As the name implies, telemedicine is the application of information and communication technology in the delivery of healthcare services. The telemedicine business is fast becoming essential in Nigeria’s healthcare sector, thereby improving access, cutting costs, and expanding specialist reach. However, the legal landscape is still uncoordinated and fragmented. Currently, there is no single, dedicated telemedicine statute or legislation regulating this sub-sector in Nigeria. Therefore, founders need to navigate company law, health professional regulation, data protection rules, medical ethics standards, and consumer and financial regulations all at once to establish their business in this area. In this article, we will shed light on how to start a telemedicine business in Nigeria.
HOW TO START A TELEMEDICINE BUSINESS IN NIGERIA
1) Company Registration and Compliance
To start a telemedicine business in Nigeria, you are legally required to incorporate your business with the Corporate Affairs Commission (CAC), typically as a private company limited by shares. Your corporate structure affects licensing, tax, foreign participation rules, and professional responsibility. Where there is foreign participation, you would be required to comply with the necessary provisions of the Nigeria Investment Promotion Act and the Ministry of Interior to obtain the relevant permits and licenses.
2) Licences and Registrations
Telemedicine primarily involves the practice of medicine by licensed medical professionals. Hence, founders must deliver standard clinical care. Every physician, nurse, pharmacist, and other clinicians on your platform must be duly registered and licensed by the appropriate regulatory body Example, the Medical and Dental Council of Nigeria (MDCN), the Nigeria Nurses and Midwives Council, the Pharmacists Council of Nigeria, the Medical Laboratory Scientist Council of Nigeria, and other relevant professional regulatory bodies. If you engage pharmacies, diagnostics, or labs, verify their licences with the appropriate regulatory body.
3) Data protection and privacy
Telemedicine platforms must comply with the Nigeria Data Protection Act (NDPA) and any NDPC (Nigeria Data Protection Commission) guidelines. They are required to adopt robust policies for the collection, storage, processing, and cross-border transfer of health data under the NDPA. Practitioners and platforms are expected to implement privacy policies, lawful bases for processing, data-security measures, and data-subject rights procedures. Also, the Constitution provides for the right to privacy of its citizens.[1] Thus, telemedicine platforms fall under the purview of institutions that are to guarantee the realization of these rights.
NDPA obligations are a key component of telehealth compliance. The telemedicine platform must undergo an annual data protection audit as required by the NDPR. Where over 2,000 data subjects’ personal data is processed in 12 months, the audit report must be filed with the NDPC by March 15 each year through a licensed Data Protection Compliance Organisation (DPCO). Additionally, under the Medical Code, practitioners are obligated to maintain strict patient confidentiality, even after death.
4. Safety and Storage of Health Records
Health institutions have a legal responsibility to put in place measures for safeguarding against illegal access to health records of patients, including establishing control measures to prevent unauthorized access to storage facilities where these health records are kept. Failure to comply with the health institution and its employees shall be liable to 2 years imprisonment or less with an option of a fine of N250,000 (Two hundred and Fifty Thousand Naira).[2]Hence, telemedicine platforms must ensure they put in place preventive measures for the protection of patient health records.
5. Liability, Insurance, and Dispute Management
Telemedicine platforms face potential claims for negligence, misdiagnosis, and data breaches. To mitigate these risks, telemedicine platforms must obtain professional indemnity insurance for clinicians and cyber-insurance for data breaches. Also, they should establish clear terms of service and informed-consent processes that explain the scope and limits of remote care. Additionally, it is important to set up robust clinical governance, escalation, and referral pathways for effective dispute management.
6) Cybersecurity management
Digital health platforms are expected to maintain a robust cybersecurity system to safeguard sensitive health information and build user trust. This involves using advanced encryption, carrying out routine security checks, and having clear procedures for handling breaches. Compliance with the Cybercrimes (Prohibition, Prevention, etc.) Act is also mandatory.
7) Tax Compliance
Presently, medical services are exempted from Value Added Tax under the Nigeria Tax Act.[3] However, the telemedicine companies are still subject to other tax obligations; telemedicine platforms, online pharmacies, and other digital health providers registered in Nigeria are subject to the country’s business taxes. These include Companies Income Tax (for companies and LLPs) and Personal Income Tax. Under CITA, companies with an annual turnover between ₦25 million and ₦100 million are taxed at 20% of taxable profits, while those earning above ₦100 million are taxed at 30%. In addition, companies must file their income tax returns in Nigeria within six months after the end of their financial year.
8) Intellectual Property Protection
Telemedicine involves various innovations, such as artificial intelligence and machine learning tools for diagnosing and treating diseases, which raises important intellectual property (IP) issues. Providers and entrepreneurs must protect their IP rights, trade secrets, and proprietary technologies to maintain their competitive edge. In Nigeria, laws exist to protect both industrial property (like patents) and creative content (copyright). Proper IP protection in telemedicine not only prevents infringement but also creates opportunities to attract investment, secure funding, and support the commercialization of new technologies and services.
Conclusion
The telemedicine business is fast evolving. Yet, without a uniform or single legislation regulating operations and administration of these health care services, practitioners and founders are advised to comply with existing laws (NDPA, National Health Act, professional codes, and sectoral licensing) and follow best practices: strong data protection, clear clinical governance, and solid contracting when starting. Also, it is recommended that founders should engage legal and compliance experts early. Keep monitoring regulatory guidelines (NDPC, MDCN, PCN, Cybersecurity Act, Federal Ministry of Health) and refresh contracts and policies as rules develop.
For inquiries, you may reach out to us through the WhatsApp icon on this page or our email here, and we’ll attend to you.
[1] Section 37 1999 Constitution
[2] Section 29 National Health Act 2014
[3] Section 187 (l)
