As we start to see the light at the end of this COVID-19 tunnel, payers are ramping up to audit telehealth services claimed during the public health emergency (PHE). As with previous disaster declarations in the United States,such as hurricanes Irma, Harvey and Sandy, payers utilized down time to ramp up their surveillance., The COVID-19 pandemic and PHE is no exception. In fact, some payers have already increased their Telehealth audit focus and are starting to provide training to their internal investigative units to detect fraud, waste, and abuse.
What Has Contributed to This Heightened Fraud Focus?
The obvious contribution to the focus on fraud is the current unprecedented COVID-19 pandemic impact on care delivery. The pandemic and PHE declaration resulted in the immediacy to provide services in a remote manner, with little or no training, in an effort to unburden the critical care facilities while ensuring social distancing practices and patient safety. Providers lack of technology and unfamiliarity with telehealth coding and billing services and eHealth software vendor platforms was evident and may have contributed to providers not having ample time to assess the best telehealth delivery partner to sustain compliant practices after the PHE is lifted. When the PHE declaration is lifted, providers should take time to assess the data protections, contracts, costs and future business partnership formed to ensure the provider is not at risk. Along with the unfamiliarity with providing telehealth services and eHealth services, many providers also had a lack of knowledge of coding and billing for these services, at least initially, in a rapidly changing regulatory environment. This lack of knowledge increases providers risk for improper coding and billing.
The challenge of keeping up with various payers, not just the Centers for Medicare & Medicaid Services’ (CMS), temporary expansions of telehealth coverage, coding and billing, place of service and timeframe allowances for these expansions also contributes to the probable incorrect coding and billing. To counter this, payers increased their audit focus on fraud. Providers were and are still in need of tracking the regulatory expansions, timeframes and point of service to be utilized on the claim forms as payers did not uniformly implement the same guidance.
On April 1, 2020, CMS suspended most fee-for-service (FFS) medical reviews during the PHE. According to CMS’ Coronavirus Disease (COVID-19) Provider Burden Relief Frequently Asked Questions (FAQs), there will be no additional documentation requests, reviews that are in process will be suspended and any claims will be released and paid.
What Have Payers Been Doing During This PHE?
Many private payers have expanded telehealth coverage with limited timeframes leaving provider internal audit teams to make adjustments to the annual audit plan based upon risks. Telehealth auditing may not have been a priority risk within the 2020 plan, but it is now.
Although CMS suspended FFS medical reviews during the PHE, CMS stated in their FAQ that medical reviews may occur if there is an indication of potential fraud.
Special Investigative Units (SIU) are ramping up to audit telehealth and eHealth services during this PHE lull of in-person office visits and non-emergent procedures. A recent article released by HMS Healthcare, “Preventing Healthcare Fraud during Coronavirus” provides some insight into payers' perspectives and fraud audit plan activities during the PHE and beyond in 2020.
Below are several audit focus strategies discussed in the article which relate to telehealth and eHealth audit planning for payers.
- The “low tide phenomenon” will be a focus strategy and is easily triggered as fraudsters will not be able to drop their claims rate which will trigger an audit.
- Post-payment reviews to identify shuttered businesses and ensure a business has not gone out of business.
- Increase claims detection capability to identify services provided to patients never seen by the provider on previous claims or for a new ICD-10 code. These may result in pre- and post-payment reviews.
- Payers are developing processes to better understand, from a legal perspective, when the cost-sharing amounts are allowed to be waived during the PHE and not subject to the Anti-Kickback Statute.
- SIUs are training staff to conduct post-payment telehealth and eHealth audits to better understand the compliant coding and billing requirements prior to the PHE and during the PHE. This is occurring across all payers, not just CMS.
What are the Next Steps for Providers?
- Administratively, implement a process to respond to audits in an efficient and timely manner.
- Identify individuals to lead your audit responses.
- Consider conducting an objective, external audit of your telehealth and eHealth claims for coding and billing compliance.
- Conduct a risk assessment, when the PHE is over, to review the new treatment service methods implemented to ensure HIPAA compliance. Although the Office for Civil Rights implements some laxities in regard to HIPAA privacy and security during the PHE, once the PHE is lifted ensuring full HIPAA security compliance and the need to have business associates agreements that meet the HIPAA security standards will be forefront again. Consider an external review to obtain an unbiased review of the process implemented during the PHE, to ensure HIPAA security compliance.
Not sure where to start? Talk to an LW Consulting, Inc. team member with expertise in telehealth coding and billing, audit response support, HIPAA and risk assessments. We are here to assist you.
For more information, contact Deborah Alexander at 717-213-3122 or email DAlexander@LW-Consult.com.