EU Cross-border Telemedicine: A Partial Harmonisation of Product and Professional Liability?

Printer-friendly version

Abstract: Telemedicine raises complex legal issues. The challenging regulatory choices needed to adequately cope with the digital transformation of healthcare become more pronounced when the provision of healthcare services bridges national borders. Recently the EU has undoubtedly presented itself as a particularly active player in harmonising the Member States’ substantive regimes on civil liability. However, harmonisation is still far from complete. Against this background, the general instruments of EU private international law have proved to be relatively fit for accommodating diverse legal orders in the digital age. Yet, their interaction with cross-border eHealth services remains to some extent complex and uncertain, last but not least in the light of the uncertain characterisation of medical liability.

Keywords: clinical risk in eHealth – cross-border telemedicine – product liability – professional liability – jurisdiction – applicable law.


I.   Introduction

The 2020-2025 Global Strategy delivered by the World Health Organization (WHO) acknowledges that “digital transformation of health care can be disruptive; however, technologies […] have proven potential to enhance health outcomes by improving medical diagnosis, data-based treatment decisions, digital therapeutics, clinical trials, self-management of care and person-centred care”.[1]

Already the Digital Agenda for Europe presented in 2010 by the European Commission has alluded to the potential of the Internet – that is “borderless” – and of the “innovative and advanced online services – such as […] eHealth”, hoping “to achieve by 2020 widespread deployment of telemedicine services”.[2]

A year later the European Union (EU) legislator adopted the Directive 2011/24/EU of the Council of 9 March 2011 on the application of patients’ rights in the field of cross-border healthcare. On one hand, the Directive implements the case law of the European Court of Justice on the EU citizens’ right to reimbursement of costs of healthcare incurred in Member States other than that of the citizens’ habitual residence.[3] On the other hand, it provides for the creation of “a voluntary network linking national authorities responsible for eHealth designated by the Member States”.

In 2018 the European Commission published a Communication on the digital transformation of health and care[4] identifying three areas of priority for future EU’s actions: i) citizens’ secure access to their health data, including across borders; ii) personalised medicine through shared European data infrastructure; iii) citizen empowerment with digital tools for user feedback and person-centred care. Overall, the Commission has stressed the wide-ranging beneficial impact that digital technologies, such as 5G mobile communication, Artificial Intelligence (AI) and supercomputing, may exert in increasing the well-being of EU citizens.

Nowadays the concept of “eHealth” is used to broadly denote tools and services that rely on Information and Communication Technologies (ICTs) to improve prevention, diagnosis, treatment, monitoring and management of health-related issues, and to monitor and manage lifestyle-habits that impact health. More specifically, the notion encompasses a wide range of services and information technology such as information systems, Electronic Health Records and Platforms, electronic transmission of prescriptions or referrals, online pharmacy and telemedicine. A particular form of medical and public health practice supported by mobile devices such as phones, patient monitoring devices, personal digital assistants and other wireless devices, is also rapidly spreading.[5] This practice of “mobile healthcare” (“mHealth”) includes applications that may connect to medical devices or sensors (bracelets or watches), health information/medication reminders provided by text (sms) and telemedicine provided wirelessly. AI-driven applications that encompass genuine medical services, requiring a health professional for diagnosis and/or treatment, fall within the concept of “e-Health”: not so mere self-control/wellbeing applications.

II.  Cross-Border Telemedicine

“Telemedicine” refers to “the provision of healthcare services, through the use of ICTs, in situations where the interested parties are not in the same location. It involves secure transmission of medical data and information, through text, sound, images or other forms needed for the prevention, diagnosis, treatment and follow-up of patients”.[6] As such, the concept of telemedicine encompasses both healthcare “professional-to-patient” relationships as well as healthcare “provider-to-provider” relationships. There are several forms or ways by which telemedicine services may be delivered: telemonitoring, teleintervention, telesurgery, teleconsultation. Depending on the relevant medical specialty in which telemedicine services are implemented, telemedicine takes the form of teleradiology, telepsychiatry, teledermatology, etc.

Thanks to telemedicine it is possible to provide healthcare services beyond traditional physical spaces, including national borders. The independence by physical spaces brings forward a series of advantages: better access to care, greater timeliness of assistance, greater continuity of assistance for patients with chronic or rare diseases, better management of public health emergencies. In other words, healthcare services are provided without the actual movement of the parties (health professionals and/or patients), thanks to communication tools such as videoconferencing, email, smartphones or app-enabled technology.

By entailing a hyper-personalised and data-driven evaluation of the patient’s conditions, telemedicine services raise complex regulatory choices that only partially overlap with those raised by conventional healthcare services. Telemedicine services – that fall, as traditional healthcare services, within the scope of arts 56 and 57 TFEU[7] – may indeed be characterised simultaneously as “healthcare” service pursuant to the Directive on cross-border healthcare, as well as “information society service” (ISS) within the meaning of the Directive 2000/31/EC of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market.

In the case of cross-border telemedicine services, several key legal issues arise: licensing/registration of healthcare professionals performing telemedicine services;[8] conditions for legitimate processing and protection of personal health data;[9] respect for the patient’s self-determination; reimbursement of the services. The most problematic profiles, though, are the patients’ clinical risk and the liability of healthcare professionals.

III. Clinical Risk

Clinical risk is the measure of likelihood that patients may incur in adverse events in connection with the provided medical treatment. The occurrence of personal harm for patients may derive from defects or malfunctioning of the equipment used by professionals, from actions or omissions of healthcare professionals or from structural or organisational deficiencies of healthcare facilities.

The occurrence of personal harm may of course trigger civil liability claims. To this effect, civil liability may be divided in “product” liability and “professional” liability depending on subject matter of the relevant dispute. Both types of civil liability claims may in turn involve several national legal systems. Consider for instance the case in which a professional located in State A performs robotic surgery on a patient citizen of State B (domiciled and resident in State C) using equipment designed in State D and manufactured in State E. If personal harm occurs, the patient’s claim potentially involves both types of liability and five legal systems. To the extent that a dispute concerning product liability and/or health professionals’ liability in the context of telemedicine touches upon different legal orders, private international law issues come into play. Based on the distinction between product liability and health professionals’ liability, the following sections assess the extent of substantive harmonisation achieved at EU-wide level and the role played by the general instruments of EU private international law to address potential conflicts of jurisdiction and of laws.

IV. Product Liability

As far as liability for defective products is concerned, ever since the ‘80s the European Community has established harmonised rules through the Directive 85/374/EEC of the Council of 25 July 1985 on the approximation of the laws, regulations and administrative provisions of the Member States concerning liability for defective products.[10] The Directive has established the principle of objective liability – strict or faultless liability – of the producer/importer as well as of the supplier insofar as the producer/importer cannot be identified. The EU legislator considers the imposition of a strict liability regime upon producers to be “the sole means of adequately solving the problem, peculiar to our age of increasing technicality, of a fair apportionment of the risks inherent in modern technological production” (recital 2). When more than one person is liable for the same damage, joint liability applies and the injured person (e.g., the patient) is entitled to claim full compensation for the damage suffered by any one of the liable persons (art. 5). To establish liability for defective products, the injured person has to prove the damage, the defect and the causal relationship between defect and damage (art. 4), without being required to further demonstrate the existence of fault or negligence on behalf of the liable person. Producer’s liability may only be excluded or reduced under rather strict circumstances (arts 7 and 8). Member States shall provide in their legislation that a limitation period of three years applies to proceedings for the recovery of damages (the limitation period shall begin to run from the day on which the plaintiff became aware, or should reasonably have become aware, of the damage, the defect and the identity of the producer) as well as that the rights conferred upon the injured person shall be extinguished upon the expiry of a period of ten years from the date on which the producer put into circulation the actual product which caused the damage (arts 10 and 11). Moreover, the strict liability regime established under the Directive does not affect the rights granted to the injured person under the Member States’ rules of the law of contractual or non-contractual liability (art. 13).

The Product Liability Directive only applies to tangible products (art. 2). By contrast, it does not cover software and other intangible digital assets, which – as already mentioned – are of fundamental importance for the provision of telemedicine services.

Precisely to fill the regulatory gap concerning the liability for emerging digital technologies and AI-based systems, in 2018 the European Commission delivered an interesting Working Document[11] which was subsequently followed by the presentation in 2022 of a package of proposals for directives aiming to adapt the liability rules to the digital age. To that effect, the European Commission proposed the adoption of two distinct yet complementary directives, one dealing with liability for defective products and the other one with the liability for damages caused by AI systems. If adopted, both the proposed instruments will have the effect of integrating the EU legislation on the safety and performance of medical devices (including AI-based medical devices) envisaged by Regulation (EU) 2017/745 of the Council of 5 April 2017 on medical devices (Medical Device Regulation).[12]

As for the Proposal for a Directive on liability for defective products (repealing the 1985 Product Liability Directive),[13] the most relevant novelty for the purpose of the liability of providers of telemedicine healthcare services lies in the new concept of ‘product’, extended to “software and digital manufacturing files” (art. 4(1)). The overarching aim of the proposed Directive is to establish EU-wide uniform rules enabling persons who suffered personal or financial injury as a result of defective AI systems to more easily claim compensation from the supplier of the AI system or from the manufacturer who have integrated an AI system into another product. To that effect, art. 9 sets out particularly relevant provisions on the burden of proof. On one hand, it lays down the conditions under which the defectiveness of the product shall be presumed (art. 9(2)) and, on the other hand, it establishes the presumption about the existence of the causal link between the defectiveness of the product and the damage “where it has been established that the product is defective and the damage caused is of a kind typically consistent with the defect in question” (art. 9(3)).

The Proposal for a Directive on adapting non-contractual civil liability rules to AI[14] aims to complement the rules concerning liability for defective products by easing the burden of proof for claims grounded on national fault-based liability regimes and aimed at seeking redress from the damage caused by AI-based systems. The European Commission emphasises that “the measures provided in this Directive can fit without friction in existing civil liability systems, since they reflect an approach that does not touch on the definition of fundamental concepts like ‘fault’ or ‘damage’, given that the meaning of those concepts varies considerably across the Member States”. The Proposal covers the fault constituting non-compliance with certain listed requirements laid down in matter of security and fundamental rights (e.g., data governance) for providers and users of high-risk AI systems, the non-compliance with which can lead, under certain conditions, to a presumption of causality (recital 26).

IV.1.  Conflicts of Jurisdiction

In the absence of more specific EU legislation, the allocation of adjudicative jurisdiction between Member States’ courts over civil claims arising out of the alleged infringement of product liability rules in the context of telemedicine devices is governed by Regulation (EU) 1215/2012 of the European Parliament and of the Council of 12 December 2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters (recast) (Brussels I-bis).

As far as product liability disputes arising out of telemedicine devices are concerned, the Brussels I-bis Regulation is likely to simultaneously attribute jurisdiction to the courts of different Member States. If the relevant choice-of-court agreement (art. 25) does not confer exclusive jurisdiction or such an agreement had not been concluded at all, jurisdiction of the court seised could also be based on the defendant’s appearance in the forum (art. 26) or on the application of the special rules aimed at protecting the claimant as a weaker party in his relationship with the defendant, and precisely those applicable to consumer contracts (arts 17-19). More realistically, the injured party will have to resort, at his choice, either to the general forum of the defendant’s domicile (art. 4) or, since product liability disputes very often arise in the absence of a contract linking the interested parties, to the special forum delicti (art. 7 (2)). Art. 7 (2) applies to claims generally relating to “tort, delict or quasi-delict” and vests jurisdiction upon the courts of the place where the “harmful event” occurred or may occur, a notion that for distance torts encompasses both the place where the event giving rise to the damage (forum actus) and the place of the damage (forum damni).[15] As regard product liability torts claims, the ECJ case law has localised the forum actus at the place where the relevant product had been manufactured.[16] Admittedly, the forum actus very often does not offer any meaningful alternative for prospective plaintiffs to the general forum of the defendant’s domicile. By contrast, the forum damni may offer interesting alternatives for prospective plaintiffs, by often enabling them to bring proceedings in their own “home” forum and in other additional fora. For product liability torts, the ECJ case law seems to localise the forum damni in the place where the initial damage occurred as a result of the normal use of the product, provided that the relevant product was purposefully marketed in that place.[17]

A product liability claim could eventually be assigned by the injured individual to another person acting as a claimant or could be brought by a representative entity on the individual’s behalf (e.g., non-profit organisations or associations: so-called “collective redress”).[18] To this effect, the EU legislator has adopted the Directive (EU) 2020/1828 of the European Parliament and of the Council of 25 November 2020 on representative actions for the protection of the collective interests of consumers. The Directive lays down some minimum harmonisation rules by obliging the Member States to provide at least one procedural mechanism enabling representative entities that fulfil certain qualifying requirements to bring claims for injunction and compensation on behalf of individual consumers (arts 1-2, 4 and 7-9). This procedural mechanism must be available for claims arising out of alleged infringements of a long list of EU law instruments insofar as the infringement affects or may affect consumers’ general interests. Such a list includes inter alia the Medical Device Regulation. Since the Directive applies in principle to both domestic and transnational representative actions, it may to some extent facilitate the conditions under which injured persons may bring cross-border collective proceedings against e-Health services providers for alleged infringements of provisions of EU law on medical devices. Yet, the Directive neither affects the existing private international law rules on jurisdiction, choice of law and the recognition and enforcement of judgments nor establishes such rules (art. 2(3)). As such, the Brussels I-bis Regulation remains fully applicable with respect to collective product liability claims in the context of eHealth products and devices. Unfortunately, the Brussels I-bis Regulation has long been acknowledged in literature as being built upon a traditional conception of two-party proceedings, a tenet that the ECJ case law has carefully and constantly safeguarded.[19] For the time being, the only rule on jurisdiction enshrined in the Brussels I-bis Regulation that may constitute a solid ground of jurisdiction for collective redress proceedings is art. 4 (general forum of the defendant’s domicile). Although the forum damni under art. 7(2) as an alternative to the general rule based on art. 4 remains in principle available,[20] its application to collective redress proceedings suffers significant drawbacks primarily because of the consolidated principle in the ECJ case law that special jurisdiction needs to be determined independently and separately for each claimant and each claim.[21]

IV.2. Conflicts of Laws

The aforementioned instruments of EU law only address limited aspects of the several substantive legal issues relating to product liability in the context of eHealth and telemedicine products and devices. To the extent that uniform substantive rules had not been established at EU and international level, national courts of the EU Member States will have to solve conflicts between national product liability regimes primarily by reference to the general instruments of EU private international law, and most notably by reference to Regulation (CE) 864/2007 of the Council of 11 July 2007 on the law applicable to non-contractual obligations (Rome II Regulation).[22] Unlike the Brussels I Recast, the Rome II Regulation includes some provisions specifically applicable to matters of product liability (art. 5). The conflict-of-law rules enshrined in art. 5 are underlined by the “objectives of fairly spreading the risks inherent in a modern high-technology society, protecting consumers’ health, stimulating innovation, securing undistorted competition and facilitating trade” (recital 20). To strike a fair balance between these objectives, art. 5(1) provides for a cascade systems connecting factors, together with a foreseeability clause. Art. 5(1) only applies if the parties to the dispute have their habitual residence in different countries. If the parties habitually reside in the same country, the law of the parties’ common habitual residence applies (art. 4(2)).[23] Moreover, the lex causae identified by reference to the connecting factors under art. 5(1) may exceptionally be displaced by the law of another country with which the relevant tort is manifestly more closely connected in the light of all the circumstances of the specific case (art. 5(2)). The cascade of connecting factors identified in art. 5(1) is largely built upon the criterion of the “marketing” of the product. First of all, the law of the allegedly injured person’s habitual residence applies if the product was marketed in that country. If the injured person does not have his habitual residence within the country where the product was marketed, the law of the country of “marketing” applies when the product was acquired in that country (art. 5(1) (b)), or failing that, the damage occurred in that country (art. 5(1)(c)). In any event, the law applicable on the basis of art. 5(1)(a)-(c) is displaced by the law of the country where the alleged tortfeasor habitually resides if he could not reasonably foresee the circulation of the product in either of the countries mentioned under letters (a)-(c) (art. 5(1-2)). The applicable law will determine the basis and the extent of liability, the level of compensation and the nature and the assessment of the damage.

V.  Health Professional’s Liability

The concept “health professional’s liability” should be understood widely as to encompass the liability arising from “medical treatment”, that in turn encompasses all health measures aimed at improving the patient’s health conditions. As such, health professional’s liability encompasses the liability arising from both health professionals’ misconducts (e.g., wrongful diagnosis and/or operative errors in practicing the relevant treatment) and from more structural and organisational deficiencies of the healthcare facilities (e.g., shortages of medical staff and/or inadequate organisational choices).

The health professional’s civil liability arising from health treatments provided through telemedicine raises delicate and complex substantive legal issues in a cross-border context. Typical substantive legal issues which could arise include issues about apportionment of liability between the health professionals and the producers of telematic devices/services (e.g., failure of the health treatment because of the device’ loss of connectivity), the extent of health professionals’ discretion in choosing between a conventional treatment or a treatment based on ICTs devices, issues about the type and the extent of fault required for establishing the health professional’s liability and whether or not reliance on telemedicine should require different insurance regimes than those applicable to conventional medicine.

The Directive on cross-border healthcare contains some helpful provisions, albeit clearly not solving all substantive legal issues that could arise in connection with the cross-border provision of telemedicine services. The Directive lays down certain obligations for the Member State where the health treatment is provided (the “Member State of treatment”) i.e., in telemedicine, “the Member State where the healthcare provider is established” (art. 3(1)(d), second sentence). As such, with respect to telemedicine services the Directive seems to establish a legal fiction according to which the patient should be treated as if he or she has moved from the territory of the Member State where the treatment was actually provided to the Member State of establishment of the healthcare’s provider. According to the Directive, “taking into account the principles of universality, access to good quality care, equity and solidarity, cross-border healthcare shall be provided in accordance with: (a) the legislation of the Member State of treatment; (b) standards and guidelines on quality and safety laid down by the Member State of treatment; and (c) Union legislation on safety standards” (art. 4(1)). The Directive then specifies that the Member State of treatment shall ensure that “healthcare providers provide relevant information to help individual patients to make an informed choice, including on treatment options, on the availability, quality and safety of the healthcare they provide in the Member State of treatment and that they also provide clear invoices and clear information […] on their insurance cover or other means of personal or collective protection with regard to professional liability”; that “there are transparent complaints procedures and mechanisms in place for patients, in order for them to seek remedies in accordance with the legislation of the Member State of treatment if they suffer harm arising from the healthcare they receive” and that “systems of professional liability insurance, or a guarantee or similar arrangement that is equivalent or essentially comparable as regards its purpose and which is appropriate to the nature and the extent of the risk, are in place for treatment provided on its territory” (art. 4 (2b-d)). Patients should receive from the national contact point of the Member State of treatment, upon request, 1) relevant information on the standards and guidelines on quality and safety laid down by the Member State of treatment, “including provisions on supervision and assessment of healthcare providers, information on which healthcare providers are subject to these standards”; 2) “relevant information to help individual patients to make an informed choice, including on treatment options, on the availability, quality and safety of the healthcare they provide in the Member State of treatment and that they also provide clear invoices and clear information on prices, as well as on their authorisation or registration status, their insurance cover or other means of personal or collective protection with regard to professional liability” (art. 4(2)(a) and 4(2)(b)). Failure to provide such information could also have a role in establishing the liability of actors involved in the provision of cross-border healthcare services.

Intermediary healthcare service providers are subject to the provisions of the eCommerce Directive establishing a gradual liability scheme for intermediaries of information society services (arts 12-15). Patients may indeed have an interest in suing intermediary healthcare service providers, rather than persons or entities directly responsible for making available certain contents or information on a given Internet-based device (e.g., producers or designers). Thus, for instance, when the harm suffered by the patient is due to the loss of online connectivity of the relevant telemedicine device, liability for such harm could also lie upon the competent Internet service provider and not only upon the relevant producer or designer of the relevant Internet-based telemedicine devices.

Nevertheless, the protective provisions set forth in the Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, are not applicable to patients of healthcare services. Indeed, the Directive explicitly excludes contracts for the provision of healthcare services from its scope of application (art. 3 (3b)) on the ground that “healthcare requires special regulations because of its technical complexity, its importance as a service of general interest as well as its extensive public funding” (recital 30).

V.1.   Conflicts of Jurisdiction

Matters of international jurisdiction are not specifically dealt with by both the Directive on cross-border healthcare (art. 2(q)) and the eCommerce Directive (art. 1(4) and recital 23). Accordingly, international jurisdiction over civil claims arising out of health professionals’ liability in the context of telemedicine should, once again, be determined by reference to the Brussels I-bis Regulation.

With the view of providing guidance on how the Brussels I-bis Regulation should apply to those claims, the European Commission draws a distinction between three different scenarios involving the cross-border provision of telemedicine services.[24] In all three scenarios claimants may generally avail themselves of jurisdiction at the general forum of defendant’s domicile (art. 4 Brussels I-bis) as well as of the jurisdiction of courts identified through a choice-of-court agreements eventually concluded with the other party (art. 25). Besides these fora, the applicable grounds of jurisdiction under the Brussels I-bis Regulation will depend on the nature of the legal relationship existing between the relevant parties. The first scenario identified by Commission relates to situations where cross-border telemedicine involves health professionals/physicians and other eHealth providers only (i.e., professional-to-professional relationships). In this scenario, the claimant may avail himself of the forum contractus for services contracts (art. 7 n.1(b)), so that he or she will be able to bring proceedings before the court of the place where, under the contract, the services were provided or should have been provided. The second scenario relates to legal relationships between healthcare professionals and patients (professional-to-patient relationships). According to the Commission, the patient, to the extent the professional’s activity is directed to the Member State of the patient’s domicile, may avail himself of jurisdiction of the courts of the Member State of his domicile pursuant to protective rules on jurisdiction applicable to consumer contracts (art. 18 (1)). If the professional does not “direct” its activities to the patient’s domicile, the patient may avail himself of the jurisdiction of the competent court pursuant to the forum contractus for services contracts (art. 7(1)(b)). The third and last scenario considered by the Commission is the legal relationship between a patient and a specialist consulted by the reference professional (who, for example, for a more accurate interpretation, sends him the images on the basis of a teleradiology services contractual relationship between the hospitals to which they belong). In this situation the patient may avail himself of the forum delicti (art. 7(2)). According to the Commission, the place where the event giving rise to the damage occurred (forum actus) should be localised in the Member State where the professional is located when delivering the service, whereas the place where the damage occurred (forum damni) shall be located in the Member State where the patient was located when he received the medical advice or treatment.

In some parts the reconstruction made by the Commission might not be entirely convincing and its solidity could be questioned. First of all, such a reconstruction is based on the undemonstrated assumption that the relationship between the patient and the healthcare professional is to be generally characterised as “contractual” in nature. Yet, comparative legal analysis would not so decisively point towards a “contractual” characterisation of such a relationship. In any event, it should also be emphasised that professional-to-patient relationships are increasingly mediated by healthcare institutions and infrastructures (either public or private), so that a contractual relationship could eventually be deemed to exist, if at all, between the patient and the healthcare institution, rather than between the patient and professional practicing within such an institution. Traditionally, in the Italian legal system medical liability was characterised as “non-contractual”. In more recent times, that system has to some extent moved towards a “contractualisation” of medical liability. This is especially the case for relationships involving patients and self-employed physicians, on one hand, and relationships involving patients and healthcare institutions, on the other hand. Yet, under the Italian legal system, the “non-contractual” characterisation of medical liability persists as regard relationships between patients and physicians acting as employees of healthcare institutions. Regardless of the foregoing, admittedly, it seems hardly feasible to identify a common ground among different EU Member States about the contours of medical liability and its characterisation as “contractual” or “non-contractual”. For drawing the line between “contractual” and “non-contractual” matters within the general instruments of EU private international law, the ECJ qualifies as “contractual” any “legal obligation freely consented to by one person towards another” and defines “non-contractual” matters negatively and residually as encompassing “all actions which seek to establish the liability of a defendant and are not related to a contract”. On this basis, the ECJ case law generally suggests a preference for the “contractual” characterisation.[25] However, the ECJ has not yet been specifically faced with issues relating to the characterisation of medical liability, nor any clear guidance on this issue may be inferred from its general case law. Even if it is to be assumed that medical liability should be characterised as “contractual” in nature from the perspective of EU private international law, further doubts may arise as regard to the characterisation of the contract for the provision of healthcare services as a “consumer” contract. The outright solution of characterising patients as a “consumers” pursuant to Brussels I-bis Regulation, as pointed out to by the Commission, might be deemed hardly reconcilable with the contextual approach followed by the ECJ in this respect.[26] Moreover, the solution of characterising contracts for the provision of healthcare services as “consumer” contracts could also be questioned in the light of the EU’s legislator choice under Directive on consumer rights to exclude contracts for the provision of healthcare services from its scope of application because of the specificities of the healthcare sector.

As for the figure of the doctor consulted, it is not excluded that it could be equated to the auxiliary, so that the structure/consultant doctor would be liable for any damage. Finally, we cannot ignore the need – felt in many States – to curb the excess of responsibility to which the medical profession is exposed, while at the same time contrasting the excess of defensive medicine practices. In fact, an increasing number of systems (including France and Belgium) envisage alternative social security systems which – as already the Product Liability Directive – disregard the ascertainment of non-fulfilment or fault (so-called no-fault systems), favor the compensatory function of the damage (to the detriment of the deterrent one) and are characterised by quantitatively lower refreshments.

V.2.  Conflict of Laws

In the absence of a uniform substantive regulation of health professionals’ liability at EU level, conflict of laws matters will to a large extent have to be solved again by reference to the general instruments of EU private international law. On one hand, the Directive on cross-border healthcare applies “without prejudice to […] Union rules on private international law […]” (art. 2(q)). On the other, the eCommerce Directive does not establish additional private international law rules but simply requires the Member States to ensure that, within eCommerce Directive’s “coordinated field”, providers of ISS are not “made subject to stricter requirements than those provided for by the substantive law in force in the Member State in which the service provider is established”.[27]

According to the Commission,[28] in contractual relationships between healthcare professionals the applicable law may be identified through a choice-of-law agreement entered by the parties (art. 3 Rome I Regulation). Failing that, the law of the Member State where the service provider has his habitual residence will apply (art. 4(1)(b)), intended as his principal place of business (art. 19(1)).

The Commission does not mention it, but it could also be thought of using the exception clause by invoking the ubiquity of the e-Health service and the closest connection with the patient's country of residence: this solution would make it possible to avoid possible conflicts of the law of the place of business of the service provider with the law of the patient's habitual residence, and to have to verify the presence of mandatory rules in this last law, pursuant to art. 9 (such as, for example, rules that prohibit the provision of certain services exclusively by telemedicine, in the diagnosis and/or treatment phase, with the consequence that the provision of those services would be unlawful pursuant to art. 9(3)).

On the other hand, in the case of a relationship between professional and patient, the Commission considers the protective rules for consumers applicable under art. 6 Rome I Regulation which recalls the law of the country where the consumer has his habitual residence (art. 6(1) Rome I Regulation), however leaving the parties the possibility to choose the applicable law, provided that such a choice hasn't the result of depriving the consumer of the protection afforded to him by provisions that cannot be derogated from by agreement by virtue of the law of the country where the consumer has his habitual residence (art. 6(2) Rome I Regulation). However, if the healthcare professional does not direct his activities to the Member State where the patient has his habitual residence, the general rules that recall the law chosen by the parties are applicable (on the basis of art. 6(3) Rome I Regulation) or, failing that, the law of the country where the trader has his principal place of business (arts 3 and 4(1)(b) Rome I Regulation).

In a non-contractual relationship, unless the parties have chosen the applicable law (according to art. 14 Rome II Regulation), the law of the country in which the damage occurs - irrespective of the country in which the event rise giving to the damage occurred, and of the country in which the indirect consequences of that event occur – is applicable (art. 4(1) Rome I Regulation). It should be noted that art. 17 (“Rules of safety and conduct”) paves the way for the application of the good professional standards (leges artis) of the place where the damage occurred (lex loci damni). Finally, the scope of the applicable insurance contract or of the insurance regime with regard to cross-border situations will come into play.

The Commission does not mention the possible intervention of overriding mandatory rules of the forum (arts 9 Rome I and 16 Rome II Regulations), of rules of safety and conduct in force at the place of the event giving rise to the liability (art. 17 Rome II Regulation) and of public policy exceptions (arts 21 Rome I and 26 Rome II Regulations). But above all the Commission solves the question scholastically, neglecting the problems of qualification already pointed out with regard to jurisdiction. Rome I and II Regulations also do not solve the problem of the combination of both contractual and non-contractual liability. In this regard, the secondary connection provided for by the art. 4(3) Rome II could come into play: after providing for the exceptional application of the law of the country with which the tort has the closest connection, it is specified that “a manifestly closer connection with another country might be based in particular on a pre-existing relationship between the parties, such as a contract, that is closely connected with the tort/delict in question”. This solution is particularly interesting for Member States whose legal system allows both contractual and non-contractual obligations between the same parties. “By having the same law apply to all their relationships, this solution respects the parties' legitimate expectations and meets the need for sound administration of justice. On a more technical level, it means that the consequences of the fact that one and the same relationship may be covered by the law of contract in one Member State and the law of tort/delict in another can be mitigated”.[29] Thus, the non-contractual liability of healthcare professionals could be absorbed by the lex contractus, which would thus govern both contractual and non-contractual liability.

VI. Conclusions

Telemedicine and eHealth services raise a wide range of complex substantive legal issues. These complexities are further exacerbated by the ever-changing shape of the digital environment, last but not least in the light of the rapid spread of AI-based systems and related technologies. The challenging regulatory choices needed to adequately cope with the digital transformation of the healthcare sector become tremendously more pronounced when the provision of healthcare services based on ICTs bridges national borders. Private international law is generally understood as a discipline aimed at enabling the interoperability of diverse (unharmonised) legal orders. In recent years the EU legislator has undoubtedly presented itself as a particularly active player in harmonising the Member States’ substantive regimes on civil liability, last but not least in the light of 2022 package of proposals aimed at adapting liability rules to the AI-based digital ecosystems. Yet, the path of deepening substantive harmonisation is deeply unlikely to result in complete EU-wide standardisation of national civil law regimes, primarily because of structural limitations of the EU legal order as a hybrid system based on the principle of conferral as well as on the coexistence of elements of supranationalism and national sovereignty. Against this background and despite their technologically neutral approach, the general instruments of EU private international law have, for the time being, proved to be rather resilient and relatively fit for accommodating diverse legal orders in the digital age. Yet, their interaction with cross-border telemedicine services remains to some extent complex and uncertain, last but not least in the light of the uncertain characterisation of medical liability. If the widespread deployment of eHealth is truly meant to be achieved within the EU, consistently with the position seminally expressed by the European Commission back in the 2010 Digital Agenda for Europe, private international law issues of eHealth should not be neglected. Quite on the contrary, delivering sound guidance on how the general instruments of EU private international are meant to govern cross-border eHealth services should remain a critical priority to achieve interoperability of eHealth in Europe to the benefit of EU citizens, the EU Member States’ healthcare sectors and medical research.

European Papers, Vol. 8, 2023, No 3, European Forum, Insight of 04 March 2024, pp. 1539-1554
ISSN 2499-8249 - doi: 10.15166/2499-8249/729

* Professor of International Law, University of Pavia,

[1] World Health Organization, Global strategy on digital health 2020-2025, Digital health is fully part of the Third Sustainable Development Goal of the 2030 Agenda for Sustainable Development (General Assembly, Resolution, Transforming Our World: the 2030 Agenda for Sustainable Development, 2015, A/RES/70/1).

[2] Communication COM(2010) 245 final from the Commission of 19 May 2010 on A Digital Agenda for Europe.

[3] E.g. Case C-255/09 Commission v. Portugal ECLI:EU:C:2011:695.

[4] Communication COM(2018) 233 final from the Commission of 25 April 2018 on enabling the digital transformation of health and care in the Digital Single Market; empowering citizens and building a healthier society. Regarding the more general One Health approach see F Coli and H Schebesta, ‘One Health in the EU: The Next Future?’ (2023) European Papers 301.

[5] See Commission Staff Working Document SWD(2014) 135 final of 10 April 2014 on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document Green Paper on mobile Health (mHealth); Commission, Green Paper on mobile Health (mHealth), COM(2014) 219 final, 10 April 2014.

[6] Communication COM(2008) 689 from the Commission of 4 November 2008 on telemedicine for the benefit of patients, healthcare systems and society, 3.

[7] Already at the end of the ’90s the ECJ made clear that medical services fall within the concept of “service” within the meaning of Art. 57 TFEU, regardless of how the service is delivered; see e.g. Case C-158/96 Kohll v Union des caisses de maladie ECLI:EU:C:1998:17.

[8] In this respect, the main problem is whether or not telemedicine service providers have to be licensed/registered in the Member States where the patients are located. Besides the eCommerce Directive and the Directive on cross-border healthcare, the Directive 2005/36/EC of the European Parliament and of the Council of 7 September 2005 on the recognition of professional qualifications also applies to telemedicine services insofar as health professionals practice a regulated profession under the laws of a Member State.

[9] For an analysis of the issues related to the applicable data protection law see, among others, JD Lüttringhaus, ‘Doctors Without Borders? The Law Applicable to Cross-Border eHealth Services and AI-Based Medicine’ in M Corrales Compagnucci and M Lowery Wilson (eds), AI in eHealth: Human Autonomy, Data Governance and Privacy in Healthcare (Cambridge University Press 2022) 311-333, 317 ff. See also Commission, Proposal for a Regulation of the European Parliament and of the Council on the European Health Data Space, COM(2022) 197 final, 3 May 2022.

[10] Subsequently amended by Directive 1999/34/EC of the European Parliament and of the Council of 10 May 1999 amending Council Directive 85/374/EEC on the approximation of the laws, regulations and administrative provisions of the Member States concerning liability for defective products.

[11] Commission Staff Working Document SWD (2018) 137 final of 25 April 2018 on “Liability for emerging digital technologies”.

[12] For an analysis see S Palmieri, P Walraet and T Goffin, ‘Inevitable Influences: AI-Based Medical Devices at the Intersection of Medical Devices Regulation and the Proposal for AI Regulation’ (2021) European Journal of Health Law 341. The Medical Devices Regulation makes clear that software is included among the medical devices covered by the Regulation’s scope of application when the software manifests itself as a stand-alone medical device or when is integrated in a medical device based on AI systems.

[13] Commission, Proposal for a Directive on liability for defective products, COM(2022) 495 final, 28 September 2022.

[14] Commission, Proposal for a Directive on adapting non-contractual civil liability rules to artificial intelligence (AI Liability Directive), COM(2022) 496 final, 28 September 2022. See B Cappiello, AI-systems and Non-contractual Liability. A European Private International Law Analysis (Giappichelli 2022).

[15] Ever since the ECJ judgment in case 21/76 Handelskwekerij Bier/Mines de potasse d'Alsace ECLI:EU:C:1976:166 paras 12-25.

[16] Case C-45/13 Kainz ECLI:EU:C:2014:7 paras 26-29 and 33.

[17] Case C-189/08 Zuid-Chemie ECLI:EU:C:2009:475 paras 25-32; case C-343/19 Verein für Konsumenteninformation ECLI:EU:C:2020:534 paras 32-40.

[18] See generally A Pato, Jurisdiction and Cross-Border Collective Redress: A European Private International Law Perspective (Hart Publishing 2019).

[19] E.g. TMC Arons, ‘Cross-border dimension of collective proceedings in the Brussels Ibis regime: jurisdiction, lis pendens and related actions’ in P Mankowski (ed), Research Handbook on the Brussels Ibis Regulation (Edward Elgar Publishing 2020) 1-39; F Rielaender, ‘Aligning the Brussels Regime with the Representative Actions Directive’ (2022) ICLQ 107.

[20] E.g. Case C-167/00 Henkel ECLI:EU:C:2002:555.

[21] Case C-147/12 ÖFAB ECLI:EU:C:2013:490 para. 58; case C-498/16 Schrems ECLI:EU:C:2018:37 para. 48.

[22] Some EU Member States (France, Spain, Croatia, Slovenia, Finland, the Netherlands and Luxembourg) have ratified the Hague Convention on the Law Applicable to Products Liability of 2 October 1973 (so-called “Hague Products Liability Convention”). Under art. 28 para. 1 Rome II, this Convention takes precedence over the Rome II Regulation.

[23] Art. 5 Rome II Regulation applies “without prejudice to Article 4(2)”.

[24] Commission Staff Working Document SWD(2012) 414 final of 6 December 2012 on the applicability of the existing EU legal framework to telemedicine services, 24 ff.

[25] Under the Brussels I regime see, e.g., case C-26/91 Handte v TMCS ECLI:EU:C:1992:268 para 15; case C-189/87 Kalfelis v Schröder and Others ECLI:EU:C:1988:459 para 18. In literature, M Requejo Isidro, E Wagner and M Gargantini, ‘Art 7’ in M Requejo Isidro (ed), Brussels I bis: A Commentary on Regulation (EU) No 1215/2012 (Edward Elgar Publishing 2022) 94-103 and 112-115.

[26] S Law, ‘Art. 17’ in M Requejo Isidro (ed), Brussels I Bis: A Commentary on Regulation (EU) No 1215/2012, cit., 253 ff.

[27] Case C-509/09 eDate Advertising e a. ECLI:EU:C:2011:685 para. 67.

[28] Commission Staff Working Document SWD(2012) 414 final cit. 26 ff.

[29] Commission, Proposal for a Regulation of the European Parliament and the Council on the law applicable to non-contractual obligations (“Rome II”), COM(2003) 427 final, 22 July 2003, sub art. 3 “General exception and secondary connection”.




European Forum



Forum Européen



Forum europeo



Foro Europeo