This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| 4 minute read

New OIG toolkit: Analyzing Telehealth Claims for Program Integrity Risks

On April 20, 2023, the U.S. Department of Health and Human Services Office of Inspector General (“OIG”) published a new toolkit  titled “Analyzing Telehealth Claims to Assess Program Integrity Risks” designed to analyze claims data for telehealth services and identify program integrity risks to Federal healthcare programs (“Toolkit”).  

The Toolkit appears to be driven by the OIG’s concerns about the increased risk of fraud, waste, and abuse in connection with the recent explosion of telehealth utilization.  The Toolkit is intended to be used by public and private parties, including Medicare Advantage plan sponsors, private health plans, State Medicaid Fraud Control Units, and other Federal healthcare agencies to identify providers whose billing practices may present a high risk and warrant further review.  

The Toolkit lists the steps for analyzing telehealth claims and identifies program integrity measures to apply to telehealth claims data.  Although the Toolkit is geared toward payors and enforcement agencies, healthcare providers should consider the guidance contained in the Toolkit while developing policies on billing for telehealth services and incorporate the guidance into their internal compliance activities.

A brief synopsis of the steps for analyzing telehealth claims and the program integrity measures outlined in the Toolkit is below: 

Steps for Analyzing Telehealth Claims

  1. Review program policies.  Since the Toolkit is based on Medicare fee-for-service (“FFS”) payment and coverage policies applicable during the first year of the COVID-19 pandemic, as an initial step of the claims analysis it is important to confirm the current applicable payment and coverage policies for telehealth services. 
     
  2. Collect claims data.  The second step is to collect the telehealth claims data. The Toolkit focuses on the services that may be provided to Medicare beneficiaries via telehealth, as well as certain virtual care services not designated by CMS as telehealth services, including e-visits, virtual check-ins and remote monitoring. The OIG cautions that the Toolkit is not intended to be used in connection with claims data from institutions, such as hospitals and nursing homes, and instead should be used for claims data for physicians and non-physician practitioners. 
     
  3. Conduct quality assurance checks.  The Toolkit recommends conducting quality assurance checks on the data being analyzed.  While the quality assurance methods will depend on the data under review, the Toolkit emphasizes checking for improbable values and excluding claims with beneficiary identification numbers equal to zero. 
     
  4. Analyze data to identify program integrity risks.  Once the data is gathered and checked for quality, users should perform an analysis to review the data to identify potential program integrity risks. Because the OIG used Medicare data to develop its program integrity measures, users may find it necessary to adjust the thresholds summarized in the Toolkit to identify providers whose billing practices pose risk in different programs. 
     
  5. Interpret the results of the analysis.  Once the data analysis is completed, users can use the Toolkit to benchmark the results against those flagged by the OIG as potential threats to program integrity. This step may result in the identification of overpayments or the need to reevaluate how a provider bills for telehealth services. The OIG noted though that simply exceeding a potential threshold noted in the Toolkit is not by itself evidence of fraud and abuse. Rather, once a concern is identified, further investigation would be necessary to determine the extent of any potential non-compliance.

Program Integrity Measures

Once the telehealth claims data has been analyzed, the Toolkit identifies program integrity measures to help an organization determine whether the data represents a program integrity risk. These measures include the following:

  1. Billing telehealth services at the highest, most expensive level for a high proportion of services. The threshold for this measure may vary depending on the purpose of the review ( e.g., a lower threshold for setting safeguards and identifying risks or a higher threshold to identify specific providers for further investigation).  For reference, the OIG considered providers to be “high risk” on this measure if they billed 100% of their telehealth services at the highest level, which the OIG acknowledges is a conservative threshold. 
     
  2. Billing a high average number of hours of telehealth services per visit, which may indicate billing for unnecessary services or services not rendered.  Generally, the OIG considers billing an average of more than 2 hours of telehealth services per visit to qualify as “high risk.”  The Toolkit also highlights checking for the so-called “impossible day,” such as instances where providers billed for 25 hours of services in a single day.  
     
  3. Billing telehealth services for a high number of days in a year. The OIG considers a provider billing telehealth services on more than 300 days per year to be “high risk,” as the median is 26 days for all providers who billed Medicare for telehealth services. 
     
  4. Billing telehealth services for a high number of patients. The OIG considers providers who billed telehealth services for 2,000 or more beneficiaries per year to be “high risk,” as the median is 21 beneficiaries for all providers who billed Medicare for telehealth services. 
     
  5. Billing multiple plans or programs for the same telehealth service for a high proportion of services.  The OIG considers providers to be “high risk” if they bill both Medicare FFS and Medicare Advantage plans for the same service for more than 20% of their services.  To identify these duplicate claims, identify telehealth services for which information in key fields (e.g., rendering provider, billing provider, patient, date of service, and procedure code) is identical.  
     
  6. Billing for a telehealth service and then ordering medical equipment for a high percentage of patients. The OIG considers providers to be “high risk” if they billed a telehealth service and then ordered DMEPOS within 3 months for at least 50% of their beneficiaries, which the OIG acknowledges is far higher than the median (3%). 
     
  7. Billing for both a telehealth service and a facility fee for most visits.  “Facility fees” or “originating site facility fees” are charged in connection with telehealth services when a health care facility hosts the patient (e.g., provides the room and device) for a telehealth service, and the provider interacting with the patient during the telehealth service is located elsewhere.  The OIG considers a provider to be “high risk” if they bill Medicare for both the telehealth service and the facility fee for more than 75% of their telehealth visits. 

If you have any questions about the Toolkit or conducting an internal compliance review of telehealth claims, please contact Milada Goturi or Kevin Kifer.

Tags

health law checkup, blogs