Fill out the form below or call us at (800) 345-4125.
In recent years, telehealth and telemedicine providers have come under increased scrutiny from payors, federal regulators, and state licensing authorities. These audits, investigations, and compliance reviews can have severe consequences, including huge recoupments, network terminations, and even criminal prosecution. If telehealth or telemedicine claims come under scrutiny, it is critical to act immediately to limit potential consequences.
Looking to grow your telehealth practice? Our telehealth attorneys are former government regulators with deep experience navigating multi-state licensing requirements and structuring compliant referral relationships. We help telehealth providers maximize reimbursement by implementing billing and coding strategies designed to meet telehealth insurance requirements and prevent costly denials. Do not wait until your telehealth practice comes under scrutiny. Call us today.
As Seen On
.png)
Healthcare Specialty Attorneys and Consultants - Health Law Alliance specializes in healthcare law and is dedicated to defending healthcare providers and their licenses from overreach.
Tenacious Defense - Health Law Alliance has gone after – and beaten – much bigger opponents. When faced with a seemingly daunting legal issue, our attorneys are the ones to call.
Proven Track Record - The attorneys at Health Law Alliance have a demonstrated track record of success against the most aggressive government regulators and industry behemoths.
Frequently Asked Questions About Telehealth Audit Defense & Regulatory Compliance
What kinds of services can I provide via telehealth?
Licensed providers can offer anumber of services to patients on a remote basis, including wellness visits,behavioral, physical, and occupational therapy, and follow-up appointments. Insome cases, providers may also be able to offer prescription managementservices, including prescribing certain medications. However, state laws varywidely in the rules and restrictions placed on telehealth providers. Ourattorneys can help you navigate these complexities with ease.
How can I ensure my telehealth practice is prepared for an audit?
There are many actionable steps you can take to ensure your practice is prepared for an audit. Conducting internal or external self-audits is key, and should include a review of billing, coding, and documentation protocols. Providers should also review their internal compliance programs, policies, and protocols, revising them regularly as new laws and regulations arise. Our team can help ensure your practice is prepared.
My telehealth practice is being audited. Can Health Law Alliance help me with my response?
Absolutely. Our experienced attorneys at Health Law Alliance can guide you through the audit process, from helping you compile the necessary documentation to formulating a defensive strategy to protect your practice. If you receive results you believe are inaccurate, our team can represent you through the appeals process to protect your practice from unwarranted penalties. We’re here to help you every step of the way.
How can I update my compliance protocols to align with federal and state telehealth laws?
Operating a legally compliant telehealth practice requires providers to exercise special care to avoid a number of legal risks, including HIPAA breaches, improper referral arrangements, and billing and coding errors. As attorneys with dedicated compliance experience, our team can offer guidance to help ensure your practice is aligned with all legal requirements.
I want to provide telehealth services to patients outside of my state. What are the licensure requirements for out-of-state telehealth providers?
All states require some form of in-state licensure or approval to treat patients outside of the provider’s state of practice. However, some states have adopted alternatives to allow out-of-state telehealth providers to provide care without going through the full licensure process, including limited licensure exceptions and interstate licensure compacts. Our guidance can help you ensure your practice is compliant with all applicable state licensing laws.
Can I prescribe medications via telehealth?
Generally, DEA-registered providers can prescribe most medications via telehealth. However, restrictions on telehealth prescribing (including the types of eligible medications and requirements for establishing patient-provider relationships) exist at both the state and federal level. Health Law Alliance can help you ensure your prescribing practices are compliant with all applicable laws and regulations.
Speak to an experienced attorney today at no-cost to evaluate your situation and discuss how we can help.
Legal challenges can be complex and stressful. Our experienced attorneys are dedicated to offering personalized guidance and effective solutions to help you navigate your legal journey with confidence
Telehealth and telemedicine laws govern the legal requirements and compliance standards for healthcare providers offering virtual care and managing referral networks. As telehealth services expand, federal and state regulations continually evolve to address issues like patient privacy, interstate licensing, and billing practices. Understanding telehealth compliance law is crucial for healthcare providers to avoid legal pitfalls, especially with the increasing scrutiny on data privacy and fraud prevention.
For telehealth providers, adhering to HIPAA compliance for telehealth is essential to protect patient information. Additionally, laws governing telehealth referrals, such as the Anti-Kickback Statute and Stark Law, impose specific requirements on how providers structure their referral networks. Non-compliance with these regulations can result in significant penalties, affecting a provider’s ability to operate effectively across states.
With Health Law Alliance’s expertise in telehealth compliance law and telehealth referral regulations, healthcare providers can stay informed of these complex legal standards, ensuring their practice operates within legal boundaries. Whether it’s setting up compliant telehealth systems or managing referral relationships, understanding telehealth and referral law is the first step to maintaining a successful virtual care practice.
Telehealth and telemedicine practices are governed by a range of federal and state laws designed to protect patient privacy, prevent fraud, and ensure safe healthcare practices. Key regulations include:
By adhering to these laws, telehealth providers can avoid legal issues and maintain compliant, ethical practices. Health Law Alliance assists providers in navigating these complex regulations, ensuring their practice is legally sound in every state they operate.
Telehealth providers face several unique challenges in maintaining compliance and managing referrals. Some common issues include:
These challenges highlight the importance of robust compliance measures for telehealth and referral practices. Health Law Alliance supports providers in addressing these issues, offering proactive strategies to help them maintain legal compliance and reduce risk.
Navigating legal compliance for telehealth and telemedicine practices can be complex. Here’s a step-by-step outline of the process when working with Health Law Alliance:
Each step in this process is designed to protect your telehealth practice from legal risks and maintain compliant operations. Health Law Alliance provides the expertise and support necessary to navigate each stage confidently, ensuring your practice meets all legal standards.
Failure to comply with telehealth and referral regulations can lead to significant consequences for healthcare providers. Understanding these potential outcomes underscores the importance of maintaining a strong compliance framework:
By staying compliant with telehealth and referral laws, providers can avoid these outcomes and maintain a legally sound practice. Health Law Alliance offers comprehensive compliance support to help telehealth providers mitigate these risks, ensuring that their practices operate smoothly and within legal boundaries.
Health Law Alliance provides specialized legal support for telehealth providers navigating complex compliance and referral regulations. Here’s how we can help:
Health Law Alliance’s dedicated team of healthcare defense attorneys brings in-depth experience in telehealth and referral compliance, helping providers like you avoid legal pitfalls and focus on patient care.
CVS Caremark one of the three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
Optum is one of three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
ESI is one of the three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
Prime has a relationship with ESI that provides for joint provider networks and oversight by both companies.
Learn More
Medicare and Medicaid use agencies like OIG or OMIG and outside contractors to audit prescription drug claims.
Learn More
Humana is a payor that uses PBMs and other contractors to audit government and commercial drug claims.
Learn More
Qlarant is contracted with Medicare to perform fraud, waste, and abuse audits and investigations.
Learn More
Safeguard is contracted with Medicare to perform fraud, waste, and abuse audits and investigations.
Learn More
To design an effective PBM audit response strategy, providers must understand the chain of events both prior to the initiation of a PBM audit and afterwards. For example, Special Investigative Units (SIUs) are often the genesis of a pharmacy audit, and the presence or absence of "audit risk factors" is informative on potentially broader exposure beyond the claims under audit. Any decision to resolve an audit should be informed and result in a full and final settlement of all liability, but PBM audit settlements need to be structured carefully to achieve this goal.
CVS Caremark, OptumRx, and Express Scripts, control at least 80% of the market, making them the three biggest PBMs. Humana also ranks among the largest. In addition, these PBMs regulate access to networks for smaller competitors, such as ESI's partnership with Prime. Plan sponsors, such as United Health, Cigna and Aetna, are vertically integrated with these PBMs, increasing audit risk for pharmacies because network sanctions are more likely to affect a significant aspect of a pharmacy's business across both government and commercial claims.
PBMs and payors use artificial intelligence and data mining across medical and pharmacy claims to identify areas of potential inquiry. Among other areas, these inquiries typically involve high-reimbursing medicines, brand/generic substitution, inventory discrepancies, co-payment collection, prior authorization, and telehealth relations. Separately, DEA conducts audits and inspections for compliance to controlled substance regulations.
Common types of PBM audits include desk audits; on-site audits; invoice audits; and prescription audits. Irrespective of the type of PBM audit, all interactions with PBMs should be taken extremely seriously and can lead to severe consequences if not handled appropriately. For example, there has been a sharp increase in the federal prosecution of pharmacists for audit-related conduct, including answering PBM questions incorrectly. Accordingly, pharmacies should consider using outside audit counsel to avoid these pitfalls.
Pharmacies can take various steps to prepare to meet PBM audits, including routine self-audits. In fact, the government publishes comprehensive guidance and a checklist to assist pharmacies in their audit planning, including self-audits around prescribing practices, controlled substance management, invoice management, and billing practices. If you need assistance designing or implementing an audit protection plan, please do not hesitate to contact us.
Defending against a PBM audit requires comprehensive knowledge of the rights, responsibilities, and intricacies of pharmacies and their laws and regulations. If your pharmacy has been identified for a PBM audit, there are a number of potential defenses available to you. The first defense against a PBM audit is to be proactive, and audit planning can lessen the chance of unfavorable findings. That said, it is often necessary to involve an attorney to hold PBMs to their obligations under law and provider agreements. For this reason, national audit services and pharmacy audit consultants are often ineffective.
Audit discrepancies and findings can be appealed based on the specific procedures outlined in the provider manuals. It is important to follow these requirements exactly, within the timeframes established, or your appeal rights could be lost and further review denied. In an appeal, it is critically important to make a complete record of why the audit findings or sanctions should be reversed, including through documentation, legal arguments, and corrective actions, if any. Depending on the outcome of the appeal, you may have further legal recourse against the PBM.
PBM audits can have severe repercussions depending on the results of the pharmacy audit, including recoupments, network sanctions, and criminal, civil and administrative investigations involving jail time, significant fines, and license revocation or exclusion. We publish a 10-part PBM Audit Guide that discusses the overlap between PBM audits and government investigations and how to successfully manage audit risk. This resource is complimentary to subscribers HERE.
Government investigations may come in many forms, but criminal matters involving potential jail time, mandatory exclusion, loss of licensure, and reputational harm are the most severe and scary scenarios that anyone can face. Unfortunately, it often is not clear, particularly at the outset, whether an investigation involves criminal violations or what your status might be in the investigation. For example, our clients might be informed that the FBI is interviewing patients, or that their partners have received subpoenas. The uncertainty that results from these types of events is particularly difficult for our clients to manage, and typically involves sleepless nights, loss of appetite, anxiety and potential depression.
Our experienced healthcare defense attorneys understand what clients are going through, and focus on providing them with insight into the government’s investigation and how best to defend it. There are a variety of potential outcomes, many of them involving far less severe ramifications than might be contemplated. Indeed, in healthcare, parallel criminal, civil, and administrative laws provide an opportunity for potential resolution of government investigations under terms that do not involve loss of liberty or livelihood. The range of outcomes that might be available depends on the evidence available to the government, but cases involving patient harm typically receive more focus from a criminal perspective than run-of-the-mill billing irregularities, particularly when the federal government is involved.
That said, there are several notable exceptions. At Health Law Alliance, our healthcare defense attorneys have decades of federal and state prosecutorial experience, and we rely on that background to highlight areas of increased risk. In particular, the below agencies focus on the prosecution of criminal healthcare fraud.
The Medicare Fraud Strike Force, operated by the U.S. Department of Justice (DOJ) in regions across the country, is particularly adept at prosecuting healthcare fraud criminal matters. Medicare Fraud Strike Force Teams harness data analytics and the combined resources of federal, state, and local law enforcement entities to prevent and combat healthcare fraud, waste, and abuse. More specifically, the Strike Force uses advanced data analysis techniques to identify aberrant billing levels in healthcare fraud “hot spots” – cities with high levels of billing fraud – combined with traditional investigative techniques to target suspicious billing patterns in addition to emerging schemes and fraudulent practices that move from one location to another.First established in March 2007, prosecutors operate in 16 Strike Forces, including the National Rapid Response Strike Force based in Washington, DC. The Strike Force Model centers on a cross-agency collaborative approach, bringing together the investigative and analytical resources of DOJ’s Fraud Section, the Federal Bureau of Investigation (FBI), the U.S. Department of Health and Human Services Office of the Inspector General (HHS-OIG), the Centers for Medicare & Medicaid Services (CMS), Drug Enforcement Administration (DEA), Defense Criminal Investigative Service (DCIS), Federal Deposit Insurance Corporation Office of the Inspector General (FDIC-OIG), Internal Revenue Service (IRS), Department of Labor-OIG, United States Postal Service – Office of the Inspector General (USPS-OIG), Veterans Administration – Office of the Inspector General (VA-OIG), and other agencies. Strike Force Health Care Fraud and Prescription Opioid teams are located across the country, as depicted by the chart below:
The Medicare Strike Force has filed thousands of criminal actions and indictments and recovered billions of dollars in assets resulting from healthcare fraud. The Strike Force teams bring together the Office of Inspector General (OIG), the Department of Justice (DOJ), Offices of the United States Attorneys (USAOs), the Federal Bureau of Investigation (FBI), local law enforcement, and others. These attorneys and investigators have a proven record of success in analyzing data and investigative intelligence to quickly identify fraud and bring prosecutions. The interagency collaboration also enhances the effectiveness of the Strike Force model. For example, OIG refers credible allegations of fraud to the Centers for Medicare & Medicaid Services (CMS) so that it can suspend payments to the alleged healthcare fraud perpetrators, thereby preventing losses to federal programs. Finally, the Medicare Strike Force does not focus exclusively on healthcare fraud but also prosecutes wire fraud, mail fraud, bank fraud, money laundering offenses, violations of the Anti-Kickback Statute (AKS), false statements offenses, Title 42 offenses, Title 26 offenses, and Title 21 offenses, in the highest intensity regions.
The Medicare Strike Force is a specialized department within the DOJ’s Health Care Fraud Unit, based in Washington, D.C., with operations across the country. DOJ’s Health Care Fraud Unit is led by over 80 experienced white-collar prosecutors who focus solely on prosecuting the nation’s most complicated healthcare fraud matters and the illegal prescription, distribution, and diversion of opioids and other controlled substances. The Health Care Fraud Unit’s mission is to protect the public treasury from wide-scale healthcare fraud, protect patients from significant fraudulent schemes that result in patient harm, and to detect, limit, and deter fraud and illegal prescription, distribution, and diversion of controlled substance offenses. The Health Care Fraud Unit endeavors to prosecute defendants who orchestrate schemes that result in the loss of hundreds of millions or billions of dollars, the distribution of tens of millions of opioids or controlled substances, and complex money laundering, tax, and other financial crime offenses.
The Health Care Fraud Unit prides itself on conducting the most trials of any DOJ component, including the U.S. Attorney's Offices. DOJ prosecutors, referred to as “Trial Attorneys,” have participated in the largest and most complex healthcare fraud and opioid distribution trials in the country. Notably, the Health Care Fraud Unit is a leader in using advanced data analytics and algorithmic methods to identify newly emerging healthcare fraud schemes and to target the most egregious fraudsters. The Health Care Fraud Unit’s team of dedicated data analysts works with prosecutors to identify, investigate, and prosecute cases using data analytics. At the Health Law Alliance, our healthcare defense attorneys have extensive experience in the use of data analytics to identify potential fraud, waste, and abuse, having served as the Chief Compliance Officer and Executive Leadership Team member for UnitedHealth Group, with oversight of Optum and UnitedHealthcare, including Special Investigative Units (SIUs) within those platforms.
The Health Care Fraud Unit’s cases are complex and wide-reaching. In particular, the National Rapid Response Strike Force was created in 2020 to investigate and prosecute fraud cases involving major healthcare providers that operate in multiple jurisdictions. The National Rapid Response Strike Force coordinates with the Civil Division’s Fraud Section and Consumer Protection Branch, U.S. Attorneys’ Offices across the country, state Medicaid Fraud Control Units (MFCUs), the FBI, HHS-OIG, and other agency partners to investigate and prosecute multi-jurisdictional and corporate healthcare fraud. The National Rapid Response Strike Force’s recent successes include the conviction of owners of a multi-state network of rural hospitals in a $1 billion billing fraud matter; the $500 million global resolution with Tenet Healthcare Corporation and related individual prosecutions for a hospital kickback scheme; the prosecution of billions of dollars in telemedicine fraud; prosecution of over $1 billion in fraudulent addiction rehabilitation facility fraud as part of the Sober Homes Initiative; and leadership of the Unit’s efforts to prosecute those seeking to criminally exploit the COVID-19 pandemic, including the conviction at trial of the President of a Silicon Valley technology company for healthcare fraud, illegal kickback, and securities fraud related to the announcement of purportedly revolutionary testing for COVID-19 using only a few drops of blood, i.e., Elizabeth Holmes and associates.
In addition, in 2022, the DOJ Criminal Division announced the formation of the New England Prescription Opioid (NEPO) Strike Force, a joint law enforcement effort to investigate and prosecute healthcare fraud schemes in the New England region, and to prosecute individuals involved in the illegal distribution of prescription opioids and other controlled substances. NEPO leverages the success of the October 2018 formation of the Appalachian Regional Prescription Opioid (ARPO) Strike Force, a joint effort between DOJ, FBI, HHS-OIG, DEA, and state and local law enforcement to combat healthcare fraud and the opioid epidemic in locations that have been harmed significantly by addiction. ARPO has partnered with federal and state law enforcement and U.S. Attorneys’ Offices throughout Alabama, Kentucky, Ohio, Virginia, Tennessee, and West Virginia to prosecute medical professionals involved in the illegal prescription and distribution of opioids.
In addition to DOJ’s Strike Forces and Health Care Fraud Units, all of the U.S. Attorneys’ Offices are staffed by federal prosecutors, referred to as Assistant United States Attorneys (AUSAs), who investigate and prosecute healthcare fraud crimes in their respective jurisdictions. There are 93 U.S. Attorneys’ Offices in the country, and the U.S. Attorney in each district is the chief federal law enforcement officer, reporting to the Attorney General of the United States. The U.S. Attorneys’ Offices are coordinated by the Executive Office for U.S. Attorneys, which oversees the DOJ’s Health Care Fraud and Abuse Act Program, established as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). To most, HIPAA is better known for privacy and nondiscrimination rules, but the statute also created a number of healthcare offenses and enforcement tools, including the “HIPAA subpoena,” and mandated that the DOJ and HHS-OIG coordinate to support efforts to investigate and prosecute healthcare fraud.
To this end, HIPAA provided a funding source, specifically requiring that amounts equaling recoveries from healthcare fraud investigations be deposited in or transferred to the Federal Hospital Insurance Trust Fund. Recoveries are then appropriated from the Trust Fund to the Health Care Fraud and Abuse Control Account in an amount the Attorney General and HHS Secretary certify annually are necessary to finance healthcare fraud enforcement activities. Appropriations from the Control Account fund attorneys, investigators, and litigation support to combat healthcare fraud. Since 1997, over $57 billion has been collected by the DOJ and HHS. Of that, nearly $40 billion has been returned to the Medicare Trust Funds, an average of approximately $1.5 billion per year, and Medicaid, Tricare, the Veteran’s Administration, among others. In the same period, 13,628 defendants have been convicted of healthcare fraud offenses, an average of 545 every year. These numbers are startling, to be sure.
All states also operate Medicaid Fraud Control Units (MFCUs), typically within the State Attorney General’s Office, to investigate and prosecute Medicaid-related fraud. The Social Security Act (SSA) requires each state to effectively operate an MFCU unless the Secretary of Health and Human Services (HHS) determines that (1) the operation of a Unit would not be cost-effective because minimal Medicaid fraud exists in a particular state; and (2) the state has other adequate safeguards to protect enrollees from abuse or neglect. MFCUs are funded jointly by the federal and state governments. Each Unit receives a federal grant award equivalent to 90 percent of total expenditures for new Units and 75 percent for all other Units.
MFCU cases often begin as referrals from external sources or are generated from data mining. MFCU staff review referrals of possible fraud to determine the potential for criminal prosecution or civil action. If the Unit accepts a referral, the case may result in various outcomes. Criminal prosecutions may result in convictions; civil actions may result in civil settlements. Both criminal prosecutions and civil actions routinely include the assessment of monetary recoveries. The approach of the MFCUs varies state-by-state, with some offices, such as Pennsylvania’s MFCU, that pursue criminal cases exclusively. In other words, the Pennsylvania MFCU will either bring a criminal case or decline the matter completely; that office does not interpret its enabling statutes to permit the resolution of investigations on civil terms. Other state MFCUs, however, investigate and prosecute both criminal and civil cases. The OIG has the authority to exclude convicted individuals and entities from any federally funded healthcare program, such as Medicaid, on the basis of convictions referred from MFCUs. In addition to achieving these outcomes, MFCUs may also make recommendations to their state governments to strengthen program integrity.
%402x.svg){kind=icon}