How To Respond to A FINRA or SEC Wells Notice
On July 20, 2022, the US Department of Health and Human Services Office of Inspector General (OIG) issued a Special Fraud Alert (Alert) concerning the fraud and abuse risks associated with healthcare practitioners entering into arrangements with telemedicine companies. The Alert follows dozens of civil and criminal investigations into alleged fraud schemes involving companies that claimed to provide telehealth, telemedicine or telemarketing services but allegedly engaged in kickbacks and substandard medical practices to generate medically unnecessary orders and prescriptions for items or services, resulting in submissions of fraudulent claims to Medicare, Medicaid and other federal healthcare programs.
The Alert also comes on the heels of a nationally coordinated US Department of Justice (DOJ) takedown involving more than $1 billion in allegedly fraudulent telemedicine schemes. The Alert identifies seven characteristics which could suggest a telemedicine arrangement presents potential risk for fraud and abuse. While the characteristics highlighted in the Alert are not representative of the legitimate and crucial telemedicine services offered by most healthcare providers, the Alert and the government’s sustained focus on potential telemedicine-related fraud cases provide an important opportunity for healthcare providers to evaluate their telemedicine offerings and arrangements and strengthen their telemedicine compliance activities.
In addition to the Alert, recent enforcement actions focused on telemedicine providers who prescribe controlled substances and corresponding congressional scrutiny of telemedicine providers indicates additional caution is warranted with respect to arrangements involving the prescription of controlled substances via telemedicine.
OIG released an Alert providing information and additional guidance to help health care practitioners identify potentially suspect arrangements with companies that purport to provide telehealth, telemedicine, or telemarketing services, some of which may be new to the market and created during the COVID-19 pandemic (collectively, Telemedicine Companies). The Alert appears to be directed towards physicians who may think that they are dealing with legitimate telemedicine companies, but who may need to verify that such companies have business models that are compliant with industry standards and regulations.
In addition to the Alert, there has been an increasing amount of enforcement action focused on Telemedicine Companies following the explosive growth in telemedicine services during the COVID-19 pandemic. During the pandemic, federal and state emergency actions vastly expanded telemedicine access, coverage and payment, which created additional incentives for health care providers to utilize telemedicine to provide care to their patients. Many health care providers have partnered with established and start-up Telemedicine Companies to facilitate the provision of care to their patients via telemedicine.
In recent years, the government has increasingly focused on alleged healthcare fraud schemes involving telemedicine services. For example, on September 30, 2020, the DOJ announced its largest fraud and opioid enforcement action in its history (Operation Rubber Stamp), which involved more than $6 billion in alleged fraud losses. Prior to this blockbuster enforcement action, the DOJ announced various coordinated telemedicine enforcement actions, including 2019’s Operation Brace Yourself and Operation Double Helix. In 2021, the DOJ continued this trend with the telemedicine component of the 2021 National Health Care Fraud Enforcement Action, which primarily focused on payment.
On July 20, 2022, the DOJ continued where it left off when it announced criminal charges against 36 defendants in 13 federal districts across the United States for more than $1.2 billion in alleged fraudulent telemedicine, cardiovascular and cancer genetic testing and durable medical equipment (DME) schemes. The federal investigations primarily targeted alleged schemes involving the payment of illegal kickbacks and bribes by laboratory owners and operators in exchange for the referral of patients by medical professionals working with fraudulent telemedicine and digital medical technology companies. In total, telemedicine schemes accounted for more than $1 billion of the total alleged intended losses associated with the enforcement action. In connection with the takedown, the DOJ issued a graphic summarizing the telemedicine enforcement actions and providing an example of telemedicine fraud schemes and also updated its summary of telemedicine enforcement cases.
Coinciding with the DOJ’s most recent enforcement actions—and following dozens of OIG and DOJ investigations into civil, criminal and administrative fraud schemes involving Telemedicine Companies—the OIG issued the Alert. Simultaneous with the release of the Alert, the OIG updated its Telehealth Resource Page, which provides compliance and enforcement resources.
ALLEGED FRAUD SCHEMES
The Alert focuses on alleged telemedicine fraud schemes that the OIG and DOJ have investigated in recent years under the Anti-Kickback Statute (AKS), the False Claims Act (FCA) and other federal statutes and regulations. These schemes vary in design and operation and have involved a wide range of individuals and types of entities. However, a common element in the alleged schemes is the use of kickbacks by Telemedicine Companies to recruit and reward practitioners. According to the Alert, these schemes typically involve Telemedicine Companies contracting with providers or provider groups to order or prescribe medically unnecessary items and services for individuals who are solicited and recruited by Telemedicine Companies or their marketing firm. Frequently, the alleged schemes involve Telemedicine Companies paying practitioners in exchange for ordering or prescribing items or services for patients the practitioner never examined or meaningfully assessed to determine the medical necessity of items or services ordered or prescribed. The OIG states that these payments may be described as a payment per review, audit, consult or assessment of medical charts, although there are legitimate Telemedicine Companies that rely on this type of compensation methodology. The Telemedicine Companies may tell practitioners they do not need to contact the patient or even review medical records and may direct practitioners to order or prescribe a preselected item or service, limiting the practitioner’s independent professional medical judgment regardless of the medical necessity or clinical appropriateness of said item or service. In many cases, according to the OIG, the Telemedicine Company sells the practitioner’s order or prescription generated to other individuals or entities that then fraudulently bill for the unnecessary items and services. The Alert warns that these alleged schemes implicate multiple federal laws, including the AKS. Practitioner arrangements with Telemedicine Companies may also lead to criminal, civil or administrative liability under other federal laws including the OIG’s exclusion authority related to kickbacks, the Civil Monetary Penalties Law provision for kickbacks, the criminal healthcare fraud statutes and the FCA. Practitioners may be personally liable for these types of arrangements if they are involved in ordering or prescribing medically unnecessary items or services.
OIG’S SUSPECT CHARACTERISTICS
Based on the OIG and DOJ’s telemedicine enforcement experience, the Alert identifies a non-exhaustive list of seven “suspect characteristics” related to practitioner arrangements with Telemedicine Companies which, taken together or separately, could suggest an arrangement that presents a heightened risk of fraud and abuse:
Patients are identified or recruited by the Telemedicine Company, telemarketing company, sales agent, recruiter, call centers, health fairs and/or through internet, television or social media by advertising free or low out-of-pocket cost items or services.
Practitioners are not provided an opportunity to interact with the patient or gather the information needed from patients to meaningfully assess them and determine the medical necessity of the prescribed items or services.
Compensation paid to practitioners is based on the volume of items or services ordered or prescribed (which may be characterized to the practitioner as compensation based on the number of purported medical records that the practitioner reviewed).
The Telemedicine Company only furnishes services to federal healthcare program beneficiaries and does not accept insurance from other payors (e.g., a commercial plan).
The Telemedicine Company purports to provide services to individuals who are not federal healthcare program beneficiaries but actually bills federal healthcare programs.
The Telemedicine Company provides only one product or class of services (e.g., genetic testing, DME or other specific items or services), potentially restricting a practitioner’s treatment options to a predetermined course of treatment.
The Telemedicine Company does not expect, provide information to enable or require practitioners to follow up with patients.
Compensation arrangements that involve per-order or per-item prescribed payment methodologies may not be able to receive protection under statutory or regulatory exceptions to the AKS, insofar as such compensation methods consider the volume or value of items ordered or referred that may be reimbursed by federal healthcare programs. The OIG has highlighted its concerns in the Alert that volume-based fees may corrupt medical decision-making, drive inappropriate utilization of healthcare services and result in patient harm. Accordingly, arrangements that incorporate these compensation methodologies require a more specific facts-and-circumstances analysis.
Many of the fraud cases highlighted by the OIG and DOJ involve fraudulent billing, in addition to alleged violations of the AKS. In particular, the Alert emphasizes that healthcare providers should pay extra attention to whether a Telemedicine Company is billing payors for the items and services it is furnishing to patients and which payors the Telemedicine Company is accepting. For example, some of the settlements highlighted by the OIG in the Alert involved Telemedicine Companies affiliated with telemarketing providers who directly call Medicare beneficiaries to generate patient “referrals.” Once the healthcare provider reviewed the medical record and (falsely) certified the medical necessity of the services for the patient, the Telemedicine Company submitted a bill for the services to federal healthcare programs. Healthcare providers should be sure that arrangements with Telemedicine Companies clearly specify which entity is responsible for billing federal healthcare programs and other payors for services furnished under the arrangement.
In addition to the suspect characteristics described by the OIG in the Alert, there has also been very recent congressional interest in potential fraud and abuse with respect to telemedicine arrangements. On June 6, 2022, Representative Gerald E. Connolly, chairman of the House Subcommittee on Government Operations (Subcommittee), sent a letter (Connolly Letter) to the US Drug Enforcement Agency (DEA) administrator highlighting concerns that online mental health providers were abusing the regulatory exception that allows for remote prescription of controlled substances with an in-person medical exam. The Connolly Letter cites concerns about aggressive marketing schemes and advertising practices that allegedly may influence clinical staff to prescribe drugs without sufficient oversight. It also cites concerns with how federal programs and agencies may be monitoring orders and shipments of prescribed drugs and requests information from the DEA for consideration by the Subcommittee. Accordingly, additional congressional interest and follow-up in this area is possible.
As the Alert emphasizes, it is not the OIG’s intention to discourage legitimate telemedicine arrangements. Rather, healthcare providers and practitioners should use heightened scrutiny, exercise caution and consider the seven suspect criteria noted in the Alert prior to entering into arrangements with Telemedicine Companies.
Accordingly, Telemedicine Companies and healthcare providers should:
Take note of the increased scrutiny directed toward arrangements between Telemedicine Companies and healthcare providers and individual practitioners.
Evaluate existing and future telemedicine arrangements to ensure compliance with fraud and abuse laws. Although many of these arrangements were entered into at the height of the COVID-19 pandemic, telemedicine arrangements have historically warranted thoughtful consideration of relevant laws and regulations.
Carefully review materials provided by Telemedicine Companies to ensure compliance with applicable Medicare, Medicaid and other federal healthcare program coverage, payment and billing requirements. (Note that payment and coverage criteria may vary.)
Inquire about the Telemedicine Companies’ clinical policies and procedures and review patient-facing materials to understand what is being communicated to patients.
The Alert demonstrates that proposed arrangements with Telemedicine Companies continue to require careful review to ensure compliance with applicable fraud and abuse laws and billing requirements.
It is also noteworthy that the Connolly Letter emphasizes the DEA’s authority under the Controlled Substances Act to establish a telemedicine special registration. Such telemedicine special registration would allow the DEA to specify parameters for what is permissible in the context of controlled substances via telemedicine without a prior in-person medical evaluation. While the DEA has not yet issued regulations establishing the telemedicine special registration, recent increases in enforcement activity may prompt the DEA to take action in this area. Accordingly, healthcare providers and Telemedicine Companies should continue to monitor DEA regulatory activities, as well.