Christopher C. Eades (email@example.com) is an attorney in the Indianapolis office and James Junger (firstname.lastname@example.org) is an attorney in the Milwaukee offices of Hall, Render, Killian, Heath & Lyman PC. Angela M. Deneweth (email@example.com) is an advisor in the Dallas office of Hall Render Advisory Services.
The deadline for this article fell on December 2020. At that time, the world eagerly awaited the broad distribution of vaccines that would stop the spread of COVID-19, which will hopefully be underway by the time of publication.
After the end of the pandemic comes the time to clean up and move forward. In the next few months, public health emergency (PHE) declarations will lapse, closing the door on regulatory flexibilities that have allowed healthcare organizations to devote more resources to patient care. Compliance professionals may find that they have two distinct but related priorities in the next few months: (1) assessing their organizations’ compliance with new (or newly restored) regulatory and billing requirements and (2) helping their organizations chart a path forward.
The rapid expansion of virtual care services—referred to as telemedicine and telehealth in this article—will be a lasting legacy of the COVID-19 pandemic. Telemedicine presents compliance risks looking both backward and forward. While Medicare, Medicaid, and commercial payers modified billing rules to facilitate a shift to virtual care, it is only half of the picture. The practice of medicine, including telemedicine, is still fundamentally a question of state-by-state regulation, which will likely lead to friction as compliance professionals and their colleagues move toward a future in which patients expect to access their providers from home.
What happened? Auditing telemedicine claims
In October 2020, the Office of Inspector General announced its plan to audit telehealth services that occurred during the COVID-19 pandemic. The review will focus on professional fee services for traditional Medicare and Medicare Advantage plans and will detect program integrity risks related to telehealth services during this time. The Office of Inspector General will use data analytics to focus on provider billing patterns and to identify outliers when compared to other same-specialty practices. In light of this specific enforcement priority, compliance professionals should consider including telemedicine claims reviews into their work plans for 2021.
Where was care provided and received?
When billing telemedicine services, geography plays a critical role in compliance. Prior to the COVID-19 PHE waivers, the provider location (distant site) and the patient location (originating site) had to meet strict eligibility requirements to be able to bill for a remote service as if it had been provided in-person. The PHE waivers relaxed definitions for both locations, leading to situations where both providers and patients stayed in their own homes during a medical encounter that was billable as if it had taken place in person.
Even though the Centers for Medicare & Medicaid Services (CMS) has relaxed its standards for where remote services may be provided, providers must still be diligent in how they document and bill the encounters. Prior to the pandemic, distant site providers billed an evaluation and management (E/M) encounter with place of service 02 to indicate a telemedicine visit, and reimbursement was slightly discounted compared to the standard E/M fee. The originating site billed for its role facilitating the patient’s visit with use of the room and qualifying equipment using code Q3014. Taken together, the discounted distant site reimbursement and the originating site flat fee constituted Medicare’s full reimbursement for the service.
During the COVID-19 emergency, CMS’s billing guidelines have been adjusted for both originating sites and distant sites. When the patient is at home, or at least not presenting at a medical facility, the Q3014 facility flat fee is not billed because no medical facility is acting as the originating site. CMS has instructed providers to bill telemedicine services where the provider’s site (distant location) was away from the medical office with the place of service that they would have used if the service were not a telemedicine encounter prior to the PHE, and to add modifier -95 to the claim. Modifier -95 indicates the use of a two-way, synchronous, audiovisual communication between the provider and patient.
Compliance professionals should be aware of these modified requirements and consider including telemedicine claims reviews into their 2021 work plans. In addition, compliance professionals should acknowledge that telehealth is still maturing, so government and commercial payer requirements could change significantly. Consider the organization’s change management process as it relates to billing telemedicine services. Which unit is responsible for ingesting new billing requirements, training key employees, and monitoring their performance to verify that the updated requirements are being met?
What services are billable only when provided remotely?
The well-publicized expansion of telemedicine during the COVID-19 pandemic could create an impression that any care provided virtually is always billable on the same terms as an in-person visit. This is not the case. CMS and other payers have recognized that there is nuance in the time and effort required for various types of virtual visits, and providers are required to code and bill for their services appropriately. The following visit types are specifically recognized as payable by CMS or other payers but are not considered telemedicine visits:
Virtual check-ins. Professionals bill for brief (5–10 min) communications that mitigate the need for an in-person visit and can be furnished via any synchronous telecommunications technology. During the PHE waivers, both new and established patients can receive these services. The virtual check-in must not be related to any medical visit in the next 24 hours or previous seven days. If all criteria are met, providers can bill for this service using code G2012.
Audio-only telephone communications. During the PHE, Medicare and many private payers have approved coverage of telephone-only (no video) services billed using an existing set of three CPT codes. Per CPT guidelines, physicians use code range 99441–99443, while other qualifying nonphysician healthcare professionals use code range 98966–98968.
Remote evaluation. A professional evaluates a prerecorded video or image the patient sends to the provider. Provided all criteria are met, the service can be billed using code G2010.
E-visits. An established patient can generate an initial non-face-to-face encounter via an online patient portal. Providers bill for this online E/M service for time accumulated over seven days using codes 99421–99423. Healthcare professionals that do not qualify for billing E/M services can bill their time in the same way, accumulated over seven days. The qualified nonphysician healthcare professionals include psychologists, speech language pathologists, occupational therapists, and physical therapists. These professionals may use codes G2061–G2063.
What’s next? Compliance concerns in an expanded telemedicine strategy
Even though CMS and other payers relaxed their billing rules for telemedicine services during the COVID-19 pandemic, the regulatory framework remains complex. For years, significant variability among applicable laws, regulations, and guidance has been a hallmark of the telemedicine compliance landscape. For instance, there is no single federal statute that governs the provision of virtual care, and the states each continue to approach virtual care in a different manner.
It is likely that public and private payers as well as professional regulatory bodies will restore some restrictions that were, by rule or in practice, set aside during the public health emergency. The framework is complicated further given that the relevant payer rules (Medicare, Medicaid, and commercial payers) often do not align with the pertinent state rules and professional practice standards.
The variability among states and payers really starts with the differing terminology. Some states and payers speak to “telemedicine,” while some, like Medicare, speak to “telehealth.” Some speak to both, and yet others use different terms altogether (e.g., “telepsychology,” “telepractice”).
As their organizations consider making permanent—or expanding—their telemedicine offerings, compliance professionals should be sensitive to these differences. States’ choice of language and definitions will typically set forth what telemedicine technology/modality is permissible within a state. For example, these definitions will often speak to synchronous (real-time) audio and/or video technology, asynchronous (not real-time) store-and-forward technology, and/or remote patient monitoring technology. As described above, these services may be billable to a particular provider, but providers must also consider whether state law allows professionals to provide the service in the first place. For instance, state Medicaid rules may compensate for certain audio-only services, but the relevant professional practice rules may require a synchronous audio and visual technology be used to provide the service, particularly if a prescription is involved.
The good news is that all of this regulatory variability can be navigated. However, in doing so, it is important to consider a number of key issues. Among the threshold considerations are professional licensure, scope of practice, standard of care, and technology requirements, all of which can affect the viability of an organization’s telehealth strategy.
When assisting in the development of a telehealth strategy, compliance professionals should consider geography. In short, it is critical to determine where patients are physically located when they receive virtual care services from the organization’s providers because providing a virtual visit (“beaming in” to a state from another state) can, in some jurisdictions, be considered the practice of medicine.
Applicable state law and payer rules generally require that the practitioner be licensed where the patient is located, unless an exception or exemption exists in that state that will permit the desired practice. Additionally, some states (and certainly payers) have identified the specific practitioner types that are eligible to perform virtual care services and, by implication, those potentially not eligible to render services through virtual care. While states have implemented licensure exceptions as a result of COVID-19, the extent of these exceptions, associated limitations, and application to various provider types is highly variable, and they are likely to disappear once the pandemic ends. Providers should also consider state or payer requirements for licensure at the distant site location (i.e.,where the provider is located when rendering the virtual care services). Although, as noted above, licensure is generally required in the state where the patient is located, other relevant provisions may specifically require licensure or enrollment in the distant site. These rules often come into play in border states or “snowbird” scenarios where a provider is rendering virtual care services from a location (often from home) where the provider does not maintain a license.
Scope of practice
As with licensure, compliance professionals should be aware of applicable scope of practice requirements for virtual care across jurisdictions and specialties. For example, certain states have collaboration requirements, which effectively require nonphysician practitioners, such as advanced practice nurses and physician assistants, to maintain a primary practice location that is physically located within the state. Other states require the collaborative practitioner to be located within a defined distance from the nonphysician practitioner or patient. These types of requirements, which generally predate the use of virtual care, may effectively create barriers to practicing through virtual care.
The treatment of virtual medicine also varies widely among professional boards and specialties. Certain specialties in a given state may have articulated very stringent practice rules related to virtual care that will necessarily bear on informed consent processes and clinical workflows. Psychology boards, in particular, have been active in this area. In contrast, some specialties have failed to address telemedicine altogether.
Early in the COVID-19 pandemic, the Department of Health & Human Services Office for Civil Rights announced that it would relax its Security Rule enforcement to facilitate access to care, including in the area of telemedicine. Relying on this guidance, many organizations began providing telemedicine services through commercial products that were not designed to comply with the Security Rule. While many organizations have switched, or soon will switch, to a compliant platform, compliance professionals should be aware of other potential pitfalls. For instance, telemedicine technology is a commodity with a commercial value, so any transaction between providers contemplating telemedicine services should consider both operational realities and the fraud and abuse laws. As an initial matter, compliance professionals should recognize that telemedicine technology must function well for each party. That is, it must work in relation to, and be consistent with, each party’s workflows and record-keeping practices and obligations. Also, given the value/potential use of this technology, there are additional considerations regarding appropriate licensing/use of the technology, as well as legal compliance considerations. Use of such technology (and related software) typically also involves third-party vendors and related agreements, notices of privacy practices, etc. It is important that the terms of these agreements permit virtual care providers to meet their own obligations in relation to privacy, the Health Insurance Portability and Accountability Act, etc.
In this light, it is important that providers’ contracts identify which platform the parties will use to provide telemedicine services without being so inflexible that run-of-the-mill changes, such as patches or version updates, create technical breaches of contract. If, during a future audit, a compliance professional determines that current practices no longer align with negotiated terms (for instance, if the parties switched to a different software system without updating an underlying provider agreement), it will likely be important to understand whether additional, undocumented value has changed hands.
The most effective compliance professionals act as a keel instead of an anchor, lending stability without halting progress. As healthcare organizations go full steam ahead into a future of virtual care, compliance professionals should look backward and forward, watching out for past errors in telemedicine billing and coding and helping chart a course to a successful (and compliant) telemedicine strategy.
Compliance professionals should be aware of the risks caused by the rapid expansion of telemedicine.
Medicare, Medicaid, and commercial payer billing rules often conflict with state licensing and scope of practice rules.
Due to the public health emergency, state and federal governments implemented numerous waivers that allowed organizations more flexibility to care for patients remotely.
Healthcare entities should assess the risks associated with practices that relied on state and federal waivers, such as the use of platforms that weren’t compliant with the Health Insurance Portability and Accountability Act.
Healthcare entities should anticipate more rapid changes in the regulation of telemedicine as the public health emergency comes to an end.