Department of Health and Human Services Office of Inspector General Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks Ann Maxwell Deputy Inspector General for Evaluation and Inspections April 2023, OEI-02-20-00723 U. S. Department of Health and Human Services Office of Inspector General April 2023, OEI-02-20-00723 Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks What is the toolkit? This toolkit provides detailed information on methods to analyze telehealth claims to identify program integrity risks associated with telehealth services. It is based on the methodology that the Office of Inspector General (OIG) developed for the report Medicare Telehealth Services During the First Year of the Pandemic: Program Integrity Risks (OEI-02-20-00720), which identified Medicare providers whose billing for telehealth services poses a high risk to Medicare. 1 To address this risk, OIG called for targeted oversight of telehealth services. This toolkit is intended to assist public and private sector partners-such as Medicare Advantage plan sponsors, private health plans, State Medicaid Fraud Control Units, and other Federal health care agencies-in analyzing their own telehealth claims data to assess program integrity risks in their programs. Gaining a better understanding of the program integrity risks associated with telehealth services can help policymakers and stakeholders develop necessary safeguards and address individual cases of potential fraud, waste, and abuse. Doing so will help ensure that the benefits of telehealth are realized while minimizing risk in an effective and efficient manner. Why did OIG create the toolkit? The COVID-19 pandemic changed how patients visit and interact with their health care providers. The use of telehealth services grew dramatically during the first year of the pandemic and is now an important part of our health care system. Notably, Medicare beneficiaries used 88 times more telehealth services during the first year of the pandemic than in the year prior, with more than 2 in 5 Medicare beneficiaries using telehealth services in that year. 2 Medicaid and private health plans also experienced exponential growth in the use of telehealth. 3 In addition, certain groups, including those _____________________________________________________________________________________________________________________________ 1 OIG, Medicare Telehealth Services During the First Year of the Pandemic: Program Integrity Risks, OEI-02- 20-00720, September 2022. 2 OIG, Telehealth Was Critical for Providing Services to Medicare Beneficiaries During the First Year of the COVID-19 Pandemic, OEI-02-20-00520, March 2022. 3 Government Accountability Office, CMS Should Assess Effect of Increased Telehealth Use on Beneficiaries' Quality of Care, GAO-22-104700, March 2022. See also FAIR Health, Monthly Telehealth Regional Tracker, in medically underserved populations-such as Hispanic beneficiaries-were more likely to use telehealth than were other groups in Medicare. 4 However, along with the dramatic increases in use there have been concerns about fraud, waste, and abuse. Most recently, as part of the extension of telehealth in Medicare, lawmakers highlighted the need for further study on telehealth and Medicare program integrity. 5 As one of the lead Federal agencies fighting health care fraud, OIG is committed to supporting public and private partners in their efforts. In response to requests from stakeholders, OIG is providing this toolkit as an additional resource to support the oversight of telehealth. 6 Through the use of proactive, data-driven analyses, including measures such as those detailed in this toolkit, public and private partners can more effectively identify potential fraud, waste, and abuse schemes in their health care programs. 7 What does the toolkit include? The goal of this toolkit is to provide an approach to analyzing claims data for telehealth to identify areas in which additional safeguards may be necessary. The analysis can also help identify providers whose billing may pose a risk and warrant further scrutiny. The toolkit includes detailed descriptions of seven data analysis measures that can be applied to the user's own data. Users can also modify the measures to meet their individual needs, such as identifying providers at varying levels of risk. KG _____________________________________________________________________________________________________________________________ April 2020. Accessed at https://s3.amazonaws.com/media2.fairhealth.org/infographic/telehealth/apr- 2020-national-telehealth.pdf on November 7, 2022. 4 OIG, Certain Medicare Beneficiaries, Such as Urban and Hispanic Beneficiaries, Were More Likely Than Others To Use Telehealth During the First Year of the COVID-19 Pandemic, OEI-02-20-00522, September 2022. 5 Consolidated Appropriations Act, 2023. Accessed at https://www.appropriations.senate.gov/imo/media/doc/JRQ121922.PDF on January 5, 2023. 6 In response to a recent request for information, stakeholders informed OIG that they find insight into our report methodologies, and toolkits, helpful. See HHS OIG, Request for Information: Modernization Initiative To Improve HHS-OIG Public Resources. Accessed at Modernization Initiative To Improve Public Resources | Office of Inspector General | Government Oversight | U.S. Department of Health and Human Services (hhs.gov) on January 12, 2023. 7 Healthcare Fraud Prevention Partnership, Fraud, Waste, and Abuse in the Context of COVID-19, White Paper, January 2022. Accessed at HFPP Fraud, Waste, and Abuse in the Context of COVID-19 White Paper (cms.gov) on January 12, 2023. BACKGROUND OIG has conducted extensive work on telehealth services. As a part of this work, OIG identified program integrity risks associated with telehealth. One report provided insights on telehealth use and program integrity risks across health care programs in six Federal agencies. The report identified risks that were similar across multiple Federal programs and safeguards that could strengthen program integrity. These safeguards included conducting additional and ongoing monitoring of telehealth services. 8 Exhibit 1 highlights OIG's reports on telehealth. This toolkit is based on a report, Medicare Telehealth Services During the First Year of the Pandemic: Program Integrity Risks (OEI-02-20-00720), for which we developed seven program integrity measures as indicators of possible fraud, waste, and abuse. These measures focus on different types of billing for telehealth that providers may use to inappropriately maximize payments. We developed these measures by working with OIG investigators and by conducting extensive data analyses. We based this review on an analysis of both Medicare fee-for-service claims and Medicare Advantage encounter data. This toolkit includes instructions for how users can apply these seven measures to their own telehealth claims data. The resulting information can help users identify areas of risk for which additional safeguards may be needed or identify providers who warrant further scrutiny. The toolkit includes the following two sections: (1) Analysis Steps and (2) Program Integrity Measures. _____________________________________________________________________________________________________________________________ 8 This report summarizes program integrity risks across six selected health care programs during the pandemic and was issued by the Pandemic Response Accountability Committee. See Pandemic Response Accountability Committee, Insights on Telehealth Use and Program Integrity Risks Across Selected Health Care Programs During the Pandemic, December 2022. Accessed at What We Learned about Federal Telehealth Programs during the First Year of the Pandemic | Pandemic Oversight on January 12, 2023. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Background | 4 Exhibit 1 OIG Reports on Telehealth Use in Medicare During the Pandemic As a part of its series of reports on telehealth, OIG identified program integrity risks associated with telehealth services, examined the use of telehealth in Medicare, and analyzed the characteristics of beneficiaries who used telehealth during the pandemic. Click on the icons below to see the reports. Medicare Telehealth Services During the First Year of the Pandemic: Program Integrity Risks,OEI- 02-20-00720 This data brief describes providers' billing for telehealth services and identifies ways to safeguard Medicare from fraud, waste, and abuse related to telehealth. Key Takeaway: Our findings demonstrate the importance of effective, targeted oversight of telehealth services to ensure that the benefits of telehealth are realized while minimizing risk. Certain Medicare Beneficiaries, Such as Urban and Hispanic Beneficiaries, Were More Likely Than Others To Use Telehealth During the First Year of the COVID-19 Pandemic, OEI-02-20-00522 This data brief examines the characteristics of beneficiaries who used telehealth during the first year of the pandemic and sheds light on how the temporary expansion of telehealth affected different groups of beneficiaries. Key Takeaway: Beneficiaries in urban areas-as well as dually eligible, Hispanic, younger, and female beneficiaries-were more likely than others to use telehealth in Medicare. Telehealth Was Critical for Providing Services to Medicare Beneficiaries During the First Year of the COVID-19 Pandemic, OEI-02-20-00520 This data brief provides insight into the use of telehealth in both Medicare fee-for-service and Medicare Advantage during the first year of the COVID-19 pandemic, from March 2020 through February 2021. Key Takeaway: Over 28 million Medicare beneficiaries used telehealth during the first year of the pandemic. This was more than two in five Medicare beneficiaries. Most Medicare beneficiaries received telehealth services only from providers with whom they had an established relationship, OEI-02-20-00521 This data snapshot provides information to policymakers and other stakeholders about the relationship between beneficiaries and providers for telehealth services. Key Takeaway: Eighty-four percent of beneficiaries received telehealth services only from providers with whom they had an established relationship. Insights on Telehealth Use and Program Integrity Risks Across Selected Health Care Programs During the Pandemic, OEI-02-22-00150 This report-issued by the Pandemic Response Accountability Committee Health Care Subgroup- provides policymakers and stakeholders with information about the nature of telehealth and its use across selected health care programs in six Federal agencies during the first year of the pandemic. It also provides insights into the program integrity risks associated with telehealth and safeguards that could strengthen oversight in these programs. Key Takeaway: All selected programs experienced dramatic increases in the use of telehealth during the first year of the pandemic. Additionally, OIGs identified several program integrity risks associated with billing for telehealth services that were similar across multiple health care programs. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Background | 5 ANALYSIS STEPS This section provides the steps that can be taken to analyze claims for telehealth services. The goal of the analysis is to identify program integrity risks and providers whose billing poses a high risk and warrants further scrutiny. Steps for Analyzing Telehealth Claims 1. Review program policies Before beginning the analysis, it is important to be familiar with the payment and coverage policies of the program being reviewed. For example, it is necessary to know which services can be provided using telehealth and how these services are identified in the claims data. This toolkit is based on Medicare fee-for-service payment and coverage policies for telehealth services during the first year of the COVID-19 pandemic (March 2020 through February 2021). Other programs' policies may differ. Medicare policies may also change over time. 2. Collect claims data The next step is to identify the claims for telehealth services. The process for identifying telehealth claims may vary according to the coverage and billing policies of the program. This toolkit is intended for use with claims data from individual providers, such as physician and non-physician practitioners. 9 For Medicare, only certain services may be provided using telehealth. We focused our analysis on these services. They include services such as office visits with primary care providers or specialists; behavioral health services; and preventive services, among others. Because these services may be provided using telehealth or in person, we used the modifier or the place of service code to identify claims for telehealth services. During the COVID-19 pandemic, Medicare claims for telehealth services have a modifier of 95, GQ, or G0 or a place of service code of 02 to indicate that the service was delivered via telehealth. 10 A complete list of services that may be provided using telehealth under Medicare is available for download on the _____________________________________________________________________________________________________________________________ 9 The toolkit is not intended for use with claims data from institutions, such as hospitals and nursing homes. 10 Modifier 95 can be used to identify Medicare claims for telehealth services through the later of the end of the year in which the Public Health Emergency ends or the 2023 calendar year. 87 Fed. Reg. 69404 (Nov. 18, 2022). Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Analysis Steps | 6 Centers for Medicare & Medicaid Services (CMS) website at https://www.cms.gov/me dicare/medicare-general-information/telehealth/telehealth-codes. 11 In addition, we included in our analysis claims for virtual care services. Virtual care services include virtual check-ins, e-visits, remote monitoring, and telephone calls with a provider to discuss a patient's medical condition. They are always provided remotely, so we included all claims for these services, regardless of the modifier and place of service codes. A complete list of these codes is available in Appendix A. We recommend that users limit their analysis to paid or final claims. For analysis of the Medicare data, we included claims and encounters that were "final action" (meaning that it was the most recent version of the claim) and approved for payment. 3. Conduct quality assurance checks Before using the measures, it is important to conduct quality assurance checks on the data. There are many ways to conduct these checks. The most appropriate methods depend on the data. One essential step is to test the completeness and accuracy of certain key fields within the data, including:  identification number of the provider who rendered the service;  identification number of the billing provider associated with the service;  identification number for the patient who received the service;  date of the service;  procedure code billed;  quantity of service units billed; and  modifiers or place of service codes attached to the service. It is also important to check the data for erroneous values. For example, we checked the Medicare claims for improbable values in key fields and took steps, as appropriate, such as excluding claims with beneficiary identification numbers equal to zero. _____________________________________________________________________________________________________________________________ 11 Note that this list is updated annually, and procedure codes approved for telehealth may change from year to year. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Analysis Steps | 7 4. Analyze data to identify program integrity risks The next step is to conduct the data analysis to identify program integrity risks. The measures in this toolkit are intended to be a starting point for analysis of telehealth claims and are based on patterns in the Medicare claims data during the first year of the COVID-19 pandemic. See the seven program integrity measures we used in the next section. Billing patterns in other data may be different from those in Medicare data, so it may be necessary to adjust the analysis-especially the thresholds-to identify providers who pose a risk in different programs. For example, we considered providers who billed telehealth services for 2,000 or more Medicare beneficiaries during a year to be high risk. This number is far higher than the median of 21 Medicare beneficiaries for our data. In a program that is significantly smaller than Medicare, a threshold of 2,000 patients may be too high. It is important to review measures of central tendency (e.g., mean and median) and distribution, including outliers, to understand the data and select a threshold that is appropriate. 12 Users can also adjust the measures according to their own goals. Because our goal was to identify providers who pose a high risk to Medicare, we set very high thresholds. As a result, our measures may not capture all concerning billing related to telehealth services that is occurring in Medicare. If the goal of the analysis is to understand the breadth of a program integrity risk in the program, users may want to set lower thresholds for the measures. _____________________________________________________________________________________________________________________________ 12 When identifying outliers, it is important to select an appropriate method based on the data. For example, one option is to identify outliers using percentiles, such as the Tukey method. The Tukey method identifies outliers as values above the 75th percentile plus 1.5 or 3 times the interquartile range. Another option is to use the standard deviation to identify outliers. For more information about the Tukey method, see J.W. Tukey, Exploratory Data Analysis, Addison-Wesley, 1977. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Analysis Steps | 8 In addition, users may develop additional or related measures to identify program integrity risks based on the nature of their program. Other Considerations: "Incident To" Billing Under Medicare, "incident to" billing allows services provided by clinical staff who are directly supervised by a physician or non-physician practitioner to be billed under the supervising practitioner's identification number. Consequently, multiple individuals can provide telehealth services under a single identification number. The measures in this toolkit were designed with "incident to" billing in mind. For example, one measure identifies providers who bill for a high number of hours per visit. A visit is defined as the services provided to one patient in one day. By holding the patient constant, we minimize the effect of "incident to" billing, as a single patient can only receive services from one provider at a time. 5. Interpret the results of the analysis The results of the analysis can be used to identify program integrity risks associated with telehealth. For example, if a high number of providers exceed the thresholds on a measure, that area may be of particular concern in the program and additional safeguards, such as pre- or post-payment edits, may be necessary. In addition, it may be necessary to conduct additional followup on the individuals identified by these measures. Note that the measures do not confirm that any particular provider is engaging in fraudulent or abusive practices. Any determination of fraud or an overpayment would require additional investigation. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Analysis Steps | 9 PROGRAM INTEGRITY MEASURES This section describes each of the seven measures OIG developed that focus on different types of billing for telehealth that may indicate fraud, waste, or abuse. For each measure, we describe the following: • Measure: what the measure is and the type of program integrity risk the measure identifies; • Analysis: how to calculate the measure; and • Threshold: how to identify providers who pose a risk to the program. Billing telehealth services at the highest, most expensive level for a high proportion of services Measure: This measure identifies providers who billed telehealth services at the highest, most expensive level every time. Billing this way may indicate that a provider is billing for a higher level of service than was provided to increase their reimbursement, a practice sometimes known as "upcoding." 13 Analysis: To conduct this analysis, first identify service categories that can be billed at different levels depending on the complexity of the patient's condition or the duration required to diagnose and treat a patient. In identifying service categories for analysis, it may be helpful to select categories with significant differences in reimbursement between the highest level and the lowest level. For example, under Medicare, office visits for established patients can be billed using five different procedure codes (99211, 99212, 99213, 99214, or 99215) depending on the duration of the visit. The payment rate for the highest level of service (99215) is about eight times the rate of the lowest level (99211). _____________________________________________________________________________________________________________________________ 13 CMS, Medicare Fraud & Abuse: Prevent, Detect, Report, January 2021. Accessed at https://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network- MLN/MLNProducts/Downloads/Fraud-Abuse-MLN4649244.pdf on January 18, 2023. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 10 Office visits for established patients can be billed at different levels based on the duration of the visit: 99211 99212 99213 99214 99215 Office visit, Office visit, Office visit, Office visit, Office visit, typically typically typically typically typically 5 minutes 10 minutes 15 minutes 25 minutes 40 minutes Next, for each category of service, determine the percentage of each provider's services that were billed at the highest level. When calculating the percentage of services for each provider, be sure to account for procedure codes that were billed with more than one service unit, if applicable. For example, in the Medicare data, if a procedure code was billed with two service units, we considered that to be two services. Additionally, to ensure that the results of this analysis identify the providers with the most concerning billing, consider limiting this analysis to providers who billed for a certain number of services within a service category. In our analysis of Medicare data, we included only providers who had billed Medicare for at least 50 services in any given category. Threshold: Under Medicare, we considered providers to be high risk on this measure if they billed 100 percent of their telehealth services at the highest level in any of the service categories selected; most providers rarely, if ever, billed at the highest level. This is a conservative threshold. Users can lower the threshold according to their needs and data. To select a different threshold, review measures of central tendency (e.g., mean and median) and the distribution, including outliers in the data. For example, if the purpose of the analysis is to identify potential risks and establish safeguards, users may want to set a lower threshold. However, if the purpose is to identify providers for further investigation, users may want to set a high threshold. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 11 Additional Analysis: Identifying Providers Who Billed Beyond the Highest Levels of Service Additional analysis can provide supplemental information about the providers who always billed for telehealth services at the highest, most expensive level. In our analysis of Medicare data, we looked at how often these providers billed for prolonged services. Procedure codes for prolonged services allow providers to increase their reimbursement by billing for a service that lasts longer than the highest level. For example, CPT code 99354 allows providers to bill for up to an hour beyond the highest level. Further, CPT code 99355 allows providers to bill for an additional 30 minutes beyond the first hour. Billing a high average number of hours of telehealth services per visit Measure: This measure identifies providers who billed for a high average number of hours of telehealth services per visit. Billing this way may indicate that a provider is billing for unnecessary services or for services not rendered. This is one method that providers use to inappropriately maximize their Medicare payments. Analysis: There are several steps necessary to calculate a provider's average number of hours per visit. When analyzing Medicare claims, we considered a "visit" to be all the telehealth services a provider billed for a single beneficiary for one date. The first step is to determine the number of Resource: CMS publishes a list minutes it takes to reasonably deliver each of the median number of service. To do this, one option is to use the minutes for each procedure data that CMS publishes on the median code. It can be downloaded number of minutes providers spend from CMS's website. delivering each service by procedure code. 14 CMS provides this dataset each year with the _____________________________________________________________________________________________________________________________ 14 Some of the procedure codes in our data did not match to CMS's dataset. When this occurred, we looked at the service description to see whether minutes could be assigned. If a range of minutes was included in the description, we conservatively chose the smallest amount. If we could not establish a median number of minutes for a service, we did not include that service in the analysis. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 12 final Physician Fee Schedule, and it can be downloaded from the CMS website. 15 The second step is to calculate the total time spent on the services billed for each visit. To do this, sum all minutes spent on each service provided to a single patient, on a single date, by a single provider. When calculating the time, it is important to take the service units into account if a provider billed more than one unit for a given procedure code. Minutes for Service 1 + Minutes for Service 2 + = Total Minutes Minutes for Service… for the Visit Third, for each provider, calculate the average minutes across all visits for the year. Total Minutes for All Visits / Total Number of = Provider's Average Visits Number of Minutes per Visit Fourth, for each provider, convert the average number of minutes to hours by dividing it by 60. Additionally, consider limiting this analysis to providers who billed for a certain number of telehealth visits. In our analysis of Medicare data, we included only providers who had billed for at least 25 or more telehealth visits. We also excluded from our analysis some extra-long services (i.e., those that take more than 100 minutes and psychological testing and evaluation) to avoid flagging providers who were appropriately billing for longer visits. Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed for an average of more than 2 hours of telehealth services per visit. This was far higher than the median of 21 minutes of telehealth services per visit for all providers who billed Medicare for telehealth services. We chose a conservative threshold for our purposes; however, this threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs _____________________________________________________________________________________________________________________________ 15 For more information on CMS's calculation of the median number of minutes per service, see https://www.cms.gov/medicaremedicare-fee-service-paymentphysicianfeeschedpfs-federal-regulation- notices/cms-1751-f. The download section of this webpage contains a link to download the ZIP folder entitled "CY 2022 PFS Final Rule Physician Time (ZIP)." This folder contains an Excel spreadsheet with CMS's estimation of physician time spent on each service. Within the Excel spreadsheet, there is a column labeled "Median_Intra_Service_Time" that contains the median number of minutes. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 13 More to Consider: An "Impossible Day" Analysis A common program integrity measure identifies providers who bill for an improbable or impossible number of hours in a single day. For example, a provider could not provide, and therefore should not bill for, 25 hours of services in a single day. This is known as an "impossible day" analysis. However, an impossible day analysis is not a good fit for programs that allow for "incident to" billing. Under "incident to" billing, services provided by clinical staff who are directly supervised by a physician or non-physician practitioner may be billed under the supervising practitioner's identification number. Consequently, multiple individuals can provide telehealth services under a single identification number. If your program does not allow for "incident to" billing, it may be helpful to conduct an "impossible day" analysis to identify concerning telehealth billing. Billing telehealth services for a high number of days in a year Measure: This measure identifies providers who billed for telehealth for a high number of days. Billing this way may indicate that the provider is billing for services that were not provided. Analysis: To conduct this analysis, for each provider, count the total number of unique dates in a 1-year timeframe for which the provider billed at least one telehealth service. Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed telehealth services for more than 300 days in the year. This is far higher than the median of 26 days of the year for all providers who billed Medicare for telehealth services. This threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs. Billing telehealth services for a high number of patients Measure: This measure identifies providers who bill for a high number of unique patients. Billing this way may indicate that the provider is billing for services that were not provided. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 14 Analysis: To conduct this analysis, for each provider, calculate the total number of unique patients for whom they had billed at least one telehealth service during a 1- year timeframe. Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed telehealth services for 2,000 or more beneficiaries. This is far higher than the median of 21 beneficiaries for all providers who billed Medicare for telehealth services. This threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs. Additional Analysis: Identifying Providers Who Billed for Telehealth Solely or Primarily for Patients with Whom They Did Not Have an Established Relationship Users can gain a deeper understanding of the providers who pose a risk by conducting additional analysis. For example, users can identify providers who bill solely, or primarily, for patients with whom they have no established relationship. This billing pattern may indicate that these providers are billing for telehealth services using stolen or compromised patient identifiers. In our analysis of Medicare data, we considered an "established relationship" to be a prior in-person visit or other service with that same provider (identified by the billing provider's identification number) within a specified period of time. Billing multiple plans or programs for the same telehealth service for a high proportion of services Measure: This measure identifies providers who bill multiple plans or programs for the same telehealth service for a high proportion of their services. Billing this way may indicate that the provider is intentionally submitting duplicate claims to increase their payments. Analysis: To conduct this analysis, first identify telehealth services that were billed to more than one plan or program by matching claims in which information in key fields is identical. In our analysis of Medicare claims, we looked for telehealth services that were billed to both a Medicare Advantage plan and Medicare fee-for-service. To do this, we matched information in the following fields: rendering provider, billing provider, patient, date of service, and procedure code. If information in each of these fields was identical, we considered both claims to represent the same service. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 15 Claim Submitted to Plan 1: Claim Submitted to Plan 2: Claim Claim Rendering provider NPI* Rendering provider NPI 0123456789 0123456789 Billing provider NPI Billing provider NPI 987654321 987654321 Patient identification number Patient identification number 2345234523 2345234523 Date of service Date of service 01/01/2023 01/01/2023 Procedure code Procedure code 99212 99212 *The National Provider Identifier (NPI) is a unique identification number for health care providers. To use this measure to identify telehealth services that were inappropriately billed to more than one program (e.g., Medicare and Medicaid), additional fields may be needed, such as amount paid. In some circumstances, patients can be enrolled in multiple programs. It is important to understand these circumstances and select the fields accordingly. Next, determine the percentage of each provider's services that were billed to more than one plan. Additionally, to ensure that the results of this analysis identify the providers with the most concerning billing, consider limiting this analysis to providers who billed for a certain number of telehealth services. In our analysis of Medicare data, we included only providers who had billed Medicare for at least 50 telehealth services. Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed both Medicare fee-for-service and a Medicare Advantage plan for the same service for more than 20 percent of their services; most providers never billed this way. This threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 16 Billing for a telehealth service and then ordering medical equipment for a high percentage of patients Measure: This measure identifies providers who bill for telehealth services and then order medical equipment and supplies for a high percentage of their patients. This practice raises concern, as it has been linked to known fraud schemes. These providers may be ordering unnecessary medical equipment and supplies for patients. For example, providers may be billing for telehealth services, regardless of whether a patient was ever contacted, and ordering medical equipment and supplies as part of a kickback scheme with suppliers. Analysis: To conduct this analysis, for each provider, calculate the percentage of patients for whom they billed a telehealth service and then ordered medical equipment and supplies. 16 For our analysis of Medicare data, we focused on durable medical equipment and components, accessories, and supplies; orthotics and services; and prosthetics that were billed within 3 months of the telehealth service. 17 Additionally, to ensure that the results of this analysis identify the providers with the most concerning billing, consider limiting this analysis to providers who billed for telehealth services for a certain number of beneficiaries. In our analysis of Medicare data, we included only providers who had billed for telehealth services for at least 50 beneficiaries. Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed for a telehealth service and then ordered medical equipment and supplies for at least 50 percent of their beneficiaries. This percentage was far higher than the median of 3 percent of beneficiaries for our data. This threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs. _____________________________________________________________________________________________________________________________ 16 To conduct this analysis, your claims data must include the identification number for the provider who ordered the durable medical equipment and supplies. In Medicare fee-for-service claims, the ordering provider is listed in the field for the referring provider. Under Medicare Advantage, durable medical equipment suppliers are not required to include the ordering provider on their claims. Therefore, we limited our analysis to Medicare fee-for- service. 17 Under Medicare, durable medical equipment claims also include immunosuppressive drugs and other supplies that may be prescribed on a monthly basis, such as enteral nutrition supplies, end-stage renal disease supplies, or surgical dressing. We did not include these drugs and monthly supplies in our analysis. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 17 Additional Analysis: Identifying Providers Who Primarily Billed for Audio-Only Telehealth Services To gain a deeper understanding of the providers who pose a risk, users can conduct additional analysis to determine whether these providers billed primarily for audio-only services. In our analysis of Medicare claims, we identified providers who billed primarily for audio-only telehealth services before ordering medical equipment and supplies. This billing pattern may indicate that providers are cold calling new beneficiaries to increase orders for medical equipment, supplies, and telehealth services. To conduct this analysis, determine whether a provider billed for audio- only services for a high percentage of their telehealth claims. In Medicare, there are six procedure codes-99441, 99442, 99443, 98966, 98967, and 98968-used to bill services that are provided exclusively through audio- only. We limited our analysis of Medicare claims to these codes. Although Medicare allowed services billed using other procedure codes to be provided audio-only, it is not always possible to distinguish which claims were for audio-only telehealth services and which were for audio-video telehealth services.18 18 Billing for both a telehealth service and a facility fee for most visits Measure: This measure identifies providers who bill for both a telehealth service and a facility fee for most visits. Under Medicare, a facility fee-also known as an "originating site facility fee"-is a fee that a health care facility can charge when a patient comes to its building to receive telehealth services from a provider who is located elsewhere. The fee reimburses the facility for hosting the patient, e.g., providing a room and an interactive device for the telehealth visit. _____________________________________________________________________________________________________________________________ 18 Medicare allowed 86 additional procedure codes to be provided audio-only during our review period; however, Medicare data did not distinguish between audio-only and audio-video telehealth for these 86 codes. CMS now requires providers to use a modifier to identify audio-only services for the treatment of mental health conditions. See 86 Fed. Reg. 64996 (Nov. 19, 2021). Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 18 The provider who delivers the telehealth service then bills Medicare separately for the service. Under Medicare, the provider may not bill both the telehealth service and the facility fee. 19 Understanding the Facility Fee A patient goes to a clinic in The physician provides Troy, Illinois (the originating the telehealth service site), to connect with a using a computer at physician in Chicago to their office in Chicago. discuss their symptoms. n The clinic in Troy bills a The physician in facility fee for hosting the Chicago bills for the patient. telehealth service. Under some plans or programs, such as Medicare, it is inappropriate for the physician or practitioner who provides the telehealth service to also bill for the facility fee. Billing this way may indicate that the provider is intentionally billing both the telehealth service and a facility fee to increase their payments. Analysis: To conduct this analysis, first identify telehealth visits that include both a telehealth service and a procedure code for an originating site facility fee (Q3014) billed by the same provider for the same beneficiary. Next, determine the percentage of each provider's visits that included both a telehealth service and a facility fee. Additionally, to ensure that the results of this analysis identify the providers with the most concerning billing, consider limiting this analysis to providers who billed for a certain number of telehealth visits. In our analysis of Medicare data, we included only providers who had billed Medicare for at least 10 telehealth visits. _____________________________________________________________________________________________________________________________ 19 For Medicare requirements, see 42 CFR §§ 414.65(a)(1) and (b)(2). Given variation in State Medicaid requirements for billing the originating site facility fee, it is important to check the billing requirements for each State when analyzing Medicaid services delivered via telehealth. For private health plan carriers, refer to the plan's specific billing guidelines or policy manual. For more information about the variation in State Medicaid policies, see Medicaid and CHIP Payment and Access Commission, Chapter 2: Telehealth in Medicaid, March 2018. Accessed at https://www.macpac.gov/wp-content/uploads/2018/03/Telehealth-in-Medicaid.pdf on November 15, 2022. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 19 Threshold: Under Medicare, we considered a provider to be high risk on this measure if they billed for both a telehealth service and an originating site facility fee for more than 75 percent of their visits; most providers never billed this way. This threshold can be changed to fit different needs and data. Users should review measures of central tendency and the distribution, including outliers in their data, to select a threshold that meets their needs. Additional Analysis: Identifying Additional Characteristics of Providers Who Pose a Risk to the Program There are two additional steps that can be taken to gain a deeper understanding of providers identified as posing a risk to the program. • Identifying providers who are part of the same medical practice. This can be done by analyzing the providers' claims for the organizations that billed Medicare for the telehealth services (i.e., on the basis of the billing providers' identification numbers). Identifying providers who are a part of the same medical practice may indicate that certain practices encourage such billing among their associated providers. • Identifying providers who appear to be associated with telehealth companies. These are companies that employ or contract with practitioners to provide on-demand telehealth services to beneficiaries, also referred to as direct-to-consumer telehealth vendors. Identifying providers who pose a risk and appear to be associated with telehealth companies may indicate a need to monitor these companies more closely. While there is currently no systematic way to identify these companies in the Medicare data, a manual review can be done on a subset of providers using the name associated with the billing providers' identification numbers. Note that a single provider may be associated with more than one telehealth company. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 20 Notice This toolkit was prepared as a technical resource and is not intended to, and does not, create any rights, privileges, or benefits, substantive or procedural, enforceable by a party against the United States; its agencies or instrumentalities; its officers or employees; or any other person. The toolkit is provided in "as-is" condition, and OIG and its employees, agents, and staff disclaim any express or implied representation, warranty, or guarantee, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. In particular, no representation is made that the information included in the toolkit, or any data the toolkit produces, is error-free. The toolkit should not be used as the sole basis to determine whether an individual is inappropriately billing for telehealth services. The toolkit is not intended to be used to determine compliance with any laws, regulations, or other guidance. In no event shall OIG or its employees, agents, or staff be liable for any claim, damages, or liability, whether in an action of contract, tort, or otherwise, and including direct, indirect, incidental, special, exemplary, or consequential damages, however caused, and on any theory of liability, arising in any way out of the use of this toolkit, even if advised of the possibility of such damage. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Program Integrity Measures | 21 APPENDIX A Virtual Care Services20, 21 98966 Telephone assessment and management by nonphysician, 5-10 minutes 98967 Telephone assessment and management by nonphysician, 11-20 minutes 98968 Telephone assessment and management by nonphysician, 21-30 minutes 98970 Online assessment and management by nonphysician, 5-10 minutes 98971 Online assessment and management by nonphysician, 11-20 minutes 98972 Online assessment and management by nonphysician, 21 or more minutes 99091 Collection and interpretation of physiologic data digitally stored and/or transmitted by the patient 99421 Online digital evaluation and management, 5-10 minutes 99422 Online digital evaluation and management, 11-20 minutes 99423 Online digital evaluation and management, 21 or more minutes 99441 Phone evaluation and management by a physician or other qualified healthcare professional, 5-10 minutes 99442 Phone evaluation and management by a physician or other qualified healthcare professional, 11-20 minutes 99443 Phone evaluation and management by a physician or other qualified healthcare professional, 21-30 minutes 99453 Remote monitoring, setup and patient education 99454 Remote monitoring, device supply and daily recordings 99457 Remote monitoring, interactive communication with patient, first 20 minutes 99458 Remote monitoring, interactive communication with patient, each additional 20 minutes 99473 Self-measured blood pressure; patient education or training and device calibration 99474 Self-measured blood pressure and treatment plan Payment for virtual care services for 5 minutes or more between a rural health clinic or federally qualified health G0071 center practitioner and a patient G2010 Remote evaluation of patient images or video G2012 Virtual Check-in G2061 Online assessment and management by nonphysician, 5-10 minutes G2062 Online assessment and management by nonphysician, 11-20 minutes G2063 Online assessment and management by nonphysician, 21 or more minutes G2250 Remote assessment of recorded video and/or images submitted by an established patient G2251 Brief communication technology-based service, e.g., virtual check-in, 5-10 minutes G2252 Brief communication technology-based service, e.g., virtual check-in, 11-20 minutes _____________________________________________________________________________________________________________________________ 20 We refer to these services as virtual care services. Virtual care services include virtual check-ins, e-visits, remote monitoring, and telephone calls with a provider to discuss a patient's medical condition. CMS does not include all of these services in its formal definition of telehealth. 21 This list is based on Medicare fee-for-service payment and coverage policies during the first year of the COVID- 19 pandemic (March 2020 through February 2021). The services or procedure codes used to bill virtual care services may have changed. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Appendix A | 22 ACKNOWLEDGMENTS AND CONTACT Acknowledgments Miriam Anderson served as the team leader for this study. Others in the Office of Evaluation and Inspections who conducted the study include Alexis Mills and John Gordon. Office of Evaluation and Inspections headquarters staff who provided support include Michael Novello and Sarah Swisher. This report was prepared under the direction of Jodi Nudelman, Regional Inspector General for Evaluation and Inspections in the New York regional office, and Nancy Harrison and Meridith Seife, Deputy Regional Inspectors General. Contact To obtain additional information concerning this report, contact the Office of Public Affairs at Public.Affairs@oig.hhs.gov. OIG reports and other information can be found on the OIG website at oig.hhs.gov. Office of Inspector General U.S. Department of Health and Human Services 330 Independence Avenue, SW Washington, DC 20201 Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 Acknowledgments and Contact | 23 ABOUT THE OFFICE OF INSPECTOR GENERAL The mission of the Office of Inspector General (OIG), as mandated by Public Law 95-452, as amended, is to protect the integrity of the Department of Health and Human Services (HHS) programs, as well as the health and welfare of beneficiaries served by those programs. This statutory mission is carried out through a nationwide network of audits, investigations, and inspections conducted by the following operating components: The Office of Audit Services (OAS) provides auditing services for HHS, either by conducting audits with its own audit resources or by overseeing audit work done by others. Audits examine the performance of HHS programs and/or its grantees and contractors in carrying out their respective responsibilities and are intended to provide independent assessments of HHS programs and operations. These audits help reduce waste, abuse, and mismanagement and promote economy and efficiency throughout HHS. The Office of Evaluation and Inspections (OEI) conducts national evaluations to provide HHS, Congress, and the public with timely, useful, and reliable information on significant issues. These evaluations focus on preventing fraud, waste, or abuse and promoting economy, efficiency, and effectiveness of departmental programs. To promote impact, OEI reports also present practical recommendations for improving program operations. The Office of Investigations (OI) conducts criminal, civil, and administrative investigations of fraud and misconduct related to HHS programs, operations, and beneficiaries. With investigators working in all 50 States and the District of Columbia, OI utilizes its resources by actively coordinating with the Department of Justice and other Federal, State, and local law enforcement authorities. The investigative efforts of OI often lead to criminal convictions, administrative sanctions, and/or civil monetary penalties. The Office of Counsel to the Inspector General (OCIG) provides general legal services to OIG, rendering advice and opinions on HHS programs and operations and providing all legal support for OIG's internal operations. OCIG represents OIG in all civil and administrative fraud and abuse cases involving HHS programs, including False Claims Act, program exclusion, and civil monetary penalty cases. In connection with these cases, OCIG also negotiates and monitors corporate integrity agreements. OCIG renders advisory opinions, issues compliance program guidance, publishes fraud alerts, and provides other guidance to the health care industry concerning the anti-kickback statute and other OIG enforcement authorities. Toolkit: Analyzing Telehealth Claims to Assess Program Integrity Risks OEI-02-20-00723 About OIG | 24