chevron-down Created with Sketch Beta.
April 01, 2018

Potential for Fraud and Abuse in the Administration of Telehealth Services

John W. Kaveney and Megan R. George, McElroy, Deutsch, Mulvaney & Carpenter, LLP, Morristown, NJ

The current telehealth technology offers physicians and patients a convenient and effective way of connecting. As a result, its utilization has quickly expanded across the country, and there has been a flurry on both the federal and state levels in terms of regulation and oversight. By all indications, its utilization is almost certain to become even more prevalent in the future as additional services are included in those allowed for reimbursement by the government and the requirements for telehealth continue to be relaxed and more fully accepted. 

The provision of telehealth services is merely the practice of medicine via an electronic means. Thus, providers must be concerned with all of the same legal challenges present in traditional, in-person administered healthcare services such as the Anti-Kickback Statute and the Stark laws. However, given the added layer of regulations governing telehealth services, providers must also be cognizant of these requirements to ensure that services are compliant and eligible for reimbursement. 

While telehealth is still an evolving area, and even as recently as February 2018 there have been new changes implemented to the means of delivery and the types of services covered,1 the Office of Inspector General of the United States Department of Health and Human Services (OIG) has already signaled its interest in reviewing both Medicare and Medicaid telehealth services to ensure compliance by providers and root out any potential fraud and abuse currently existing in the system by adding two new items to its Work Plan.2

Telehealth Additions to the OIG Work Plan

In October 2017, the OIG announced a new project to its Work Plan to review Medicare payments for telehealth services.3 The OIG described its new Medicare telehealth review project as follows:

Medicare Part B covers expenses for telehealth services on the telehealth list when those services are delivered via an interactive telecommunications system, provided certain conditions are met (42 CFR § 410.78(b)). To support rural access to care, Medicare pays for telehealth services provided through live, interactive videoconferencing between a beneficiary located at a rural originating site and a practitioner located at a distant site. An eligible originating site must be the practitioner's office or a specified medical facility, not a beneficiary's home or office. We will review Medicare claims paid for telehealth services provided at distant sites that do not have corresponding claims from originating sites to determine whether those services met Medicare requirements.

Additionally, in November 2017 the OIG announced a new project to its Work Plan to review Medicaid payments for telehealth services.4 The OIG described its new Medicaid telehealth review project as follows:

Medicaid pays for telemedicine, telehealth, and telemonitoring services delivered through a range of interactive video, audio or data transmission (telecommunications). Medicaid programs are seeing a significant increase in claims for these services and expect this trend to continue. We will determine whether selected States’ Medicaid payments for services delivered using telecommunication systems were allowable in accord with Medicaid requirements.

Medicare Telehealth

Presently there are specific conditions that must be met in order for a provider to receive Medicare reimbursement for telehealth services. Those conditions include that:

1. The patient be located at an originating site (which the OIG has taken interest in through its newest Work Plan project);

2. The telehealth services be provided by a physician or practitioner (as defined in 42 C.F.R. § 410.78(b)(2)) licensed to furnish the service under the state law of the distant site location of the physician or practitioner;

3. The patient and distant site physician or practitioner communicate via interactive audio and video permitting real-time communications;

4. The CPT/HCPCS code for service provided via telehealth be included in the current year’s list of covered Medicare telehealth services;5 and

5. The medical examination of the patient is under the control of the physician or practitioner at the distant site.

A distant site is defined as the location where the physician or practitioner is located at the time of the service via a telecommunications system.6

An originating site is defined as a physician or practitioner office, critical access hospital, rural health clinic, federally qualified health center, hospital, hospital-based or critical access hospital-based renal dialysis center, skilled nursing facility or community mental health center (1) located in an area designated as a rural health professional shortage area, (2) in a county that is not included in a Metropolitan Statistical Area; or (3) an entity participating in a federal telemedicine demonstration project.7

The physician or practitioner at the distant site is reimbursed an amount equal to the amount that would otherwise have been paid had the services been furnished without the use of a telecommunications system, and the facility at the originating site is entitled to a facility fee.8 Failure to meet any of the above requirements disqualifies a provider from a right to either reimbursement. With that said, one provider failing to meet its requirements does not disqualify the other from reimbursement should it meet its requirements.

The OIG’s concern in its review project focuses upon the potential that patients are being treated in a location that is not a defined originating site, such as the patient’s home or office. As noted above, Medicare’s requirements for telehealth services are stringent in terms of the originating site locations and the condition that patients be located at a healthcare facility such as a physician’s office, hospital or clinic to receive telehealth services. This ensures a certain minimum level of face-to-face encounter and oversight of the patient. What Medicare has attempted to prevent is the provider located at a distant site from making remote “house calls” for services without the involvement of local healthcare professionals.

The OIG has raised skepticism regarding instances where there is not a corresponding originating site claim to the physician or practitioner’s distant site claim. However, while this discrepancy could be the result of non-compliant claims where an appropriate originating site does not exist, it may also just as well be the result of originating site facilities simply choosing not to submit the corresponding claim for the facility fee given its nominal amount.9 While the former situation would disqualify a distant site physician or practitioner’s claim from reimbursement, the latter would not. Sufficient documentation and confirmation of each of the elements discussed above by a provider will be critical to substantiating and defending any challenges to particular claims by the OIG.

Once the aforementioned qualifications for reimbursement have been met, the next issue and area for potential risk is how to bill the service to Medicare. As of January 1, 2018, the Centers for Medicare & Medicaid Services (CMS) made significant revisions to its Medicare reimbursement structure for remote patient monitoring and telehealth. Prior to the 2018 revisions, a limited number of services were covered, including but not limited to annual wellness visits (both initial and subsequent visit), telehealth consultations, emergency department or initial inpatient visit, individual and group kidney disease education services, and end-stage renal disease (ESRD) related services.10 The full list of telehealth services can be found on the 2018 Physician Fee Schedule Final Rule.11 The 2018 Physician Fee Schedule Final Rule expanded the services that qualify for reimbursement to include the following:12

  • HCPCS code G0296: Counseling visit to discuss the need for lung cancer screening using low dose CT Scan;
  • CPT codes 90839 and 90840: Psychotherapy for crisis; Payment for these services is conditioned upon the distant site practitioner having the ability to mobilize originating site resources to diffuse the crisis and restore safety, when applicable;
  • CPT code 90785: Interactive complexity;
  • CPT codes 96160 and 96161: Administration of patient-focused health risk assessment instrument and Administration of caregiver- focused health risk assessment instrument;
  • HCPCS code G0506: Comprehensive assessment or/and care planning for patients requiring chronic care management services;
  • Separate payment for CPT code 99091 was also added to reimburse providers for time spent collecting and interpreting patient-generated health data that is stored digitally and sent to the provider for review, which is considered by some to be a small but significant step toward Medicare reimbursement of remote patient monitoring services.

Further, last year, effective January 1, 2017 CMS put in place a requirement of a Place of Service Code (POS) “02” to be added to professional claims for service.13 This designation acknowledges that the services were administered via telehealth utilizing a telecommunication system. CMS also finalized its proposal to eliminate the use of the “GT” modifier which was required to be added to all telehealth professional claims in the past.14 Also of note, on the commercial payor side, a new modifier was recently introduced for telehealth services, Modifier 95. Modifier 95 is used solely for services rendered to patients who have commercial insurance such as Aetna or Blue Cross Blue Shield.15   

Medicaid Telehealth

While Medicare currently has an ever-evolving set of requirements for the provision and reimbursement of telehealth services, the permissibility of telehealth services to Medicaid patients has been largely left to the states to decide if and how to permit reimbursement. In fact, there is no distinct telehealth service recognized under the federal Medicaid statute.

CMS views telehealth services as a “cost-effective alternative to the more traditional face-to-face way of providing medical care. . . .”16  As a result, states have been left to regulate telehealth services to Medicaid patients under essentially two minimal requirements: (1) that providers practice within the scope of their State Practice Act and (2) that all services meet the Medicaid federal requirements of efficiency, economy and quality of care.17 Otherwise, states are left to their discretion as to whether or not, and under what circumstances, telehealth services will be permissible.18

This has resulted in many states implementing telehealth statutes and regulations containing a variety of differing scopes of coverage and requirements. The OIG’s Medicaid review project will attempt to determine whether reimbursement for telehealth services to Medicaid patients are being provided in conformance with the limited federal requirements and in conformance with particular states’ laws.

This review signals the OIG’s belief that such services will only continue to expand in the future as states adopt additional laws and more providers offer telehealth services. Not surprisingly, the OIG is thus interested in ensuring that the myriad of different models is not resulting in improper reimbursement as such a non-standardized system is fraught with potential for fraud and abuse given the limited set of standardized criteria required by the federal government. Consequently, while the limited set of standardized criteria in the federal law provides flexibility to states, it also can lead to pushing the limits of legality and potential for confusion of what is or is not appropriate.  


The expansion of not only telehealth as a means of delivery of healthcare but also the expansion of the services that qualify for reimbursement by CMS signals that there is a trend towards telehealth becoming a more accepted form of the provision of healthcare in the federal healthcare programs and by private payors. These expansions, however, also increase the possibility for fraud and abuse by individuals and entities delivering the services. The outcome of the OIG reviews under its Work Plan may very well either bolster continued expansion if limited issues are found or could quickly provide a basis to halt this expansion if it is found that the current process has already lead to significant noncompliant practices of administering and billing for telehealth services.  

  1.  H.R. 1892 – Bipartisan Budget Act of 2018 – expanded stroke telemedicine coverage, dialysis telemedicine oversight and accessibility and expansion of Medicare Advantage basic benefits to include telehealth services.
  4. - The OIG announced that beginning June 15, 2017 it intends to provide monthly updates to its annual Work Plan rather than only releasing annual updates to better reflect its ongoing planning and activities.
  6.  42 U.S.C. § 1395m(m)(4)(A).
  7.  42 U.S.C. § 1395m(m)(4)(C).
  8.  42 U.S.C. § 1395m(m)(2).
  9.  The originating site facility fee for CY 2017 is $25.40 based upon the calculation at Section 1834(m)(2)(B) of the Social Security Act. Physicians at a distant site, however, are reimbursed per the Medicare Physician Fee Schedule no different than if the physician were on-site.
  11.  Id.
  12.  Id.
  14.  Id.
  17.  Id.
  18.  A survey of the various trends in state laws can be found at

John W. Kaveney

Deutsch, Mulvaney & Carpenter, LLP

John W. Kaveney is Of Counsel in the healthcare practice at McElroy, Deutsch, Mulvaney & Carpenter, LLP. He represents a range of healthcare clients, including hospitals and health systems (non-profit and for-profit), academic medical centers, physician groups, individual physicians, ambulatory surgery centers, ancillary service providers, medical billing companies, skilled nursing facilities, rehabilitation facilities, behavioral health centers, and pharmacies. His practice in the healthcare field includes work on matters concerning Medicaid and Medicare reimbursement, corporate compliance, fraud and abuse issues, HIPAA breaches, and general healthcare regulatory matters. He can be reached at [email protected].

Megan R. George

McElroy, Deutsch, Mulvaney & Carpenter, LLP

Megan R. George is an Associate in the healthcare practice at McElroy, Deutsch, Mulvaney & Carpenter, LLP. She represents an array of healthcare clients including hospitals and health systems (non-profit and for profit), academic medical centers, physician groups, individual physicians, ambulatory surgical centers, ancillary service providers, medical billing companies, healthcare technology companies, and medical transportation companies. She focuses her practice on healthcare transactional and regulatory issues, including but not limited to joint ventures, physician practice acquisitions, HIPAA Privacy and Security, corporate compliance, private equity, and clinical research. She can be reached at [email protected].