• Skip to main content

DistilGovHealth

DistilNFO GovHealth Advisory

  • Publications
    • Home
    • DistilINFO HealthPlan
    • DistilINFO HospitalIT
    • DistilINFO IT
    • DistilINFO Retail
    • DistilINFO POPHealth
    • DistilINFO Ageing
    • DistilINFO Life Sciences
    • DistilINFO GovHealth
    • DistilINFO EHS
    • DistilINFO HealthIndia
    • Subscribe
    • Submit Article
    • Advertise
    • Newsletters

As Federal and State Governments Push for Expanded Telehealth Services, Healthcare Providers Must Proceed Carefully to Avoid and Mitigate Risk

Share:

May 13, 2020

Our last client alert described important considerations for healthcare providers expanding their telemedicine services in response to the coronavirus COVID-19 outbreak as the legal landscape rapidly changes. In this follow-up alert we highlight additional ways the federal government is promoting telehealth expansion, including through funding, business support, and policy guidance. We also address the significant potential pitfalls facing providers as they integrate telemedicine services into their business. Companies transitioning to or expanding their telehealth capabilities must proceed carefully with an understanding of applicable policies and licensing requirements.

The Federal Government Is Actively Encouraging Telehealth Services

To date, under the CARES Act the Department of Health and Human Services (“HHS”) has awarded $150 million to 1,779 health centers and $11.5 million to 14 Health Resources and Services Administration (“HRSA”)-funded Telehealth Resource Centers to assist rural and underserved communities combat COVID-19. The Federal Communications Commission (“FCC”) has also instituted a COVID-19 Telehealth Program through the CARES Act to provide up to $200 million for the purchase of telecommunications, information services, and connected devices by nonprofit and public healthcare providers[i], including both rural and non-rural health clinics, to support the implementation and development of “Connected Care” services, which includes telehealth services.[ii] Thus far under this program, the FCC has awarded approximately $13.7 million in grants to 30 telehealth projects in 16 states.

HHS has launched a website to provide healthcare providers with information they need to better integrate telehealth services into their business, understand applicable policies (including those that have been adopted in connection with the COVID-19 outbreak), and make certain they have what patients will need to be able to use telehealth. The website includes region- and practice-specific telehealth guides for healthcare providers and resources to assist providers in selecting appropriate technology vendors and set up workflows to schedule and manage telehealth appointments. It also summarizes important legal considerations for telehealth providers, including as they relate to cybersecurity, privacy, informed patient consent, malpractice liability, and state licensing requirements. (As of April 29, 2020, the District of Columbia and all states except Arkansas had adopted licensure requirements in response to the COVID-19 outbreak (if they had not already done so) to permit physicians licensed in other jurisdictions to provide telemedicine services to patients in state.)

Want to publish your own articles on DistilINFO Publications?

Send us an email, we will get in touch with you.

The Centers for Medicare & Medicaid Services (“CMS”) recently published a COVID-19 Telehealth Toolkit, designed to guide states’ coverage of telehealth services by state Medicaid and Children’s Health Insurance Programs. The Toolkit provides a comprehensive checklist that identifies specific policy considerations for states, including, for example: (1) applicable privacy laws for pediatric patients; (2) how existing payment methodologies might restrict or prevent service delivery through telehealth; and (3) provider licensure and credentialing in Medicaid, and whether a provider’s professional scope of services enables him or her to bill for a telehealth service. CMS has announced that it will provide updates to the Toolkit to highlight specific telehealth policies implemented by states throughout the COVID-19 emergency.

Cybersecurity Is a Significant Concern

Cybersecurity threats pose a major concern for the delivery of telemedicine services. Home computer systems and personal devices used by healthcare providers are vulnerable to viruses, phishing, malware, and hacks. Additionally, most connected medical devices, such as pacemakers, insulin pumps, or stimulators, do not have security parameters which leaves them vulnerable to security breaches as well. For example, in March 2020 the Food and Drug Administration issued a press release warning patients, providers, and manufacturers about potential cybersecurity vulnerabilities in certain medical devices with Bluetooth Low Energy, which can allow a hacker to interfere with the device.

Criminals have preyed on these vulnerabilities to disrupt healthcare providers’ businesses. As a result, an increasing number of providers are experiencing ransomware and other cyberattacks aimed at stealing or corrupting patient data.

Government Scrutiny of Telehealth Providers Is Increasing

The U.S. Department of Justice has announced repeatedly and emphatically its intent to prosecute individuals and entities seeking to capitalize on the pandemic to engage in fraud. This stated enforcement priority naturally encompasses healthcare providers, including those involved in telemedicine services. On March 30, 2020, the United States Attorney for the District of New Jersey charged an individual with conspiracy to violate the Federal Anti-Kickback Statute and to commit healthcare fraud for allegedly soliciting and receiving kickbacks in connection with unnecessary clinical testing. The criminal complaint alleged that the charged individual located Medicare beneficiaries who were not exhibiting symptoms of COVID-19, and then arranged for telemedicine healthcare providers to send these pre-screened beneficiaries prescriptions for COVID-19 tests bundled with a more expensive respiratory pathogen panel (“RPP”) test, which does not identify or treat COVID-19. In exchange for kickbacks, the charged individual would then refer these beneficiaries to laboratories to conduct the prescribed clinical testing.

Additionally, on April 23, 2020, the United States Attorney for the Southern District of Georgia charged a telemedicine company owner in connection with an alleged $60 million fraud scheme involving fraudulent orders for durable medical equipment (“DME”). The case arose out of coordinated government efforts in 2019, dubbed “Operation Brace Yourself” and “Operation Double Helix,” to root out fraud in connection with DME and genetic testing. These efforts reflect the U.S. Department of Justice’s increasing scrutiny of telemedicine services and led to the prosecutions of several telemedicine providers in multiple jurisdictions over the last year.

Healthcare Providers Must Proceed Carefully as They Expand Their Telemedicine Services

Telemedicine offers tremendous opportunity to healthcare providers seeking to continue servicing patients in this age of stay-at-home and shelter-in-place orders. Providers must nonetheless remain cognizant of the potential pitfalls that come with the industry-wide expansion now being fueled by government support. They should review their malpractice and liability policies to ensure that they apply to the specific telemedicine services offered. To address pervasive cybersecurity and privacy concerns, providers should consider implementing best practices, such as: utilizing VPN, multifactor authentication, or other methods of identity authentication to protect information; entering into business associate agreements with technology vendors; and avoiding communicating protected health information in public spaces. Providers must also be diligent in maintaining necessary patient records, including signed informed consent forms. Notably, the specific requirements for informed consent forms varies by state. Providers should carefully review them to ensure compliance in the state or states in which they do business.

Considering the rapidly changing legal landscape, providers should have in place effective compliance programs and billing procedures to ensure compliance with applicable state and federal policies. Moreover, government agencies, including the U.S. Department of Justice and other state and federal law enforcement authorities, will vigorously pursue companies and individuals that unlawfully take advantage of the system by trying dishonestly to reap government funds or by avoiding compliance with applicable policies or licensing requirements. As such, healthcare providers must be truthful in any disclosures they make to the government.

Telehealth offers a way to treat patients even as in-person appointments are restricted severely. Providers that proceed with caution, ensure compliance with applicable laws and regulations, and take comprehensive steps to safeguard their cybersecurity will be poised to succeed in this new environment.

Source: Jdsupra

Coffee with DistilINFO's Morning Updates...

Sign up for DistilINFO e-Newsletters.

Just a little bit more about you...
PROCEED
Choose Lists
BACK

Related Stories

  • High-Income People Could Grab up to $40 Billion in Tax Breaks If the Affordable Care Act is OverturnedHigh-Income People Could Grab up to $40 Billion in Tax Breaks If the Affordable Care Act is Overturned
  • Why Pagers Still Matter: The History of Pagers (1921-2019)Why Pagers Still Matter: The History of Pagers (1921-2019)
  • Request for Information on Modifying HIPAA Rules To Improve Coordinated CareRequest for Information on Modifying HIPAA Rules To Improve Coordinated Care
  • Facebook, Amazon, Google and More Met with WHO to Figure Out how to Stop Coronavirus MisinformationFacebook, Amazon, Google and More Met with WHO to Figure Out how to Stop Coronavirus Misinformation
  • CMS Proposes Site Neutral Payment Rule That Would Lower Healthcare Costs For PatientsCMS Proposes Site Neutral Payment Rule That Would Lower Healthcare Costs For Patients
  • Oregon House Democrats Pass Universal Health Care ProposalOregon House Democrats Pass Universal Health Care Proposal

Trending This Week

Sorry. No data so far.

About Us

DistilINFO is media company that publishes Industry news, views and Interviews. We distil the information for you – saving time and keeping you up to date on your interest areas.

More About Us

Follow Us


Useful Links

  • Subscribe
  • Contact
  • Advertise
  • Privacy Policy
  • Terms of Service
  • Feedback

All Publications

  • DistilINFO HealthPlan Advisory
  • DistilINFO HospitalIT Advisory
  • DistilINFO IT Advisory
  • DistilINFO Retail Advisory
  • DistilINFO POPHealth Advisory
  • DistilINFO Ageing Advisory
  • DistilINFO Life Sciences Advisory
  • DistilINFO GovHealth Advisory
  • DistilINFO EHS Advisory
  • DistilINFO HealthIndia Advisory

© DistilINFO Publications