Live Webinar | Patient Access
Live Webinar | Finance and Business Strategy
Live Webinar | Finance and Business Strategy
Live Webinar | Finance and Business Strategy
News | Telemedicine

Implement these 6 safeguards against fraud accusations in telehealth

News | Telemedicine

Implement these 6 safeguards against fraud accusations in telehealth

During times of social distancing, telehealth has been essential for continuity of care. However, in the rush to implement the technology, providers may have overlooked one important detail: If they don’t follow coding, documentation and other requirements, they could be at risk for a post-payment recoupment or even payer accusations of fraud in the months ahead.

“When it comes to fraud, ignorance is not a defense,” said Jenna K. Godlewski, healthcare reimbursement and compliance attorney at Nexsen Pruet, LLC. “You need to know your payer policies.”

During the first month or so of COVID-19, payer telehealth policies changed frequently. If providers didn’t pay attention to these changes — or they don’t update their processes if/when policies change again — they could put themselves at risk for costly recoupments. In cases of fraud, they could face financial penalties, criminal punishment or even revocation or suspension of their medical licenses or Medicare privileges, Godlewski said.

Proactive telehealth compliance

The good news is there’s still time to correct errors and ensure compliance going forward. Consider these six telehealth vulnerabilities and how to avoid them:

1. Billing for telehealth visits that require audio and visual when a provider uses only audio

Although some payers, including certain Medicare Advantage plans, permit providers to render audio-only telehealth during the current public health emergency (PHE), many do not,

Godlewski said. Medicare, for example, requires the use of audio-visual technology for certain telehealth services and permits audio-only for others. Physicians can render a telehealth visit for advanced care planning using audio only, but they must use audio-visual technology for a new or established patient telehealth office visit.

“I think this will be a huge area of investigation,” Godlewski said.

Medicare will most likely investigate telehealth claims by sending questionnaires to beneficiaries asking them for feedback about their recent visit and whether they have a smartphone with audio-video capability, Godlewski said. The information the agency collects helps it deduce whether providers had a legitimate reason to bill telehealth that requires audio-visual communication, she adds.

In addition, Medicare and other payers send an explanation of benefits (EOB) for each service rendered. Beneficiaries may question why their provider billed an office visit when it was only a phone call and then reach out to their payer for clarification, said Toni Elhoms, CEO of Alpha Coding Experts, LLC. “It only takes one patient to question this, and Medicare may take a closer look at the provider’s billing,” she said.

How to be compliant: Document the specific technology platform used for the telehealth,  Elhoms said. If a provider uses audio-only technology for a patient with Medicare (or any other payer that hasn’t relaxed its audio-visual requirements during the current PHE), providers should bill a CPT code from the 99441-99443 range for telephone services.

If audio-visual technology fails during the telehealth visit and the payer doesn’t permit audio-only services,  it’s best to err on the side of caution and bill a code from the 99441-9443 range,  Elhoms said.

If necessary, submit corrected claims within the payer-specific timelines, said Godlewski. For Medicare, that timeline is 12 months from the date of service.

2. Upcoding

During the current PHE, Medicare and some commercial payers permit providers to assign codes for telehealth office visits based on time or medical decision-making. However, if documentation supporting the coding isn’t specific, payers may suspect upcoding, a practice in which a provider attempts to increase payment by assigning the wrong code. Payers also may downcode services and recoup payments, Godlewski said.

How to be compliant: Ensure detailed documentation, especially in the absence of a physical exam. How did the provider spend their time with the patient? What did they discuss and why? What is the patient’s level of risk? What data did the provider consider? What tests, if any, did they order?

Also be sure to include these additional details:

  • Patient’s location
  • Provider’s location
  • Method of communication
  • Names and roles of anyone participating in the encounter

3. Using a non-HIPAA compliant telehealth platform if or when waivers are no longer in effect

During the current PHE, Medicare and some commercial payers permit providers to use non-public facing audio or video communication products. However, experts agree that those waivers are likely temporary and that continued use of these platforms after waivers are lifted could subject providers to HIPAA penalties.

How to be compliant: Start looking for a HIPAA-compliant telehealth solution now, Elhoms said. It could take time — several weeks or more — to vet options, secure an agreement, adjust workflows and educate patients, she adds. In the meantime, make a good faith effort to protect patient privacy by enabling all available encryption and privacy settings, and notify patients of the increased risk of using non-HIPAA compliant technologies.

4. Ignoring state licensure requirements for telehealth

During the current PHE, some — but not all — states relaxed their licensure and scope of practice rules, Godlewski said. However, even well-intentioned providers could face violations if they or their patient are in a state that didn’t, she adds.

How to be compliant: Know the rules, and the effective dates of any waivers, Godlewski said. Then, look at each claim to determine whether the provider followed the appropriate rule for each date of service. If the provider violated the rules, they should submit a corrected claim within the payor’s time frame for filing.

Another option is to join the Interstate Medical Licensure Compact, Elhoms said. The Compact, which includes 29 states, the District of Columbia and the territory of Guam, streamlines the licensing process for physicians who want to practice in multiple states.

5. Billing telehealth when no services are rendered

Although nefarious providers may intentionally do this, it’s actually more common for it to occur unintentionally, Elhoms said. She provides this scenario: A telehealth appointment is scheduled, and on the day of the appointment, a medical assistant opens the record and pre-populates it with information from a previous visit. Then the patient forgets to attend the appointment, and a claim is generated even though no encounter occurred.

How to be compliant: Perform end-of-day charge reconciliation for telehealth visits, Elhoms said. Ensure that all charges include a supporting physician note and signature.

6. Failing to authenticate patient identity

Providers could unknowingly contribute to identity theft if they don’t authenticate patient identity before telehealth services are rendered. Although established patients may have a copy of their license or other ID on file, new patients don’t, making it easy for individuals to pose as someone else,  Elhoms said. “It’s not hard for fraudsters to come up with name, date of birth and address for another patient,” she said.

How to be compliant: Require patients to provide a picture of their ID when scheduling the telehealth visit online or ask patients to show their ID during the visit and document this in the note, Elhoms said.

About the Author

Lisa A. Eramo

is an HFMA contributor.

Sign up for a free guest account and get access to five free articles every month.


Related Articles | Telemedicine

News | Coronavirus

News Briefs: Federal vaccination requirements finalized for hospitals and most other healthcare settings

If a hospital’s staff aren’t fully vaccinated by Jan. 4, the organization will be deemed noncompliant with Medicare and Medicaid regulations, according to a new federal rule.

News | Telemedicine

Healthcare News of Note: 53% of U.S. adults say they prefer in-person healthcare to telehealth visits moving forward, survey says

Healthcare News of Note for healthcare finance professionals is a roundup of recent news articles: A majority of people prefer in-person healthcare to telehealth visits, patients have trouble grasping information during doctor visits, and Walmart taps an Ochsner exec to lead its healthcare expansion.

News | Strategic Planning

Annual Conference Day 3: Former VA Secretary David Shulkin explains what the healthcare industry can learn from a government agency

At HFMA’s Annual Conference, David Shulkin, former secretary of the Department of Veterans Affairs, explained why some of the VA’s strategies would serve the healthcare industry well if implemented in the private sector.

News | Medicare Payment and Reimbursement

Medicare's 2022 payment rule for physician services adds to a significant impending cut

CMS used the 2022 final rule for Medicare physician payments to offer accommodations on policies related to telehealth and more, but concerns loom about a large cut that's in the offing.