UPDATE: Telehealth in a Changing World – Mitigating Risks

In 2020, we published an eAlert titled “Telehealth in a Changing World - Trending Risks and How to Minimize Potential Exposure.” As we predicted would happen, the government has become acutely focused on telehealth fraud. As a result of this increased focus, we updated our original eAlert in 2021: “UPDATE: Telehealth in a Changing World - Lessons Learned.”

To recap, the COVID-19 pandemic brought new challenges and opportunities regarding health care access and delivery methods. Federal regulations concerning telehealth were relaxed, which led to a continuing increase in remote health care services. According to the United States Department of Health and Human Services (HHS), “beneficiaries used 88 times more telehealth services during the first year of the pandemic than they did in the prior year.”

Unsurprisingly, nefarious actors used this expansion as an opportunity to commit fraud, waste and abuse when billing for telehealth services and, as we suspected, the federal government has renewed its commitment to end such conduct.

In July of this year, HHS, through the Office of Inspector General (OIG), released a Special Fraud Alert advising providers to exercise caution when entering arrangements with purported telehealth companies. The alert was based on information that the OIG learned from dozens of investigations of fraud schemes involving companies that purported to provide telehealth, telemedicine or telemarketing services.

One common element of these schemes is the way telehealth companies have used kickbacks to aggressively recruit and reward clinicians to further the fraud schemes. Generally, the telehealth companies arrange with clinicians to order or prescribe medically unnecessary items and services for individuals who are solicited and recruited by the telehealth companies. In many of these arrangements, the telehealth companies pay clinicians in exchange for ordering or prescribing items or services (1) for purported patients with whom the clinicians have limited, if any, interaction and (2) without regard to medical necessity. Such payments are sometimes described as payment per review, audit, consult or assessment of medical charts. The telehealth companies often tell clinicians that they do not need to contact the purported patient or that they only need speak to the purported patient by telephone. In addition, clinicians are not given an opportunity to review the purported patient’s real medical records. Furthermore, the telehealth companies may direct clinicians to order or prescribe a preselected item or service, regardless of medical necessity or clinical appropriateness. In many cases, the telehealth companies sell the order or prescription generated by clinicians to other individuals or entities that then fraudulently bill for the unnecessary items and services.

In the Special Fraud Alert, the OIG set forth the following list of suspect characteristics that could suggest that an arrangement between a healthcare provider and a telehealth company could pose a heightened risk of fraud and abuse:

• The purported patients for whom the practitioner orders or prescribes items or services were identified or recruited by the telemedicine company, telemarketing company, sales agent, recruiter, call center, health fair, and/or through internet, television or social media advertising for free or low out-of-pocket cost items or services.
• The practitioner does not have sufficient contact with or information from the purported patient to meaningfully assess the medical necessity of the items or services ordered or prescribed.
• The telemedicine company compensates the practitioner based on the volume of items or services ordered or prescribed, which may be characterized to the practitioner as compensation based on the number of purported medical records that the practitioner reviewed.
• The telemedicine company only furnishes items and services to federal health care program beneficiaries and does not accept insurance from any other payor.
• The telemedicine company claims to only furnish items and services to individuals who are not federal health care program beneficiaries but may in fact bill federal health care programs.
• The telemedicine company only furnishes one product or a single class of products (e.g., durable medical equipment, genetic testing, diabetic supplies or various prescription creams), potentially restricting a practitioner's treating options to a predetermined course of treatment.
• The telemedicine company does not expect practitioners (or another practitioner) to follow up with purported patients nor does it provide practitioners with the information required to follow up with purported patients (e.g., the telemedicine company does not require practitioners to discuss genetic testing results with each purported patient).

Health care providers should review their telehealth arrangements to determine whether one or more of these suspect characteristics are present so they may take proactive steps in the face of potential criminal or civil penalties.

Additionally, in September 2022, the OIG released a data brief identifying certain high risk billing practices from the first year of the pandemic. The report found that 1,714 providers consistently engaged in at least one inappropriate billing practice. For instance, “86 providers billed for an average of more than two hours of telehealth services per visit,” compared to a median of 21 minutes per visit, and “76 providers each billed for telehealth services for at least 2,000 beneficiaries in a year,” compared to the median of 21 beneficiaries for other providers. Further, 170 providers billed the highest rate possible for every patient. These providers received $127.7 million in potentially fraudulent Medicare payments.

The OIG used the following seven high-risk billing practices to identify potentially fraudulent actors:

1. Billing both a telehealth service and a facility fee for most visits.
2. Billing telehealth services at the highest, most expensive level every time.
3. Billing telehealth services for a high number of days in a year.
4. Billing both a Medicare fee-for-service and a Medicare Advantage plan for the same service for a high proportion of services.
5. Billing a high average number of hours of telehealth services per visit.
6. Billing telehealth services for a high number of beneficiaries.
7. Billing for a telehealth service and ordering medical equipment for a high proportion of beneficiaries.

Based on its findings, the OIG recommended that the Centers for Medicare and Medicaid Services (CMS):

1. Strengthen monitoring of telehealth services.
2. Provide additional education on appropriate billing.
3. Improve the transparency of “incident to” services.
4. Identify telehealth companies that bill Medicare.
5. Follow up on the providers identified in the report.

CMS concurred with the OIG’s recommendation to follow up on the providers identified in the report. While CMS did not explicitly concur with the remaining recommendations, there is a strong inference that CMS will also attempt to hold providers and suppliers accountable for improperly billed telehealth services.

What does this mean for you? Now is the time to protect your telehealth practice and learn about actions you can take to avoid becoming the subject of a telehealth fraud and abuse investigation.

• Beware of the OIG’s seven “red-flag” billing practices. Educate practitioners on the seven identified billing practices that are likely to bring your services to the government’s attention.
• Use caution when billing. Be careful not to bill for both a facility fee and a telehealth service for the same visit, and do not bill both Medicare fee-for-service and Medicare Advantage plans for the same services. Medicare requires certain services or procedures to be billed together, or “bundled.” When those certain services or procedures are billed separately, or “unbundled,” it can often give rise to fraud allegations under the federal False Claims Act.
• Ensure the services billed for are proper. All services provided must be medically necessary and actually rendered to patients.
• Beware of upcoding. Only bill for the level of complexity and duration of services provided. Consistently billing the highest levels may place you at risk of an investigation. As we previously discussed, providers must be wary not to blend visit types when billing for virtual care. Before the pandemic, evaluation and management (E&M) services required face-to-face encounters, and virtual check-ins/e-visits were rendered by way of telehealth technology. However, the expansion of telehealth services comes with the ability for providers to render E&M services via telehealth technology. Such services, however, will not include the exam component, and there will likely be heavier reliance on (1) elapsed time and (2) medical decision-making as the driving forces for code selection. Telehealth visits tend to be shorter in duration than in-person visits, and thus the billed time will also likely be lower. If billing for higher levels of services, the medical decision-making portion of documentation should reflect that higher levels of services were actually rendered. This is not just under the guise of complying with the federal government; commercial payers will likely also struggle with how to adjudicate the proprietary of billed telehealth claims.
• Update compliance programs. Develop consistent and clear billing policies for all providers in your practice. More than half of the providers identified by the OIG came from a medical practice where at least one other practitioner engaged in high-risk billing, so ensure all providers are well-educated on appropriate billing practices.

The rules are continuing to evolve. Some of what changed during the COVID-19 pandemic will remain in place permanently. To learn about actions providers of telemedicine services can take to safeguard their practices, please contact Katherine Pullen, Jeffrey Segal or another member of Warner’s Health Care Industry Group.

Warner’s Health Care Industry Group

Warner Norcross + Judd’s health care team understands your industry, and we are ready to help you navigate health care fraud and abuse laws and regulations in implementing your business goals. Additionally, our health care litigation team is here for providers and entities facing a dispute. Our experienced attorneys will guide you through the entire litigation process, from pre-dispute strategy planning to resolution. Our team has helped resolve countless disputes, including matters arising under the federal and state False Claims Acts, anti-kickback statutes, Stark law and FDA enforcement actions. We also counsel and help resolve licensing complaints, payer audits and appeals, DEA investigations and contractual disputes, and we regularly defend personal injury and medical malpractice actions and health care employment disputes.

Warner Associate Abby Cote contributed to this eAlert.