Combating Fraud and Bolstering Payment Integrity in Medicaid Telehealth Programs

While telehealth can improve access to healthcare services, it also introduces opportunities for fraud, waste, and abuse (FWA).

FWA has pervaded Medicaid programs since their inception, costing states billions of dollars each year that could have been used for legitimate healthcare services. Moreover, telehealth presents a new dynamic, with delivery trends and regulations that offer novel ways to exploit or otherwise misappropriate Medicaid dollars, especially combined with competition for resources and attention at the state level due to COVID-19.

As telehealth in Medicaid long-term services and supports (LTSS) is relatively new, evidence of widespread fraud has been limited. However, government watchdogs and prosecutors have found billions of dollars in fraudulent or otherwise inappropriate billings for teleservices paid for by Medicare and private insurers, which have covered telehealth more extensively and for longer than Medicaid.

To ensure Medicaid telehealth services, including for managed care organizations, drive down healthcare costs and improve health equity and accessibility, states and community providers need to be diligent in considering how to adapt their existing quality monitoring and oversight processes. Based on Guidehouse’s experience with government FWA initiatives, adequate supervision of delivery and payment for telehealth services is key, lest increased utilization and accessibility be accompanied by misuse and missed opportunities.

Adapting Fiscal Integrity Assurance Processes to Monitor Delivery of Telehealth Services

In recent testimony, the Government Accountability Office (GAO) stated that “careful monitoring and oversight” of increased telehealth utilization “is warranted to prevent potential fraud, waste, and abuse that can arise from these new [telehealth] waivers.” Adequate monitoring and oversight, as called for by the GAO and CMS, will require states to meet the dynamism and complexity injected into healthcare delivery by their responses to the public health emergency (PHE) and beyond.

First and foremost, states should review how their temporary telehealth service waivers will figure into longer-term Medicaid operations, and then consider the potential impacts on billing, payment, and service delivery.

Three Ways for States to Strengthen their Telehealth Strategies

1. Establish quality monitoring and oversight processes specific to telehealth services and integrate them into broader quality and program integrity strategies.

Current state quality monitoring processes may work for services delivered in-person but will need to be adapted to appropriately monitor services delivered through telehealth. Existing processes employed to assure integrity of waiver payments may not be sufficient to cover reimbursement of telehealth visits or may not be sophisticated enough to catch—and prevent—cases of fraudulent or wasteful claims in telehealth. And further, while telehealth can expand access to services, states must be diligent in maintaining the quality of those services delivered remotely.

This can be as simple as dedicating analysis to the utilization of and expenditures on telehealth services, especially in the context of the full-service delivery system. Providers typically bill telehealth visits with a unique modifier or visit code, which means that states can track the utilization of telehealth for encounters and reimburse them appropriately. With a bit of extra legwork, states can also review utilization of telehealth in comparison to in-person or traditionally delivered services.

“It’s about shining a bright light on Medicaid data, from a program integrity perspective. In order to be agile and adaptable, we need to know what guardrails we should set forth,” Joanne Chiedi, former Department of Health and Human Services Acting Inspector General, shared with Guidehouse. Medicaid data on claims, encounters, and parameters of service delivery can help state officials understand where fraud may be occurring or when necessary services may not be occurring.

States should also consider how to best adapt or develop performance measures in two ways: one, by incorporating metrics assessing quality of and access to services delivered through telehealth into state program monitoring; and two, by translating performance metrics in place for other state technological systems that may be used to judge the efficacy of telehealth technology and security. On the former, this may mean adapting existing performance measures assessing delivery of services to account for services delivered remotely. On the latter, states may develop and publicize key performance indicators or performance thresholds for providers as acceptable metrics to judge the operations of systems employed for tele-delivery of Medicaid services.

2. Recommit to rigor in monitoring compliance and qualifications with telehealth policies that states may have relaxed during the PHE.

Flexibilities afforded in Medicaid telehealth waivers during the PHE may be value-adds for state Medicaid delivery systems beyond the emergency, but those states must recommit to monitoring the payments for and delivery of services through telehealth under a once-relaxed regulatory environment. The main allowances regarded the locations of telehealth delivery and receipt, as well as the applicability of privacy and security laws to telehealth systems.

Many states began defining originating sites and distant sites more broadly—allowing beneficiaries to receive remote care in their home or other locations beyond a medical facility and allowing providers from out of state or with other licenses to deliver care remotely. As the PHE subsides, states should continue offering these flexibilities as appropriate but ensure that the safeguards in place to monitor those services are being delivered appropriately and by qualified professionals. Similarly, as states continue to permit alternative modes of technology as vehicles for telehealth service delivery, they should consider consulting with provider agencies and vendors on how best to protect patient data when, for example, the technology used is a smartphone rather than a Health Insurance Portability and Accountability Act (HIPAA)-protected two-way audiovisual system.

3. Engage stakeholders to offer education on billing and delivering services through telehealth and to solicit supplemental information on patient and provider satisfaction and outcomes.

To meet the sudden shift in demand for telehealth, providers often had to implement systems and processes in very short timeframes and without detailed guidance from their state Medicaid agencies, or the bandwidth to fully assess the new service delivery landscape they were facing. This did not always meet federal expectations surrounding transparency and engagement with affected parties.

By outlining quality monitoring and oversight process, states can better assist providers with meeting their full expectations of delivering services through telehealth and reduce the likelihood of billing errors. This approach also complies with the federal government’s recent emphasis on price transparency in healthcare. States can develop training modules and should require all providers who deliver telehealth services to participate in specific trainings, which cover relevant items such as the applicability of HIPAA to remote service delivery and technology solutions, processes for billing for services delivered via telehealth and how this may differ from billing for traditional services, how to monitor participant outcomes with telehealth, and other topics as appropriate under each state’s unique telehealth landscape.

Related to monitoring participant outcomes, states should assess participant satisfaction with their care delivered remotely. This may be a formal process through satisfaction surveys issued to a sample of participants or done informally through conversations with care managers or advocacy groups.

Incorporating telehealth into person-centered planning and the patient journey will be key in securing compliance and enhancing quality.

From the formal delivery of care to the billing process, telehealth services are different, making education and stakeholder engagement critical elements of providing high-quality services and reducing FWA.

Co-Authored By Lance Robertson and Benjamin Pollack