Telehealth Fraud Summary
July 22, 2020
The full version of this article may be found here, published on Healthcare Financial Management Association’s website.
Telehealth has been critical for providers during this public health emergency not only for providers to maintain continuity of care, but also to maintain reimbursement levels to sustain financial viability. Payor telehealth policies changed frequently during the first months of the COVID-19 public crisis. The looming risk to providers is potential recoupment actions and fraud allegations if the right coding and documentation requirements were/are not being followed.
Providers should check their payors’ policies and conduct an internal documentation audit, or hire a qualified compliance expert to do so, to make sure they are not in danger of an audit. The following six areas can trigger payor scrutiny:
- Technology used to conduct the telehealth visit. Some payors allow only audio-only technology for telehealth visits, but many do not. Medicare, for example, requires the use of audio-visual technology for certain services. Providers should always document the technology used and note any glitches that may have occurred during the visit, and make sure the appropriate CPT code is billed. If a complaint is made from a beneficiary, Medicare will likely send out patient questionnaires to investigate whether proper technology was used by the providers.
- Upcoding, Many payors, including Medicare, allow providers to assign codes based on time spent with the patient and the level of medical decision-making. Providers must code conservatively and thoroughly document both the patient and provider’s location, method of communication, any other persons involved with the visit and their roles, in addition to the required medical necessity that would be charted during an in-person-office visit. Without good documentation to support the code billed, a provider could face accusations of upcoding.
- Use of a non-HIPAA compliant platform. Many payors have waived the necessity to use non-public facing technology during the PHE. However, these waivers are likely temporary and providers should implement HIPAA compliant platforms and procedures now.
- State licensure requirements. Know the licensure and scope of practice rules for the states your providers and patients are located in, as well as the effective dates of any waivers in place.
- Billing for telehealth when no services are rendered. Make sure that if the patient does not participate in the telehealth visit, the encounter is not accidentally billed. For example, the electronic medical record was pre-populated with information from the previous visit and is not deleted when the patient doesn’t get on the call causing a claim to be unintentionally generated.
- Failure to authenticate patient identity. Make sure to implement reliable mechanisms to verify patient identity to avoid identity theft scams.
Compliance reviews are critical especially during this time of rapid change in payor policies. Corrected claims can be submitted during the window of time allowed by the payor for corrections. Medicare allows a year from the date of service. Overpayments to payors can lead to financial hardship to providers, as well as fraud allegations that can jeopardize a provider’s enrollment with Medicare and credentialing with private payors.