Telehealth is revolutionizing the healthcare industry, offering benefits like video consultations, remote patient monitoring, and mobile health apps. It has already enhanced care accessibility, quality, and efficiency for patients, particularly those in rural or underserved areas, and continues to expand.
Despite the advantages, virtual care introduces significant challenges when it comes to regulatory compliance and reimbursement. As a healthcare provider or organization, you must stay current on federal and state laws and regulations, in addition to managing the complex reimbursement policies that frequently lag behind technological advances.
In our article, we will empower you with the tools and knowledge to successfully traverse the intricate world of telehealth compliance and reimbursement. We delve into topics such as the definition and scope of telehealth services, best practices, and strategies for success. So, let's dive in!
The Regulatory Maze of Telehealth
The telehealth regulatory landscape can be daunting, especially for healthcare providers new to the field. The rapid expansion of telehealth services means federal and state laws and regulations are continuously evolving, making it difficult to stay informed.
Licensing and credentialing
Healthcare providers are typically required to be licensed in the jurisdiction where their patient is situated during the telehealth session. Consequently, providers practicing telehealth across multiple states may need several licenses, which can be costly, time-consuming, and complex. Some states have distinct requirements and regulations for telehealth compared to in-person care, such as informed consent, documentation, prescribing, and privacy.
To tackle these issues and promote interstate telehealth practice, states have adopted various policies and programs:
- Licensure by endorsement and mutual agreement
Certain states recognize licenses issued by others with comparable or equivalent licensure standards and criteria. This enables providers licensed in one state to apply for a license in another without undergoing the entire licensing process.
Federal initiatives, like the Interstate Medical Licensure Compact and the Veterans Health Administration's telehealth program, aim to streamline licensing and credentialing processes to facilitate interstate telehealth practice.
Read more about the eNLC and IMLC
- Telehealth-specific license and registration
Some states provide a special license or registration intended particularly for out-of-state providers. It may have different or reduced requirements: lower fees, shorter application time, or limited scope of practice.
- Temporary practice laws
Certain states allow out-of-state providers to perform telehealth without getting a full license for a limited period or under specific conditions. This can benefit providers with existing patient-provider relationships whose patients temporarily travel or relocate to another state or those providing consultation or emergency services across state lines. For instance, some states have temporary practice laws for psychologists, allowing up to 20 days per year of practice in another state with a temporary permit or license.
As these policies and programs vary by state and profession, providers practicing telehealth across state lines should verify the current laws and regulations in each state where they intend to offer services and comply with all relevant requirements.
Privacy and security
Telehealth requires transmitting sensitive health information electronically, potentially posing risks to patient privacy and data security. As a result, providers must follow federal laws and rules governing health information protection, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Federal Trade Commission Act (FTC Act). These laws and regulations mandate telehealth providers implement suitable safeguards to ensure the confidentiality, integrity, and availability of health information and notify patients and authorities in case of a breach.
Other federal agencies with authority over various elements of telehealth include:
- The Centers for Medicare & Medicaid Services (CMS) oversees Medicare, Medicaid, CHIP, and other government programs. Sets the rules and standards for telehealth coverage, payment, quality, and reporting for these programs.
- The Office for Civil Rights (OCR) enforces HIPAA to protect health information. Issues guidance and regulations on how telehealth providers must comply with laws when transmitting health information electronically.
- The Federal Communications Commission (FCC) regulates the telecommunications infrastructure and spectrum that enable telehealth services. FCC also administers programs that support the deployment and adoption of broadband and telehealth technologies, such as the Rural Health Care Program and the COVID-19 Telehealth Program.
- The Food and Drug Administration (FDA) oversees the safety and efficacy of medical devices and apps used in telehealth. FDA also oversees the regulation of prescription drugs that are delivered or prescribed through telehealth platforms.
- The Department of Veterans Affairs (VA) runs the country's biggest integrated healthcare system, along with a robust telehealth program serving millions of veterans. VA has its own authority to regulate telehealth services within its system, such as licensing, credentialing, privacy, security, reimbursement, and quality.
State Regulations: Navigating the Landscape
One significant variation in telehealth regulations by the state is reimbursement policies for telehealth services. As reported by Foley & Lardner, 43 states and the District of Columbia have enacted state telehealth commercial payer laws, requiring private insurers to cover telehealth services to some extent. However, the scope and details of the laws differ greatly.
For example, 14 states mandate true payment parity for telehealth, meaning that telehealth services must be reimbursed at the same rate as equivalent in-person services. Massachusetts enforces payment parity only for behavioral health services, while 30 states have laws prohibiting charging more for a telehealth visit than for an in-person visit. Tennessee is the only state with restrictions on the patient's originating site, meaning that the patient must be located at a specific type of facility to receive telehealth services.
Another critical aspect of state telehealth regulations is the licensure policy for telehealth providers. Most states require telehealth providers to be licensed in the state where the patient is at the time of treatment. However, some states offer exceptions or exemptions for specific types of providers or situations.
Certain states, for example, allow out-of-state providers to provide telehealth services if they meet certain criteria, such as having an established connection with patients or partnering with a local provider.
Lastly, consent policies for telehealth services are an essential legal and ethical principle that respects the patient's autonomy and right to make informed decisions about their healthcare. Forty-five states, the District of Columbia, and Puerto Rico have specific consent requirements that may vary from those for in-person services.
For example, some states require telehealth consent to be obtained separately from general consent for treatment or obtained in writing or electronically. Others mandate that consent include specific information about the nature and scope of telehealth services, such as the technology used, confidentiality and security limitations, and the possibility of technical failures or interruptions.
Reimbursement Policies: The Challenges
The policies governing telehealth reimbursement vary considerably across federal healthcare programs such as Medicare, Medicaid, and the Children's Health Insurance Program. (CHIP). It is important to note, that some of these programs have expanded their telehealth services coverage in response to the COVID-19 pandemic, but these changes may be temporary or subject to limitations.
Learn more about the changing regulations: The Return to Pre-Pandemic Licensing: What Healthcare Professionals Need to Know About the Policy Changes
Let's take a closer look at some of the hurdles you might face challenges in reimbursement policies:
Reimbursement policies for telehealth can be highly variable, with some payers and states limiting reimbursements based on specific provider types, patient demographics, services, or settings. For instance, certain policies might only cover telehealth services provided by physicians or nurse practitioners, while others may extend coverage to include psychologists or physical therapists. Geographic restrictions might also apply, with some policies covering only patients in rural or underserved areas. Additionally, the scope of reimbursable services and delivery methods can vary significantly between payers and states.
Reimbursement rates for telehealth services can also differ greatly. Some payers and states offer the same reimbursement rates as in-person services, while others may apply modifiers to adjust payment rates based on factors like complexity or service quality. In some cases, providers may be eligible for incentives or bonuses for using telehealth to enhance care access, quality, or efficiency.
32 states and the District of Columbia have passed parity laws requiring private insurers to cover telehealth visits at the exact same level as personal visits. These rules have the potential to increase the accessibility and affordability of telehealth services for patients as well as providers.
However, it is important to remember that the scope and implementation of parity laws may differ greatly between states. Some parity laws, for example, may apply only to certain kinds of insurance companies, whereas others may apply to all types of insurers. Furthermore, these rules may be limited to specific providers or patients, for example, primary care physicians or Medicaid recipients, as well as to specific kinds of telehealth capabilities, such as live video calls or synchronous communication, whereas others may apply to all types of telehealth assistance.
Important Aspects of Telehealth Compliance and Reimbursement
Ensuring Compliance with Telehealth Regulations
It's crucial for providers to understand the various rules and standards that apply to their telehealth practice based on the service type, provider and patient locations, mode of communication, and payer source.
Noncompliance can have severe ramifications for doctors and patients alike. If providers violate telehealth regulations or standards of care, they could be subjected to legal proceedings, disciplinary actions, penalties, fines, declined reimbursement, revocation of a license, or loss of accreditation. Patients may suffer harm, injury, or loss of privacy if they receive substandard or inappropriate telehealth services.
Implementing Effective Telehealth Policies and Procedures
The development and implementation of effective policies and procedures for telehealth delivery is another crucial aspect. These should cover the following areas:
- Scope of services: Clearly define which types of services can be delivered through telehealth, who is eligible to provide and receive these services, and which settings and modalities are appropriate.
- Clinical standards: Establish clinical guidelines for telehealth, including patient selection criteria, informed consent, documentation, privacy and confidentiality, quality assurance, and outcome measurement.
- Technology requirements: Specify the hardware, software, network, security, interoperability, and technical support necessary for telehealth delivery.
- Legal and regulatory compliance: Ensure that all applicable laws and regulations regarding licensing, credentialing, malpractice liability, reimbursement, and accreditation are followed.
- Education and training: Educate providers and patients on the benefits, risks, and best practices of telehealth delivery.
- Evaluation and improvement: Continuously monitor and evaluate the performance and impact of telehealth delivery, and look for opportunities to improve and innovate.
Protecting Patient Privacy and Security
Protecting telehealth patients’ privacy and security is of utmost importance. This is where the Health Insurance Portability and Accountability Act of 1996 (HIPAA) comes in. It applies to healthcare providers, health plans, healthcare clearinghouses, and their business associates. This means that if you handle PHI on their behalf, such as vendors or contractors, you must comply with HIPAA rules.
Health Insurance Portability and Accountability Act have three main rules that covered entities and business associates must comply with:
- Privacy Rule outlines the rights and obligations for using and disclosing PHI.
- Security Rule sets the technical and administrative safeguards for protecting PHI.
- Breach Notification Rule requires notifying affected individuals, the Department of Health and Human Services (HHS), and sometimes the media, in case of a breach of unsecured PHI.
Compliance with these rules means:
- Obtaining valid authorization from patients before using or disclosing their PHI for purposes other than treatment, payment, or health care operations.
- Limiting the use and disclosure of PHI to the minimum necessary.
- Providing reasonable administrative, technological, and physical safeguards in place to secure the security, integrity, and accessibility of PHI.
- Entering into a business associate agreement with any third-party service provider that creates, receives, maintains, or transmits PHI.
Staying on Top of Telehealth Compliance and Reimbursement
Mastering Telehealth Billing and Coding
Telehealth billing and coding can be challenging and complex, as different payers may have different rules and requirements for reimbursement. Yet, it is highly important to be accurate, as even the smallest mistakes can result in delays.
- Know the payer policies. Before delivering telehealth services, verify coverage, eligibility, documentation, and payment policies with the payer. Some may require prior authorization, specific modifiers, or unique codes for telehealth services. Payers might also have different definitions of telehealth services, such as synchronous vs. asynchronous, audio-only vs. video, or interactive vs. store-and-forward.
- Use the appropriate codes depending on the type and level of service provided. Some common ones are given below. You can check AMA Telehealth policy, coding & payment for more.
99201-99215: Office or other outpatient visits
99441-99443: Telephone evaluation and management services
G2010: Remote evaluation of recorded video or images
G2012: Brief communication technology-based service
G2061-G2063: Online digital evaluation and management services
99421-99423: Online digital evaluation and management services (for non-Medicare patients)
- Apply accurate modifiers. Modifiers indicate alterations to a service or procedure, such as using telehealth technology:
95: Synchronous telemedicine service via real-time interactive audio and video telecommunications system
GT: Via interactive audio and video telecommunications systems (for Medicare patients)
GQ: Via asynchronous telecommunications system
- Document meticulously to support the medical necessity and quality of care provided through telehealth services:
Service date and time
Communication mode (phone, video, email, etc.)
Patient and provider locations
Provider identity and credentials
Encounter reason and chief complaint
History, examination, assessment, and care plan
Patient's informed consent
Technical issues or limitations encountered
Keeping Up with Regulatory and Reimbursement Changes
One method for staying informed about telehealth regulations and reimbursement policy changes is to regularly visit the websites of relevant authorities, such as state medical boards, Medicaid agencies, Medicare contractors, and private insurers. These websites often offer updates on current and proposed rules, guidelines, and rates for telehealth services. However, this approach can be time-consuming and may not capture every detail and implication of these changes.
Another way is to participate in industry and professional associations that advocate for and inform telehealth providers. These associations frequently provide newsletters, webinars, events, and resources covering the latest telehealth developments and best practices. They also offer networking and collaboration opportunities with other telehealth providers facing similar challenges and experiences. The American Telemedicine Association (ATA), the Center for Connected Health Policy (CCHP), the National Consortium of Telehealth Resource Centers (NCTRC), and the Telehealth Alliance of Oregon (TAO) are just a few examples to explore.
Embracing Technology for Telehealth Compliance and Reimbursement Success
As we’ve discussed, a crucial aspect of telehealth compliance is safeguarding the privacy and security of patient information and communications. To do so, healthcare practitioners must use telehealth platforms that comply with the Health Insurance Portability and Accountability Act (HIPAA) along with other applicable laws and standards. These platforms should incorporate encryption, authentication, audit trails, and consent management to preserve the confidentiality and integrity of patient data.
Another vital component of telehealth compliance is meeting clinical and technical standards and guidelines for telehealth practices. Healthcare providers must use telehealth platforms that adhere to professional groups' and accrediting bodies' best practices and recommendations, such as the American Telemedicine Association (ATA), the National Quality Forum (NQF), and the Joint Commission. These platforms should offer features such as quality assurance, clinical decision support, documentation, and performance measurement to guarantee the safety and effectiveness of telehealth services.
Besides compliance, healthcare providers also need to simplify their billing processes. These platforms should offer features like coding assistance, claim submission, and payment tracking.
Consulting Legal and Regulatory Experts
Seeking advice from legal and regulatory experts on telehealth compliance and reimbursement matters can help telehealth providers sidestep potential pitfalls and liabilities. These may include violating licensure requirements, the scope of practice limitations, informed consent rules, fraud and abuse laws, HIPAA regulations, and other applicable standards. Legal and regulatory experts can also guide telehealth providers in optimizing their reimbursement strategies by identifying eligible services and codes, negotiating contracts with payers, documenting and billing appropriately, and appealing denials or underpayments.
Credentialing Software: A Telehealth Game Changer
Credentialing software is another vital solution, that automates and streamlines the credentialing process for telehealth providers, offering numerous benefits. Let’s take a look at some of, what we have to offer:
- Time and resource savings: Credsy minimizes manual work and paperwork associated with credentialing by automating tasks like data entry, document collection, verification, tracking, and reporting.
Learn more about The High Stakes of Credentialing: Meaning of Mistakes
- Enhanced accuracy and compliance: We help ensure data and documents are accurate and up-to-date by utilizing reliable sources and databases. Credsy also aids in complying with various regulations and standards by providing alerts, reminders, checklists, and templates for the credentialing process.
- Improved security and privacy: Another key benefit—is the protection of sensitive information for providers and patients. Credsy employs encryption, authentication, authorization, and backup features. It also helps prevent data breaches or losses by using cloud-based storage and backup systems.
Equip yourself with the knowledge to streamline your credentialing process, minimize errors, and save valuable time and resources. Say goodbye to manual errors and hello to a more efficient, accurate, and compliant credentialing experience.
FAQs on Telehealth Compliance and Reimbursement
What are the primary telehealth regulations set by federal agencies and states?
Federal agencies like CMS, OCR, and DEA, along with state-specific laws, play a crucial role in regulating telehealth. Regulations address areas such as licensure, the scope of practice, consent, malpractice, and parity requirements.
How do telehealth reimbursement policies differ among payers and states?
Reimbursement policies for telehealth vary widely, with Medicare, Medicaid, and private insurers each having their guidelines. Coverage expansion during the COVID-19 pandemic has also affected these policies.
What strategies can providers use to ensure telehealth compliance and optimize reimbursement?
Providers should stay updated on regulations, verify telehealth coverage, accurately document services, use secure and compliant platforms, obtain informed consent, and educate patients and staff on telehealth technology.
What are the benefits and challenges of telehealth compliance and reimbursement?
Benefits include increased access to care, improved quality of care, reduced costs, and enhanced patient satisfaction. Challenges involve navigating complex regulations, ensuring adequate reimbursement, maintaining privacy and security, addressing technical issues, and developing trust with patients.
How can telehealth providers navigate the complexities of reimbursement policies?
Providers should stay informed about payer-specific policies, document services accurately, and consider seeking advice from legal and regulatory experts. They can also use credentialing software to streamline the process and ensure compliance.