A. In order to provide teletherapy services to a client, a CRNP/PMH or PMH/APRN shall have:
(1) Established a client-therapist relationship;
(2) Performed a mental status assessment;
(3) Established a diagnosis;
(4) Developed a treatment plan; and
(5) Obtained an informed consent from the client to provide teletherapy.
B. Before providing teletherapy services, the CRNP/PMH or PMH/APRN shall develop a procedure to:
(1) Verify the identity of the client receiving teletherapy services;
(2) Ensure that all medical records are protected from unauthorized access through encryption or other means;
(3) Ensure that the CRNP/PMH or PMH/APRN provides a secure and private teletherapy connection and complies with federal and state privacy laws;
(4) Notify a client in the event of a data breach in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and the Maryland Confidentiality of Medical Records Act; and
(5) Establish safety protocols to be used in the case of an emergency.
C. At the outset of each teletherapy session, the CRNP/PMH or PMH/APRN shall:
(1) Identify all individuals present at each location and confirm that they are permitted to hear or access personal health information;
(2) Obtain or confirm an alternative method of contacting the client in case of a technological failure; and
(3) Determine whether the client is in Maryland.