Increasing OIG and DOJ telehealth fraud enforcement likely on horizon

By Michael Podberesky, Esq.; Andrea Lee Linna, Esq.; and Amanda Ray, Esq.

Michael Podberesky (mpodberesky@mcguirewoods.com) is a Partner in the Washington, DC, office; Andrea Lee Linna (alinna@mcguirewoods.com) is a Partner in the Chicago office; and Amanda Ray (aray@mcguirewoods.com) is an Associate in the Chicago office of the McGuireWoods LLP law firm.

Approximately one year after the Centers for Medicare & Medicaid Services (CMS) modified telemedicine requirements to expand telehealth access during the COVID-19 public health emergency (PHE), recent Department of Health & Human Services (HHS) Office of Inspector General (OIG) statements and Department of Justice (DOJ) enforcement actions indicate that government scrutiny of telemedicine compliance is on the rise. These actions likely represent the tip of the iceberg of an ensuing wave of telehealth-focused audits and enforcement actions.

OIG focus on telehealth fraud

OIG has telegraphed its intent to focus on telehealth-related fraud. Notably, the OIG added Medicare Part B telehealth services audits to its Compliance Work Plan for January–March of 2021.[1] Moreover, on February 26, OIG’s Principal Deputy Inspector General Christi Grimm commented in an open letter that while “OIG recognizes the promise that telehealth and other digital health technologies have for improving care coordination and health outcomes,” it is critical to ensure “that new policies and technologies with potential to improve care and enhance convenience achieve these goals and are not compromised by fraud, abuse, or misuse.”[2] To that end, Grimm stated that “OIG is conducting significant oversight work assessing telehealth services during the public health emergency,” which she anticipates will be published later this year, and “will continue to vigilantly pursue…‘telefraud’ schemes and monitor the evolution of scams that may relate to telehealth.”

Earlier this year, DOJ announced actions pertaining to two massive telehealth-related fraud schemes. In a news release issued February 4, DOJ described a telehealth fraud scheme involving dozens of durable medical equipment (DME) supply companies that submitted more than $400 million in illegal DME claims to Medicare and the Department of Veterans Affairs.[3] The defendants involved in the scheme bribed physicians to approve a high volume of telehealth claims when the physicians had no telehealth interaction with the beneficiaries. DOJ announced charges against 86 individuals involved in a similar fraud scheme involving telemedicine in a September 2020 news release, which it described as the “largest health care fraud and opioid enforcement action in Department of Justice history.”[4] The defendant’s telemedicine executives paid physicians to order unnecessary DME, genetic and diagnostic testing, and pain medications, causing an alleged $4.5 billion in false claims submitted to federal healthcare programs and private insurers by 86 criminal defendants in 19 judicial districts. While these cases involve allegations of expansive and egregious fraud schemes, they represent low-hanging fruit and subsequent enforcement actions—both those initiated by the government as well as qui tam suits brought by whistleblowers under the False Claims Act—will likely target less apparent violations such as billing for missed appointments or submitting claims for sessions that are not as long or as complex as billed for.

Telefraud vs. noncompliance with Medicare telemedicine requirements

These recent actions by the OIG and DOJ, particularly the way they are categorized, have come under scrutiny by industry stakeholders who claim that the agencies’ focus on telehealth fraud is not telehealth at all. The Alliance for Connected Care, an industry association representing telemedicine providers, has voiced concerns about the OIG’s failure to distinguish blatant “telefraud” schemes, which focus on DME, compounding pharmacy, opioids, diagnostic tests, and other areas, from instances of inappropriate telehealth billing resulting from Medicare’s temporary expansion of reimbursement of telehealth during the PHE, which is more likely to be representative of valid concerns about telehealth fraud.[5] The Alliance for Connected Care also rejected the notion that recent enforcement actions targeted instances of telehealth fraud. It stated the indicted actors did not, in essence, furnish care via telemedicine. While there appears to be a distinction between telefraud and noncompliance with Medicare telemedicine requirements, the OIG has not yet clarified its view whether such a categorical distinction exists. Regardless, it will be up to prosecutors and investigators evaluating allegations of telehealth-related misconduct, and ultimately judges and juries, to determine whether telehealth billing errors were the results of confusion and good faith efforts (and therefore not actionable under the False Claims Act or criminal laws) or reckless indifference, deliberate ignorance, or willful misconduct.

Post-pandemic reimbursement of telehealth

The concern that telehealth services are uniquely susceptible to fraud has been increasingly cited in expanding post-pandemic telehealth reimbursement discussions. The Medicare Payment Advisory Commission (MedPAC), a congressionally appointed advisory committee that makes recommendations to Congress, issued a March 15 report to Congress about permanently expanding post-pandemic telehealth reimbursement.[6] MedPAC expressed apprehension that expanding reimbursement for telehealth services after the pandemic “raises program integrity concerns.” MedPAC claimed that “telehealth technology might make it easier to carry out fraud on a large scale because clinicians employed by fraudulent telehealth companies can interact with many beneficiaries from many parts of the country in a short amount of time.” Also, MedPAC expressed concern that “if telehealth is expanded and beneficiaries become more comfortable receiving care through telehealth, they might become more vulnerable to being exploited by companies that pretend to be legitimate telehealth providers.”

To limit the risks for telehealth fraud, MedPAC recommended that Congress implement the following safeguards if Congress decides to expand Medicare post-pandemic telehealth reimbursement permanently.

  • Apply “additional scrutiny to outlier clinicians who bill many more telehealth services per beneficiary than other clinicians.”

  • Require clinicians to provide an in-person, face-to-face visit with a beneficiary before ordering expensive DME or expensive clinical laboratory tests.

  • Prohibit “‘incident to’ billing for telehealth services provided by any clinician who can bill Medicare directly.”

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings