Getty Images/iStockphoto

Understanding the Fraud Risks of Expanded Telehealth Use

Telehealth adoption has increased dramatically due to the pandemic, but the technology's expanded use also raises concerns over healthcare fraud.

While telehealth enabled the healthcare industry to remain open and accessible to patients during the pandemic, its widespread use, coupled with the relaxation of many restrictions, has made the modality ripe for abuse. Based on the federal government’s history of aggressively investigating medical fraud and abuse, healthcare organizations that fail to remain compliant with telehealth regulation run the risk of exposing their practices to costly litigation and fines.

The utility of telehealth predates the public health emergency, but the latter spurred unprecedented growth in provider and patient adoption of the technology. During the first half of 2020, nearly one-third of all visits for commercially insured and Medicare Advantage enrollees occurred using telehealth — a 23-fold increase of the same period the prior year. What’s more, the availability of telehealth services has resonated with consumers, with health plans reporting double-digit gains in overall member satisfaction as a result.

In other words, telehealth has become a staple of care delivery. However, the ubiquity of telehealth has also drawn the attention of bad actors and growing interest from federal agencies in the potential for telehealth fraud and abuse.

Last fall, the Department of Justice (DoJ) announced the largest healthcare fraud takedown in the agency’s history: $6 billion in alleged fraud losses, $4.5 billion tied to telehealth. Government officials documented instances of telemedicine executives providing kickbacks to providers for unnecessary orders of durable medical equipment (DME), genetic and diagnostic testing, and pain medications. In Operation Rubber Stamp, DoJ alleged that one telehealth scheme alone had bilked Medicare for $1.5 billion in durable medical equipment. As a result, more than 250 providers saw their ability to bill Medicare revoked.

While telehealth is a recent phenomenon for many users, its association with healthcare fraud and abuse predates the pandemic. In August 2020, the owner of a Florida telemedicine company was charged with healthcare fraud, illegal kickbacks, and tax evasion stemming from allegedly fraudulent orders to durable medical suppliers that led to $784 million in Medicare claims. One year earlier, DoJ charged 35 healthcare professionals from telehealth and cancer genetic testing laboratories with healthcare fraud tied to $2.1 billion in Medicare claims between 2017 and 2019.

Given telehealth’s growth over the past two years, federal investigators are likely to take action against bad actors.

“It is important that new policies and technologies with potential to improve care and enhance convenience achieve these goals and are not compromised by fraud, abuse, or misuse. OIG is conducting significant oversight work assessing telehealth services during the public health emergency,” the acting head of the Officer of Inspector General Christi A. Grimm noted earlier this year.

With increased federal and state oversight an inevitability, healthcare organizations must educate their staff about the potential for telehealth fraud and abuse and put in place systems to prevent instances of noncompliance.

Legal experts from Troutman Pepper have identified four potential telehealth fraud schemes most likely to draw scrutiny from government officials.

Upcoding time and complexity

The Centers for Medicare & Medicaid Services will look closely at the amount of time providers claim to have spent delivering telehealth services to patients.

Misrepresentation of provided services

The number of virtual services now available to patients requires that providers fully understand the activities that qualify and the necessary procedures for coding and billing

Services not rendered

The law firm warns that submitting claims for services providers have not rendered at all or effectively represents a “significant enforcement risk.” Ineffective telehealth services could result from technical difficulties or obstacles in the way of a patient being able to benefit fully from their virtual visit.

Kickbacks

Federal authorities have made clear their interest in rooting out schemes wherein providers receive payments for orders of unnecessary durable medical equipment, diagnostic testing, or medications.

To avoid telehealth fraud and abuse, healthcare organizations must work with their staff and business partners to ensure compliance with federal and state law. Activities should include a number of essential activities:

  • Policy management to respond to changing regulation and remediate gaps
  • Third-party/vendor risk management to identify potential risks and manage contracts
  • Incident management to improve incident reporting and investigation
  • Revenue risk integrity to monitor claims and denials for financial exposure and trends

Telehealth is not going away, nor is the interest of federal and state agencies in activities constituting healthcare fraud and abuse.

Dig Deeper on Cybersecurity strategies