Telehealth and Fraud Prevention: Protecting Your Practice

Introduction to Fraud Risks in Telehealth

During the pandemic, telehealth became a lifeline for millions of patients. But with this rapid adoption came a surge in fraud. In 2023 alone, the Department of Justice (DOJ) uncovered over $1.2 billion in fraudulent telehealth schemes, targeting federal programs like Medicare. For telehealth providers, the stakes couldn’t be higher.

Fraud in telehealth takes many forms, from billing for non-existent consultations to engaging in improper referral arrangements. These practices can expose providers to severe penalties, including exclusion from federal health care programs, substantial fines, and jail time.

Now more than ever, telehealth providers face increased risk of scrutiny from federal regulators. By understanding common fraud and abuse risks in telehealth, you can identify your practice’s risks and take valuable steps toward ensuring your practice is compliant.

Common Fraud and Abuse Pitfalls in Telehealth Practices

Telehealth fraud cost Medicare over $127 million in the first year of the pandemic alone. While telehealth has transformed healthcare access, it has also created opportunities for abuse. Every improper claim—intentional or not—can trigger audits, penalties, or even criminal charges. For telehealth providers, understanding the risks is critical to protecting your practice.

Billing Errors: Repeated inconsistencies in providers’ billing documentation are often key indicators to regulators that a provider could be engaging in fraud. Upcoding (billing for a more expensive service than what was provided) and phantom billing (claiming payment for services never rendered) are common issues that regulators look for, and too many of these claims can quickly spiral into a legal nightmare. For example, Connecticut-based telehealth company Meditelecare recently agreed to pay over $350,000 to settle allegations of improper Medicare billing. Investigators claimed the company billed for psychotherapy sessions that didn’t meet minimum time requirements and relied on false time records, highlighting how errors in billing practices can escalate into significant legal and financial consequences.

Adjusting to New Telehealth Flexibilities: Pandemic-era flexibilities, such as audio-only telehealth reimbursements and out-of-state licensing waivers, improved access for patients nationwide. However, they also opened the door to abuse. For example, many providers have faced significant fines and penalties for billing audio-only services as audio-visual evaluations to obtain higher reimbursements. Other providers relied on outdated licensing waivers to practice across state lines, unknowingly violating current laws.

Insufficient Documentation: Many telehealth practices cut corners when preparing documentation for virtual patients, using pre-filled templates or making patient encounter notes too vague. But regulators look closely at how well your records reflect the care you claim to provide, and poor record-keeping can present significant challenges for providers defending their practices against fraud allegations.

Other Risks: While some of the fraud and abuse risks telehealth providers face are specific to telemedicine, many are risks common to all providers that have come under scrutiny in telehealth practices. Take kickback schemes, for example. Telehealth providers are increasingly offered financial incentives for unnecessary referrals or prescriptions. A 2022 DOJ enforcement action announced charges against multiple providers for their involvement in telehealth schemes, working alongside telemarketers to order costly genetic tests for patients—many of which were medically unnecessary and approved without proper patient interaction. Providing medically unnecessary services is also a growing concern. The convenience of telehealth has made it easier than ever to order treatments or tests without adequate evaluation. In one case, a provider prescribed expensive orthotic braces for multiple patients after only a brief phone call, costing Medicare more than $5 million.

How can telehealth providers steer clear of these pitfalls? It starts with vigilance. Double-check your claims for accuracy, document every patient interaction thoroughly, and train your staff on compliance standards, particularly when it comes to appropriate billing practices. Our attorneys can help advise you on best practices to ensure your telehealth practice avoids these common risks.

Fraud prevention isn’t just about following rules—it’s about safeguarding the trust and viability of telehealth itself. But understanding these risks is only part of the solution.

Structuring Business Arrangements to Avoid Fraud Allegations

In 2022, telehealth company Cerebral faced a $10 million fine for violating anti-kickback laws. The company ultimately settled in late 2024, agreeing to pay over $3.6 million over a referral structure that rewarded providers based on the number of patients referred. This case isn’t unique—many telehealth providers unknowingly step into compliance traps when structuring business arrangements. Avoiding these pitfalls requires careful planning and a deep understanding of federal health care fraud laws.

Referral agreements are one of the most common risk areas. For instance, a telehealth platform offering financial bonuses tied to patient volume may not seem like a red flag to many providers. But federal fraud and abuse laws impose strict requirements on how providers may structure financial arrangements that could impact patient care. The Anti-Kickback Statute prohibits any form of financial reward—whether cash, discounts, or perks—in exchange for referrals covered by federal programs like Medicare. Partnerships involving marketing incentives or payment structures tied to patient volume therefore carry significant legal risk. Similarly, the Stark Law prohibits physicians from referring patients to entities where they have a financial interest, with some exceptions. These laws aren’t just red tape—each is designed to ensure patient care decisions are not impacted by a physician’s desire for financial gain.

Payment structures with vendors also demand caution. Agreements that reward referrals or prescribe unnecessary services are similarly risky. Consider a partnership with a medical device company offering commissions for each piece of equipment prescribed. Without proper safeguards, this arrangement could lead to penalties for both parties.

To protect your practice, start by grounding every agreement in compliance and transparency. Review contracts for red flags, such as payments tied to referrals or vague language that could imply improper incentives. Ensuring roles, responsibilities, and payment structures are clearly defined in all contracts is also essential. For example, instead of percentage-based fees, opt for flat-rate payments tied to specific, measurable services. Including compliance clauses that outline adherence to state and federal laws can further strengthen your agreements.

Documentation also plays a critical role. Keep detailed records of all contracts, negotiations, and justifications for business arrangements. If an audit occurs, having a paper trail of your due diligence can demonstrate your commitment to compliance.

Finally, educate your team. Regular training on regulatory requirements ensures that everyone—from leadership to frontline staff—understands the boundaries of legal business practices. Regular internal audits can also identify and correct compliance risks before they escalate.

A proactive approach to structuring business arragnements safeguards your telehealth practice during an era of increasing regulatory scrutiny. Working with one of our healthcare attorneys to structure agreements that meet Anti-Kickback and Stark Law exceptions is an investment in your practice’s future.

Best Practices for Documentation and Billing to Prevent Audit Flags

Imagine this: a telehealth provider submits claims for hundreds of virtual visits. They provided the care, but when regulators request records, the notes are incomplete, missing critical details about the services rendered. Despite their good intentions, the provider faces hefty fines and is forced to repay thousands of dollars. This situation is more common than you might think, and it underscores why strong documentation and billing practices are non-negotiable.

Why Documentation is Critical

Every claim you submit is a reflection of the care you provided. Regulators scrutinize records for accuracy, consistency, and detail. If something feels incomplete or unclear—like vague notes or mismatched codes—it raises red flags. For telehealth providers, where much of the interaction happens remotely, the stakes are even higher.

Proper documentation isn’t just about compliance; it’s a way to build trust. Clear, accurate records show that you’re transparent, detail-oriented, and committed to delivering quality care.

How to Avoid Common Pitfalls

One of the biggest mistakes providers make is relying on vague or incomplete notes. For instance, documenting "patient seen for follow-up" fails to explain what symptoms were discussed, what clinical decisions were made, or why the visit occurred. This kind of vagueness not only jeopardizes claims but also creates confusion during audits.

Audio-only telehealth services also present unique documentation challenges. Medicare, for example, has specific billing requirements for these visits, including documentation that justifies why audio-only care was appropriate. Failing to capture these details can lead to rejected claims or repayment demands.

To avoid these pitfalls, advise your providers to document the patient encounter either during or immediately following the visit while details are fresh. Be sure to use specific language to describe the purpose of the visit, symptoms discussed, and treatment decisions made. Providers should also make note of the modality used during the visit (video, audio-only, etc.) and why it was appropriate for the patient’s treatment needs.

Technology can play a key role in simplifying compliance for your practice. Many electronic health record (EHR) systems now include telehealth-specific templates, guiding providers to include key details for each type of visit. Analytics tools can also help identify inconsistencies or anomalies in billing patterns, reducing the risk of audit flags.

Key Takeaways and Action Steps for Fraud Prevention

Fraud isn’t just a regulatory issue—it’s a threat to everything you’ve worked hard to build. One oversight in documentation, billing, or a business arrangement can trigger an audit, hefty fines, or even the loss of your ability to practice. The good news? With the right strategies, you can protect your practice, your patients, and your peace of mind.

What You Should Take Away

Fraud prevention starts with accountability. It’s about asking tough questions: Are your records accurate and detailed enough to withstand scrutiny? Are your referral agreements structured with compliance in mind? Are you and your team up to date on the latest telehealth regulations? By answering these questions honestly, you can start building a practice that’s resilient to fraud risks.

Steps to Protect Your Practice

The first step is reflection. Look closely at how your practice operates. Are there gaps in your documentation? Do your billing processes rely on outdated codes or incomplete records? If so, start addressing those vulnerabilities immediately. Strong documentation is your first line of defense—it shows that you’re transparent, careful, and committed to quality care.

Next, scrutinize your business relationships. Every contract, referral agreement, or vendor partnership should be reviewed to ensure compliance with federal laws. If any arrangement feels unclear or too good to be true, consult one of our attorneys to ensure it aligns with Anti-Kickback and Stark Law requirements.

Education is also critical. Regular training sessions can help your team recognize compliance risks before they escalate. Everyone, from administrators to billing specialists, needs to understand the stakes and their role in maintaining a compliant practice.

Technology can be a game-changer. Use electronic health record (EHR) systems tailored for telehealth to streamline documentation and billing. Further, analytics tools are useful tools to help identify anomalies or inconsistencies in your claims, giving you a chance to fix errors before they draw attention from regulators.

But the most important step is to embrace a culture of compliance. Fraud prevention isn’t about fear—it’s about trust. It’s about showing patients and regulators alike that your practice operates with integrity and transparency. By prioritizing compliance, you’re not just avoiding penalties—you’re building a foundation for long-term success.

Looking Ahead

Fraud prevention isn’t a one-time effort; it’s a mindset. As telehealth continues to evolve, so will the rules and risks. Staying informed, adaptable, and proactive is essential. Protecting your practice today means investing in its future.

Now is the time to act. Evaluate your processes, educate your team, and tighten your business arrangements. By taking these steps, you’ll not only reduce your risk of fraud but also position your practice as a leader in ethical and compliant telehealth care.

‍