Interest in and use of telemedicine services appears to be dramatically increasing. According to researchers, telehealth visits by members of one private US health plan rose by 52% annually from 2005 to 2014, and soared by 261% from 2015 to 2017. As more people seek to use telemedicine services, there has been an increased focus on what constitutes the appropriate use of these services. In addition, increased utilization has also increased the potential risk for fraud and abuse. In 2017, the Department of Health and Human Services Office of Inspector General (OIG) added Medicaid telehealth payment audits to its Work Plan.
Many discussions of the risks related to telemedicine focus on state-regulated practice of medicine issues and healthcare fraud and abuse concerns that typically fall under the purview of the Centers for Medicare & Medicaid Services (CMS); however, recent regulatory and enforcement actions have also been undertaken by the U.S. Food and Drug Administration (FDA or the Agency). This article will provide an overview of the FDA’s enforcement authority and discuss two examples of how the Agency has recently exercised that authority over telemedicine-related activities. This article will not discuss the FDA’s authority to regulate products used to provide digital health services (e.g., clinical decision support software, mobile medical apps).
FDA’s regulatory and enforcement authority
The FDA regulates virtually every company and individual involved in the manufacture, sale, and distribution of drugs, medical devices, foods, and cosmetics. The FDA is responsible for the regulation of the following product categories: foods, drugs, biologics, medical devices, radiation emitting products, cosmetics, veterinary products, and tobacco products. Throughout this article, we refer to all of the products regulated by the FDA as “regulated products.”
The Federal Food, Drug, and Cosmetic Act (FDC Act) and its implementing regulations grant the FDA administrative, civil, and criminal enforcement authority over the activities that affect products regulated by the Agency. The FDA’s enforcement authority is largely based on the FDC Act’s identification of numerous “prohibited acts” related to developing, manufacturing, distributing, selling, marketing, holding for sale, and labeling regulated products. Such “prohibited acts” include the introduction of an adulterated or misbranded regulated product into interstate commerce, the adulteration or misbranding of any regulated product in interstate commerce, the receipt in interstate commerce of any regulated product that is adulterated or misbranded, and the introduction of an unapproved new drug into interstate commerce. The FDC Act also identifies the circumstances that can cause a regulated product to be considered adulterated or misbranded, including the act of dispensing a prescription drug product without a valid prescription.
When a prohibited act occurs, the FDA may take regulatory and enforcement actions to address such a violation. For certain regulated products, the FDA’s enforcement authority is limited to administrative actions the Agency can take without judicial action, such as issuing Warning Letters and public notices. Warning Letters are the FDA’s most common administrative action; the Agency issued 15,318 Warning Letters in 2017. These actions are designed to publicize noncompliance, to notify companies and individuals of violations of “regulatory significance,” and to allow the Agency to elicit corrective actions from the companies and individuals so that the violative regulated products are brought into compliance with the FDC Act requirements.
For more complex or potentially dangerous regulated products, in addition to administrative actions, the FDA’s enforcement authority may also allow for civil and criminal action to be pursued. The U.S. Department of Justice (DOJ) Civil Division Consumer Protection Branch represents the FDA in connection with criminal and civil litigation and related matters arising under the FDC Act.