scope of papers that were addressed, albeit indirectly, and including papers and guidelines from international venues helped in getting a global sampling. In all, nineteen scholarly papers are the basis for discussing telehealth and telemedicine ELSI scholarship. US, EU, and world guidelines, the main ones in this area, also were included, and several of the scholarly papers referenced guidelines from other countries.

Issues in each document were classified into categories and subcategories in a synthesis matrix. It became apparent that there was considerable repetition in what was addressed and additional papers were adding little, consequently, as saturation appeared to be reached, the scope and number of documents seemed sufficient. The purpose, then, was not so much to be exhaustive as to get a sense of the issues discussed and how they might pertain to today's situation. Because previously developed guidelines and analyses might not be sufficient for public health crises or under conditions of rapid expansion of information technology use, the intent was to both benefit from past wisdom and suggest updates that might be appropriate to new circumstances.

Global and national medical organizations and various scholars have been discussing ethical issues in telemedicine since at least the early 1980s [17] . Since the beginning, guidelines from organized medicine, government commissions, and ethical, legal, and other analyses, emphasized the patient-clinician relationship, consent, privacy and security, and law and regulation. Issues were categorized as: quality of care, consent and autonomy, access to care and technology, legal and regulatory, clinician responsibilities, patient responsibilities, changed relationships, commercialization, policy, information needs, and evaluation. Subcategories fleshed each of these out. Primary concerns evident in this literature have been quality of care, access, consent, and privacy. (See Tables 1 and 2.) 

A 2008 review of twenty-one ethical guidelines published in journals found most came from the US, UK, Australia, and India. There were none specifically for developing countries, and the review notably discussed concerns characteristic of these countries and communities. Guidelines dealt with codes of conduct for health websites, doctor-patient relationships, consent and communication, security, confidentiality, different specialties, homecare, and e-mail consultations. The predominant concerns were: the doctor-patient relationship, informed consent, confidentiality, data security, adequacy of records, Table 1 Organizations.

Organizations WMA [11] WMA [12, 18] WMA [19] ACP [20] AMA [21] AMA [22, 23] AMA [13, 24] EU [27] data standards and quality, clinical competence, licensure and medical responsibility [16] , emphases evident over the past twenty years in professional societies' guidelines (See Table 1 ).

In 1999, The World Medical Association (WMA) focused on the physician-patient relationship, including physician and patient responsibilities similar to those in face-to-face care. They addressed quality care, informed consent, confidentiality and security, appropriate authorizations to practice, use of and access to technologies, and quality metrics to assess these [11] . They repeated these themes in their 2007 Statement on the Ethics of Telemedicine and the 2018 revision, though they, by then, warned about telemedicine solely for cost-cutting. Although they no longer had a section on the patient's role, they advised on physicians' relationships with other physicians involved with a patient's care, and on assessing telemedicine [12, 18] . Their 2009 "Statement on Guiding Principles for the Use of Telehealth for the Provision of Health Care," while addressing similar issues, set a different tone by beginning with a guiding principle of the duty of care in telehealth encounters and emphasizing significant aspects of the physician-patient relationship which physicians needed to meet along with quality and regulatory standards [19] .

The American College of Physicians (ACP), a national organization of internists, published primary care telemedicine policy recommendations in 2015. They, too, emphasized the patient-physician relationship, recommending establishing one before a telemedicine encounter and steps to take if that were not possible. They also addressed judging suitability and access for each patient, including disadvantaged or illiterate patients; licensure and regulation, including privacy and security regulation; and not compromising the ethical obligation for appropriate care by adopting technology [20] .

Meanwhile, the American Medical Association (AMA)'s 2014 and 2016 telemedicine ethics guidelines also covered the patient-physician relationship and quality of care, reimbursement, and the need for guidelines and assessment [21] . Physicians' "fundamental ethical responsibilities do not change," they declared, and still included providing competent care, respecting patient privacy and confidentiality, taking appropriate steps to ensure continuity of care, and following best practice guidelines [22] . They also presciently warned about commercializing healthcare, related conflicts of interest, and patient trust [23] .

By 2019, the AMA recognized additional issues involving direct-toconsumer telemedicine providers' influence towards commercializing both the market and overseeing it [24] . As previously, the AMA pointed out that despite changes in how people using new technologies interact with each other, they still should be able to trust physicians to prioritize their welfare, provide competent care and follow-up, give patients information to make well-considered decisions, and respect patient privacy and confidentiality. Their Code of Medical Ethics (no longer only in specific guidelines for telemedicine) again stressed that physicians' ethical responsibilities do not change during teleconsults. Some newer responsibilities included: ensuring that information is accurate, and that protocols are sufficient to prevent unauthorized access, to protect the security and integrity of patient information, and to authenticate the patient's identity; and recognizing technology's limitations, and therefore, also of themselves when relying on technology. They also elaborated on widely-recognized principles of tailoring services to each patient, including for consent, and advocating for access; and advised avoiding technology's seduction by monitoring the telehealth landscape to identify positive and negative outcomes and consequences and informing users of the limitations [25] .

The AMA seriously addressed telemedicine in their Code of Ethics and also in other work during 2019 and 2020. They surveyed relevant state law, and continued emphasizing that, except in emergencies and other exceptional circumstances, there should be a previously-established "valid" patient-physician relationship prior to telemedicine services [24, 26] . By 2020, the AMA produced a "Telehealth Implementation Guidebook" that, like the WMA ten years before, introduced the need for assessment metrics and for clinical, staff, and patient education, albeit with more detail [13] .

Governing bodies also weighed in. The European Union encouraged national health services to incorporate telemedicine into daily practice. It pushed for developing telehealth international standards, interoperability, and legal provisions; involving clinicians and patients in design, development, and implementation; promoting greater awareness; increasing research; and developing related areas of ethics and evaluation. By 2013, they discussed ethical issues of transparency of mission statements and ethical principles; changing clinicians' professional roles, including special training; viewing patients as active participants in their healthcare, making them the arbiters of its social acceptability, and ensuring they have enough information to make consent meaningful; and avoiding conflicts of interest or prioritizing vendors' interests [27] .

During these years, scholars also discussing ELSI related to telemedicine expanded on the familiar issues of physician-patient relationships and quality of care, consent, access, and privacy. A review of 2000-2013 open-access literature found the issues centered on autonomy, privacy, confidentiality, consent, equality of service availability, and beneficence, [28] while a 2012-2017 review familiarly identified the doctor-patient relationship as the main issue, and others as "technology, data confidentiality and security, informed consent, and patient's and family's satisfaction with telemedicine services [17] ". A 2019 international literature survey again focused on depersonalization and roles undergoing change, considering especially confidentiality, informed consent, autonomy and equity [29] . One author addressed four "possible pitfalls:" eroding the patient-doctor relationship, patient privacy threats, one-size-fits-all implementations, and assuming that new technology must be effective, and therefore added the advisability of evaluation [30] . Some authors remarked that these concerns were illustrative of ethical issues regarding health information technology in general [11, 15, 27, 31] (See Table 2 ).

In sum, the literature extended beyond the usual four areas of Zubrow [36] Langarizadeh et al.

[17]

Razon [37] Young et al. Zubrow [36] Langarizadeh et al.

[17]

Razon [37] Young et al. Khairat [35] Nittari [42] Smith et al. [3] Kuziemsky et al. Khairat [35] Nittari [42] Smith et al. [3] Kuziemsky et al. quality of care and relationships, access, consent, and privacy commonly found in professional guidelines. Authors discussing the doctorpatient relationship addressed the importance of human contact, nonverbal cues, touch, expressiveness, and accustomed ways to express empathy and build rapport for diagnosis, treatment, and recovery. They were concerned with the potential for depersonalization and lack of intimacy, prioritizing efficiency and economics over quality care, and for lack of sensitivity to patients' community, culture and social practices, and language [27, [32] [33] . Scholars questioned meaningfulness of autonomy and consent when choice is limited by access or family and community pressures, or in the face of privacy policies that are difficult to understand and do not protect privacy [11, 15, 31] . They addressed access in terms of meeting different needs, both for healthcare and technology designs for different patient and clinician populations, while adhering to standards of care for all [11, 15, 27, 31, 34] . They recognized that patients can be burdened by access disparities, particularly the elderly, impaired, disadvantaged, and racial minorities, and those where services are limited [15, [34] [35] . Attention was given to the need for services and technology for these populations, and to burdens as well as benefits of care [27, 34] . Privacy, confidentiality, and consent were of concern, and more so when obligatory end-user agreements required relinquishing privacy and control over data [34] . Commercialization of telemedicine services and the widespread use of mobile health apps and different devices raised additional threats to privacy and cybersecurity. Other regulatory issues also discussed were: licensure, credentialing, liability and malpractice, conflicts of interest, technological certification standards and device regulation, conflicting state rules, and responsibility for hardware and software safety [27, [31] [32] 36, [37] [38] [39] [40] . Scholars also extended beyond the common issues by noting that telecare services require clinicians and patients to take on new roles, relationships, and responsibilities. They recognized that these created responsibilities for clinicians, patients, and institutions. Patients and clinicians needed to learn how to select and use the technologies and possibly overcome access, usability, and language barriers, and to develop cultural sensitivity to communities with different customs, practices, and language [27, 32, 33] . Authors identified changes in relationships, status, control, legal responsibility, ways of working and skill levels, and relationships between clinicians and different communities as well as between patients and clinicians. They discussed implications for quality of care and for social policy [11, 15, 31, 36] . They advised developing curriculum and additional education for new roles and responsibilities [12, 27, 32, 33] . Authors recommended training concerning changes in clinicians' roles and responsibilities to ensure patient safety and ethical workplaces, not only effective use of technologies [27] . Scholars also commented on patients' need for assistance and education to navigate the new ways to get care and implications of using the services [34, [38] [39] .

While to most, the benefits of telemedicine were clear, some authors questioned the extent to which the aim of telemedicine was improving health or well-being or, instead, creating market needs or cutting costs. They indicated that trading market rationality and efficiency for values traditionally at the heart of caregiving could compromise care. They raised concerns about commercially exploiting data in ways that violate privacy, support marketing interests, create vulnerabilities, increase surveillance, and compromise both informed consent and patient-clinician relationships [11, 15, 27, 32, 38, 40] . Related concerns focused on opacity of end-user agreements for commercial services and apps, with issues of meaningful consent and privacy in question [34, 38] .

As the COVID-19 pandemic was becoming apparent, one review compared the WMA, AMA, and Health Professions Council of South Africa guidelines according to how they treated facilitating patientprovider relationships and communication, and also data integrity and Khairat [35] Nittari [42] Smith et al. [3] Kuziemsky et al. data protection issues. The authors, members of the International Medical Informatics Associations' Telehealth Working Group from nine countries, examined cultural and regional differences, artificial intelligence and big data issues, comparison with face-to-face practice, and special populations as exemplified by elder care. Their key finding was a gap between these macro-level guidelines and micro-level practice priorities [41] . Another review, of scholarship regarding global telehealth ethical and legal challenges from 2010-2020 literature, repeated the familiar concerns: informed consent, protecting data and confidentiality, malpractice and liability, and regulation [42] . However, this review indicated that a twelve year old observation still held: "Current measures often ignore ethical issues linked to professional conduct and relationships, protection of patient autonomy, patient safety, cultural diversity, and the human value system [42] ." quoting [15] This is unfortunate as telemedicine is a key source of outpatient healthcare in a time when virulent infectious disease prevents other means of accessing care.

Tables 1 and 2 indicate that some issues predominated and others received little attention. The COVID-19 experience illuminates newer concerns centering on just how well and under what conditions quality of care is as good as in-person care, or at least adequate when that care is not available; effectiveness of consenting procedures, including their relationship to data privacy; how changes in access affect various populations and patients; privacy considerations, especially for commercial teleservices; and legal and regulatory issues of licensing and liability. How crucial information and informatics infrastructure is has become even more obvious, together with patient interaction with data and clinicians' access to relevant patient-generated data, particularly for patients they do not know.

Quality of care depends on all clinicians, and not only on physicians or the doctor-patient relationship. It requires tailoring services to each patient's needs, having necessary data, and finding ways to maintain empathy, trust, and circumvent technological limitations. Consent requires attention to protecting patients from consequences of using new technological services, such as required consenting to expansive vague take-it-or-leave-it permissions in order to receive care.

Access includes usability and serving all populations, including the cognitively impaired, elderly, and those who are disabled, unable to read, or have compromised hearing, vision, manual dexterity, and mobility, as well as those with poor or no broadband, or no way to connect. Additionally, as telemedicine services expanded, some kinds of services were foregone or deferred as others became more necessary, creating access problems for those needing that unavailable care.

Confidentiality, privacy, and security require more scrutiny. Commercial services as well as health care organizations collect and sell data for purposes unrelated to healthcare. With the potential for collateral data collection, revelations can be made about people not directly in a telehealth encounter [32] . Fortunately, this is getting more attention [3] . End user licensing agreements (EULAs) and contracts can be evaluated for comprehensibility, privacy protections, and other significant areas, as well as assessing whether patients actually pay attention to them or simply click through. EULAs are even more of concern when patients have no choice but to accept them. It would be helpful to know how much of a problem EULAs are.

Moreover, it is becoming apparent that data from many sources and activities may be incorporated into health records, and for years has been aggregated and sold, making all data health data, though not all is protected by health privacy protections [34] . The need for improving cybersecurity is more apparent. WHO, the National Institutes of Health, and the Gates Foundation were presumably hacked in April 2020 [43] . A newer concern relates to artificial intelligence and algorithms that may be unvetted or opaque, or result in conflicts of interest or unsavory biases [41] .

New regulations, such as the General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Protection Act in the US, address these concerns to some extent. Both are too new to judge long-term effects, but both the GDPR's predecessor and US sectoral privacy law in healthcare, finance, and education have been in effect long enough for assessment. While many agree that US health data privacy protections have been outdated for some time [34, [44] [45] [46] , pros and cons of these kinds of regulations have been discussed extensively in the legal literature, and much can be learned from these analyses [47] . Relaxing privacy regulations to enable telehealth provides a further opportunity for revisiting these regulations.

Additional regulatory and policy issues also have become more prominent. Licensure, credentialing, liability and malpractice, conflicts of interest, technological certification standards and device regulation, and conflicting state rules were discussed over the years [32, 36] . Telecare services' growth across jurisdictional boundaries further illustrate the salience of these issues. Parallel concerns were expressed internationally as well [27, 31, 37] , with some additional consideration to serving vulnerable populations, and to responsibility for hardware and software malfunctions, errors, safety, and interoperability [38] [39] [40] . These issues now have become more salient as some regulations were relaxed, recognized as possibly impeding the needed ramping up of telehealth services during the pandemic. Telehealth services were implemented very rapidly to meet healthcare needs during a global health crisis. As new services are quickly rolled-out and previous services vastly increased there may have been too much focus on responding to an emergency, or on the roll-out itself, to pay enough attention to other important issues. While laudable in that telehealth enables patients to get care, training and skills development were necessarily short-changed. Institutional implementation practices and policies can incorporate training and address implementation. Burn-out, too, may be an issue.

One significant concern is meeting the needs of all involved. The literature mostly has focused on physicians and patients. Others provide care, and people other than patients are involved or affected. Another issue is addressing different stakeholders'-patients, clinicians, administrators, vendors, public health agencies, policy makers, advocates, specific patient communities and populations, etc.-needs and situations and the longer-term effects this will have on health, healthcare, and society.

All these considerations indicate the importance of both the clinical encounter and also the organizational, social, cultural, and political environment in which it occurs and the multiple people involved. Clinical judgement and professional responsibility are reflected in the emphasis on clinician-patient relationships, particularly the focus on physicians. Under very trying circumstances, clinicians have heroically fulfilled their professional obligations by taking advantage of technology provided by their organizations and rapidly switching to telecare to provide services as best, and as ethically, as they can. Still, the rapid rise of telemedicine, telehealth, and e-health may be contributing to dehumanization by virtualizing patients and care and by focusing on measurement. Better training and more humanizing strategies for clinicians and patients would help [27, 48] . Patients, too, are making decisions and responding to their own difficult situations. They play a significant role in their care and clinical interactions. Their views of ELSI and new forms of healthcare should be incorporated into services. Patients' knowledge, health literacy, digital fluency, capabilities and disabilities, and access to care also would add a significant perspective to ELSI discussion. So, too, would organizational policies, legal and regulatory concerns, technological considerations, and much else. Consequently, not only clinicians and patients, but also information and computer specialists, organizational decision makers, vendors, policy experts, ethicists, community and patient advocates, and all affected need to be included in ELSI analysis. Additionally, different contexts of settings and healthcare systems around the world require expanding the scope of ELSI to include this variety. The conditions particular to underserved communities and developing countries also need far more ELSI attention.

For telemedicine to remain incorporated into routine care as responsibly and ethically as possible, this broader view of ELSI is necessary [49] . The pandemic experience provides opportunity for assessing how best to continue.

The COVID-19 outbreak and consequent explosion of telehealth services presents an unparalleled opportunity to examine related ethical, legal, and social issues and ask what fundamental responsibilities are during a time of crisis in healthcare, and after. The range of issues and current experiences suggest "a whole-system strategy" to embed telehealth into routine service and other information system functions. Doing so requires information technology networks, policies, procedures, technological infrastructure, and effective change management strategies for new workflows and redesigned care models [3] . To do this, so telehealth services continue effectively and ethically, decisions can be evidencebased and value-based. That makes evaluation and assessment crucial. As experience grows, so do opportunities for evaluation. World-wide deployment of telehealth services provides a natural experiment for learning from the experiences and for broadening ethical guidelines and analysis.

While the WMA recommended quality measures for assessment [12] , and the AMA suggested metrics based on organizational goals aligned to the "'quadruple aim' of healthcare, inclusive of health equity" (i.e., focusing on health outcomes, improving patients' experiences, reducing cost, and increasing clinician satisfaction) [13] , unfortunately, there have been too few solid telehealth evaluation studies [15, 27] . Of those, even the ones using the EU's Model for Assessment of Telemedicine Applications (MAST), a framework that includes ethical and legal issues, have not included ELSI, even if some addressed usability or work and organizational changes [50] [51] . Instead, the longstanding emphasis on technology using positivist approaches comes at the expense of the range and depth of ethical, legal, and social issues, and contributes to triumphalist accounts of telemedicine trials even though research and evaluation results may be less positive [15, 27, 52] .

That evaluation history points to the salience of methodologies that include ethics. Incorporating interpretive, critical, sociotechnical approaches into evaluation mitigates against both information technology and evaluation failures [14, [52] [53] [54] [55] [56] and would allow for more ELSI exploration. Longitudinal formative (before and during implementation and use) and summative (after) evaluation focusing on a variety of concerns through quantitative and qualitative methods and multi-disciplinary perspectives is therefore desirable. An interactive sociotechnical approach incorporating Kaplan's 4Cs of communication, care, control, and context that draw attention to ELSI could investigate the dynamic interactions between these issues [53, [57] [58] . These, combined into an applied ethics approach that examines practice would address context-specific issues together with the situations and relations people and technologies co-create [49, 59] . Understandably, these are not top priorities when systems are overwhelmed, but the possibilities should be kept in mind as routines settle and calm.

Evaluation is an ethical imperative so that ethicists, professionals, and policy makers have sound evidence on which to base analyses, decisions, and services [15, 60] . Examining telehealth services as compared with other means of healthcare will illuminate what constitutes good clinician-patient relationships, quality care, sufficient consent, adequate access and privacy, and the variety of other ethical, legal, and social concerns. Evaluation should explore and go beyond quality; consent; access; and privacy, legal, and regulatory issues. It should ask two overarching questions: What is happening? Why is it happening [61] ? More specific evaluation questions, such as those in Table 3 , though not explicitly ELSI, have ethical, legal, and social aspects that can be explored by asking: Are people treated well and fairly? Who? How? By what standard? Are people acting ethically? What will facilitate their doing so? Table 3 evaluation questions are meant to be suggestive, to inspire more comprehensive evaluation efforts and ELSI evaluation aims. The questions are retrospective, current, and prospective, so can be applied to past, present, and future. They also are applicable to evaluating other healthcare information technologies and for broadening the scope and understanding of ELSI [49] .

The literature search could have been more extensive by including more keywords, databases, and more countries' guidelines. Literature before 2008 may have been missed if not included in review papers. Google search results are unique because displays are targeted to the user and a priority ranking system based on others' searches. Consequently, searching by a different person, or on a different computer, or at different times, could return different results. However, the search was intended to get a sense of what the ELSI focus has been rather than to be exhaustive. When no new issues were identified and saturation appeared to be reached, the search was ended.

The COVID-19 pandemic provides an opportunity to explore ethical, legal, and social issues related to information technology in healthcare. The pandemic has made developing informatics infrastructure and ethical guidelines to meet data and care more necessary. Having relevant information about patients is a clear informatics mandate requiring more interoperability and data sharing than has been possible, and more ELSI involvement.

Perhaps most important is learning from the experience while moving forward ethically, responsibly, and effectively. Young et al. thought it vital to maintain established ethical principles when using new forms of communication and technology in healthcare, "while nurturing the therapeutic relationship, insuring confidentiality, maintaining patient satisfaction and appropriately utilizing technology to provide evidence-based care and clinical benefits [32] ." Fortunately, this is starting to happen [3] .

The sole author is the sole contributor.

None.

This research did not receive any specific grant from funding agencies in the public, commercial, or not-for-profit sectors.

-Telemedicine and telehealth have great potential to provide care when patients and clinicians are not physically together. -Professional guidelines and scholars focused on quality of care, access, consent, and privacy and confidentiality as the primary ethical, legal, and social issues related to telemedicine and telehealth. These issues also apply to health information technologies in general. -Evaluations of telemedicine and telehealth rarely include ethical, legal, and social issues.

-Literature was classified into categories and sub-categories. Primary ethical, legal, and social issues were identified, as were those needing more attention, especially in light of the COVID-19 pandemic. -Broadening the scope of ethical, legal, and social issues can enable ethical and evidence-based integration of telehealth and telemedicine into health care delivery. -Evaluation should include ethical, legal, and social issues, possible by using an applied ethics, context-sensitive approach that explores interactions among multiple factors and considerations. -Suggested evaluation questions can help identify ethical, legal, and social issues.

The use of telemedicine by physicians: Still the exception rather than the rule

Virtually perfect? Telemedicine for COVID-19, New Engl

Telehealth for global emergencies: Implications for coronavirus disease 2019 (COVID-19)

Telehealth booms amid COVID-19 crisis: Virtual care is here to stay

Telehealth visits surge along with coronavirus cases

COVID-19 transforms health care through telemedicine: Evidence from the field

Telemedicine key to US health care even after pandemic ends

A focus on telehealth

A pandemic benefit: Expansion of telemedicine

WMA statement on accountability, responsibilities and ethical guidelines in the practice of telemedicine

WMA statement on the ethics of telemedicine

Telehealth implementation playbook

Evaluating informatics applications -review of the clinical decision support systems evaluation literature

Ethical challenges of telemedicine and telehealth

Telemedicine a need for ethical and legal guidelines in South Africa

Application of ethics for providing telemedicine services and information technology

WMA statement on the ethics of telemedicine

WMA statement on guiding principles for the use of telehealth for the provision of health care

Policy recommendations to guide the use of telemedicine in primary care settings: An American College of Physicians position paper

AMA adopts new telemedicine reimbursement policy

AMA adopts new guidance for ethical practice in telemedicine

Ethical practice in telehealth and telemedicine

Established patient relationships and telemedicine: CMS report 1-i-19

Code of medical ethics opinion 1.2.12

50-state survey: Establishment of a patient-physician relationship via telemedicine

Towards an ethics for telehealth

Ethical aspects of ehealth -systematic review of open access articles

Digital medicine: Bioethical assessment of challenges and opportunities

Telemedicine's potential ethical pitfalls

Why is telemedicine a challenge to the regulators? S. Afr

Telehealth: Exploring the ethical issues

Ethical and legal considerations regarding the use of technology for older adults: The case of telehealth

Alzheimer's and m-health: Regulatory, privacy, and ethical considerations

Advancing health equity and access using telemedicine: A geospatial assessment

Legal, regulatory, and ethical issues in the use of telemedicine

The threatened erosion of privacy in healthcare and the search for a "cure": Pursuing a legal framework for health information privacy in ehealth and telemedicine

Ethical and legal challenges for health telematics in a global world: Telehealth and the technological imperative

Trusting telemedicine: A discussion on risks, safety, legal implications and liability of involved stakeholders

Leaving patients to their own devices? Smart technology, safety and therapeutic relationships

Ethics in telehealth: Comparison between guidelines and practice-based experience-the case for learning health systems

Telemedicine practice: Review of the current ethical and legal challenges

000 e-mail addresses and passwords allegedly from NIH, WHO, Gates Foundation and others are dumped on-line

Broken promises of privacy: Responding to the surprising failure of anonymization

Beyond the HIPAA Privacy Rule: Enhancing privacy, improving health through research

Big data, HIPAA, and the Common Rule: Time for big change

Seeing through health information technology: The need for transparency in software, algorithms, data privacy, and regulation

Four ethical issues of "e-health

Ethics, guidelines, standards, and policy: Telemedicine, COVID-19, and broadening the ethical scope

The model for assessment of telemedicine (MAST): A scoping review of empirical studies

A model for assessment of telemedicine applications: MAST

Why do evaluations of ehealth programs fail? An alternative set of guiding principles

Evaluating informatics applications-some alternative approaches: Theory, social interactionism, and call for methodological pluralism

Practicecentred evaluation and the privileging of care in health information technology evaluation

Evidence-based health informatics -promoting safety and efficiency through scientific methods and ethical policy

H.I.T. or miss: Lessons learned from health information technology implementations

Addressing organizational issues into the evaluation of medical systems

Unintended consequences of information technologies in health care-an interactive sociotechnical analysis

Ethical implications of home telecare for older people: A framework derived from a multisited participative study, Health Expect

Evidence-based health informatics -promoting safety and efficiency through scientific methods and ethical policy

Qualitative research methods for evaluating computer information systems