OIG Telehealth Audits Ramping Up

OIG is scrutinizing providers specific to telemedicine.

They’re here: the audits of telehealth services provided during COVID.

When the COVID-19 pandemic began, no one imagined that it was here to stay – for more than a year and counting! Many thought it would take at most a couple of months for the outbreak to resolve and the stay-at-home orders, social distancing, and mask mandates to disappear. However, a year later, we continue to wear masks and maintain social distancing.

One positive aspect of the pandemic has been the opportunity to expand the use of telehealth, providing many individuals with easier access to healthcare services and allowing providers to care for patients in a safe environment. This expansion has also led to potential abuse concerns, spurring the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG) to publish a statement announcing that the OIG is conducting seven different audits, evaluations, and inspections of telehealth services under the Medicare and Medicaid programs. These audits are discussed below.

OIG is scrutinizing providers specific to telemedicine. These audits will review remote patient monitoring, virtual check-ins, and e-visits. In 2018, OIG issued a report regarding a 31-percent error rate of claims for telehealth – and that report was prior to the explosion of telemedicine in 2020 due to COVID. All providers that have billed telehealth during the public health emergency (PHE) should be prepared to undergo audits of those claims.

The aforementioned audit projects are as follows:

• Audits of behavioral healthcare telehealth in Medicaid managed care;
• Audits of Medicare Part B telehealth services during the PHE;
• Audits of home health services provided as telehealth during the PHE;
• Audits of home health agencies’ challenges and strategies in responding to the PHE;
• Medicare telehealth services during PHE (program integrity risks);
• Audits of telehealth services in Medicare parts B (non-institutional services) and C (managed care) during the COVID-19 pandemic; and
• Medicaid telehealth expansion during the PHE.

Recently added to the list of audits being performed by the OIG include Medicare payments for clinical diagnostic laboratory tests performed in 2020. OIG will also audit for accuracy of place-of-service codes on claims for Medicare Part B physician services when beneficiaries are inpatients under Part A. As always seems to be the case, home health and behavioral healthcare are big red targets for all audits. Over the pandemic, telehealth became the “new norm.” Audits on telehealth will be forthcoming, as noted. Specifically, in behavioral health, OIG announced that it will audit Medicaid applied behavior analysis for children diagnosed with autism.

Effective March 6, 2020, the Centers for Medicare & Medicaid Services (CMS) expanded telehealth with the 1135 waiver. Under this new waiver, Medicare can pay for office, hospital, and other visits furnished via telehealth across the country – including in patients’ places of residence. A range of providers, such as doctors, nurse practitioners, clinical psychologists, and licensed clinical social workers were suddenly able to offer telehealth to their patients. HHS-OIG is continuing to provide flexibility for healthcare providers to reduce or waive cost-sharing for telehealth visits paid for by federal healthcare programs.

Prior to this waiver, Medicare could only pay for telehealth on a limited basis: when the person receiving the service was in a designated rural area, and when they left their home to go to a clinic, hospital, or certain other types of medical facilities for services. 

In 2019, Medicare started making payments for brief communications, or virtual check-ins, which are short, patient-initiated communications with a healthcare practitioner. Medicare Part B separately pays clinicians for e-visits, which are non-face-to-face, patient-initiated communications through an online patient portal.

There are three main types of virtual services that physicians and other professionals can provide to Medicare beneficiaries: Medicare telehealth visits, virtual check-ins, and e-visits.

Currently, Medicare patients may use telecommunication technology for office visits, hospital visits, and other services that generally occur in-person. 

However, there are rules, listed verbatim here:

• The provider must use an interactive audio and video telecommunications system that permits real-time communication between the distant site and the patient at home. Distant-site practitioners who can furnish and get payment for covered telehealth services (subject to state law) can include physicians, nurse practitioners, physician assistants, nurse midwives, certified nurse anesthetists, clinical psychologists, clinical social workers, registered dietitians, and nutrition professionals. 

• It is imperative during the PHE that patients avoid travel, when possible, to physicians’ offices, clinics, hospitals, or other healthcare facilities, where they could risk their own or others’ exposure to further illness. Accordingly, HHS is announcing a policy of enforcement discretion for Medicare telehealth services furnished pursuant to the waiver under section 1135(b)(8) of the Act. To the extent the waiver (section 1135(g)(3)) requires that the patient have a prior established relationship with a particular practitioner, HHS will not conduct audits to ensure that such a prior relationship existed for claims submitted during this public health emergency.
• Starting March 6, 2020, and for the duration of the COVID-19 PHE, Medicare will make payment for professional services furnished to beneficiaries in all areas of the country in all settings.

On another note, I recently had a client undergo a meaningful use audit. Everyone knows that the government provides incentives for using electronic records. In order to qualify for a meaningful use incentive, you must meet nine criteria. If you fail one criterion, you owe the money back. One of the biggest issues physicians have faced in an audit is demonstrating the “yes/no” requirements that call for attestation, proving that the security risk analysis was successfully conducted. In this particular case, opposing counsel was a state attorney general in Georgia. The attorney told me that he had zero authority to negotiate the penalty amount. It was the first time another lawyer told me that the penalty was basically a “strict liability” issue, and since the funds were federal, Georgia had no authority to reduce or remove the penalty.

But there is an appeal process. It made no sense. In this case, the doctor didn’t want to pursue litigation. So, reluctantly, we paid. I am wondering if any of you have encountered this issue of no negotiations for meaningful use penalties.

Programming Note: Listen to Knicole Emanuel and her RAC Report every Monday on Monitor Mondays, 10 Eastern.