OIG Has Seven (Yes Seven!) Different National Telemedicine Audits

Companies who feel the Public Health Emergency (PHE) waivers and exceptions have rendered telemedicine “immune” from compliance oversight might be surprised to learn what federal regulators have in the works. The Office of Inspector General (OIG) at the Department of Health & Human Services (HHS) is conducting at least seven different national audits, evaluations, and inspections of telemedicine services under the Medicare and Medicaid programs. The audits will also review remote patient monitoring, virtual check-ins, and e-visits. OIG previously issued a report in 2018 on Medicare telehealth billing, using only a small sample size but finding a 31% error rate of claims that did not meet the Medicare requirements for payment for telehealth services. Providers who have begun or increased billing to federal healthcare programs for telehealth services since the inception of the Public Health Emergency should expect those claims to be subject to OIG review.

On February 26, 2021, OIG published a statement on telehealth and fraud concerns, explaining “OIG is conducting significant oversight work assessing telehealth services during the public health emergency.”  The goal of these reviews is to ensure “telehealth delivers quality, convenient care for patients and is not compromised by fraud.” 

OIG Active Work Plan Items

The OIG Work Plan contains dozens of projects affecting Medicare and Medicaid providers, suppliers and payers. The Work Plan reflects (in large part) two aspects of the work of the OIG: 1) Projects originating within the Office of Audit Services (OAS), which conducts financial, billing, and performance audits of HHS programs; and 2) Projects originating within the Office of Evaluations and Inspections (OEI), which provides management reviews and evaluations of HHS program operations. Except by providing general statistics, the Work Plan itself does not detail the work of the Office of Investigations or the Office of Counsel to the Inspector General in investigating and enforcing matters involving specific individual providers and suppliers. In other words, the Work Plan generally reflects a focus on sector performance, rather than that of specific entities, although as noted below the audits may result in the identification of overpayments for specific entities. 

The current OIG telemedicine projects are listed and linked below:

• Audit of Home Health Services Provided as Telehealth During the COVID-19 Public Health Emergency. In this report, OIG will evaluate home health services provided by home health agencies (HHAs) during the PHE to determine which types of skilled services were furnished via telehealth, and whether those services were administered and billed in accordance with Medicare requirements. OIG will report as overpayments any services that were improperly billed. The results of this report are expected to be published in 2022.
• Audits of Medicare Part B Telehealth Services During the COVID-19 Public Health Emergency. In this report, OIG will conduct a series of audits of Medicare Part B telehealth services in two phases. Phase one audits will focus on making an early assessment of whether services such as evaluation and management, opioid use disorder, end-stage renal disease, and psychotherapy meet Medicare requirements. Phase two audits will include additional audits of Medicare Part B telehealth services related to distant and originating site locations, virtual check-in services, electronic visits, remote patient monitoring, use of telehealth technology, and annual wellness visits to determine whether Medicare requirements are met. The results of this report are expected to be published in 2022.
• Home Health Agencies’ Challenges and Strategies in Responding to the COVID-19 Pandemic. In this report, OIG will provide insights into the strategies HHAs have used to address the challenges presented by COVID-19, including implementing telehealth to treat patients remotely, addressing staffing shortages, how well their emergency preparedness plans served them during the COVID-19 pandemic. The results of this report are expected to be published in 2022.
• Medicare Telehealth Services During the COVID-19 Pandemic: Program Integrity Risks. In this report, OIG will identify program integrity risks associated with Medicare telehealth services during the pandemic. OIG will analyze providers’ billing patterns for telehealth services, and will describe key characteristics of providers that may pose a program integrity risk to the Medicare program. The results of this report are expected to be published in 2021.
• Use of Medicare Telehealth Services During the COVID-19 Pandemic. In this report, OIG will examine the use of telehealth services in Medicare Parts B (non-institutional services) and C (managed care) during the COVID-19 pandemic. OIG will look at the extent to which telehealth services are being used by Medicare beneficiaries, how the use of these services compares to the use of the same services delivered in-person, and the different types of providers and beneficiaries using telehealth services. The results of this report are expected to be published in 2021.
• Medicaid: Telehealth Expansion During COVID-19 Emergency. In this report, OIG will determine whether or not Medicaid agencies and providers complied with federal and state requirements for telehealth services under the national emergency declaration, and whether the states gave providers adequate guidance on telehealth requirements. The results of this report are expected to be published in 2021.
• Use of Telehealth to Provide Behavioral Health Services in Medicaid Managed Care. In this report, OIG will analyze how state Medicaid programs and managed care organizations (MCOs) use telehealth to provide behavioral healthcare. OIG will review selected states' monitoring and oversight of MCOs’ behavioral health services provided via telehealth and identify practices on how to maximize the benefits and minimize the risks of providing behavioral healthcare via telehealth. The results of this report are expected to be published in 2021.

The PHE triggered rapid growth in telemedicine, remote patient monitoring, and other virtual care services for many healthcare organizations. Some organizations were better prepared to scale than others, and now is a wise time to consider an internal operational review, particularly in light of the OIG’s robust audits. For example, companies that started billing Medicare for the first time during the PHE could benefit from conducting a self-assessment to evaluate if sufficient compliance safeguards are in place (e.g., does the company have a compliance program, does the company have proper HIPAA policies, does the company understand and comply with Medicare billing rules, are the contracts compliance with fraud and abuse laws, etc.). And established organizations that recently expanded into new geographic areas can review issues such as enrollment and interjurisdictional claim submission, state clinician licensing and exceptions, and Drug Enforcement Administration (DEA) registration requirements.

Telemedicine vs. Telefraud

In the last few years, OIG has conducted several large investigations of “fraud schemes that inappropriately leveraged the reach of telemarketing schemes in combination with unscrupulous doctors conducting sham remote visits to increase the size and scale of the perpetrator's criminal operations.”  OIG recognizes these arrangements do not involve the legitimate use of telemedicine technology to deliver medical care.  Indeed, OIG refers to these as “telefraud” schemes, noting “it is important to distinguish those schemes from telehealth fraud.”  In contrast to “telefraud” schemes, OIG has studied how telehealth can be an important tool to improve patient access to behavioral health services.  OIG even issued a policy statement and a fact sheet explaining that “physicians and practitioners do not risk enforcement action if they waive any cost-sharing for telehealth visits during the Public Health Emergency.”

Conclusion

OIG work plan items help shed light on those areas the government believes important and will focus on in the coming months. Telemedicine companies with foresight can use this time now to take practical steps to help ensure their services, operations, and billing practices adhere to Medicare and Medicaid requirements. Keep in mind: the PHE will eventually expire, and with it the many waivers and exceptions to telemedicine rules. A few efforts taken now can help reduce the risk a company will find itself on the receiving end of an overpayment demand or a False Claims Act investigation.

Want to Learn More?

• Top Five New Telehealth Policies in Medicare 2021 in Physician Fee Schedule
• Report: CMS Paid Practitioners for Telehealth Services That Did Not Meet Medicare Requirements

For more information on telemedicine, telehealth, and virtual care innovations, including the team, publications, and other materials, visit Foley’s Telemedicine Practice.