Crackdown on Fraud Highlights Need for Telehealth Compliance

The widespread adoption of telehealth service offerings in response to the COVID-19 pandemic has been one of the defining stories of behavioral healthcare in 2020.

But in addition to increased use of telehealth, there has also been a significant rise in enforcement of regulations around the technology, and providers would be well advised to shore up their compliance infrastructures heading into 2021, says Amy Lerman, member of the Health Care and Life Sciences practice at Epstein Becker Green.

Lerman was the lead author on the firm’s fifth annual Telemental Health Laws Survey, which was published in late October. The report noted a joint effort in September by the U.S. Department of Justice and the HHS Office of Inspector General that resulted in charges against 345 defendants in 51 judicial districts who were suspected of submitting more than $4.5 billion in fraudulent claims related to telehealth services. In its executive summary, EBG wrote that the takedown was the sharpest enforcement activity involving telehealth providers to date and a warning to the industry that providers should make it a priority to develop policies for ensuring that their telehealth-related operations were above-board.

Lerman tells BHE that enforcement agencies’ interest in telehealth-related fraud began to increase even prior to the pandemic, “but there’s a lot of data and analytics that CMS, and other state and federal agencies can see with the increase in the use of telehealth services. They are able to look at, from a claims perspective, how those services are being billed for and documented.”

Staying compliant

Lerman’s biggest tip for staying compliant is to start small. While providers might be tempted to go big in rolling out telehealth initiatives, there are advantages to not making plans to cover 50 states, 24/7 right out of the gate, she says.

“On the regulatory side, to understand, state-by-state and board-by-board, what you need to be doing as a telehealth provider, if you start small, it helps you to understand what the guidance in states is, what the rules are that one needs to follow,” she says.

“From a compliance perspective, it allows you to develop an infrastructure for supporting the fact that, as a provider, you are offering these services, to get familiar with how claims for this need to be billed, how the encounters need to be documented, that you have internal policies. There is a huge compliance opportunity. … Starting small allows you on the ground floor to say we need to have a policy on how to handle insurance, how we handle suspicion of fraud, how we interact with referral sources. If you start early, you can build a robust compliance infrastructure and not do it big and fast overnight, which is what gets overwhelming for providers.”

It’s not just provider organizations who need to be mindful of telehealth regulations, Lerman adds. Another group emerging in the space is software developers who are new to healthcare. These clients, Lerman says, require a bit more education on the intricacies of compliance.

“We can get them there, but sometimes, it can be challenging to explain why you need to invest in a compliance program. They want to make it go, make money and have people sign on for visits,” she says. “We have to walk them back sometimes and say, ‘You’re a healthcare provider now, and there are regulations around that, especially if you want to interact with state and federal healthcare beneficiaries.’ That’s a robust population of patients potentially, but you have to do it the right way.”

More findings

Other developments detailed in EBG’s annual Telemental Health Laws Survey:

Professional licensing requirements for practicing telehealth were altered in different ways, state-by-state, during the pandemic. Some states waived licensing requirements entirely, while others merely reduced such requirements.

Half of states have laws, regulations and/or guidance on data privacy with regards to the provision of telehealth services that go beyond federal and state confidentiality requirements, however HHS’s Office of Civil Rights has said that “it would exercise its enforcement discretion, and not impose penalties in connection with the good-faith provision of telehealth during the public health emergency,” EBG wrote in its announcement of the survey being published.