HIPAA » YouCompli

Telehealth evolution: Supporting patients with virtual care

Improve patient care and protect your healthcare organization under evolving telehealth compliance requirements today. How to prepare for regulatory change.

Trust in healthcare compliance programs

Four ways to build a healthy culture of compliance. Help your clinical and operational colleagues see compliance as foundational to your healthcare organization

Compliance Culture HIPAA How to regulatory change management Tips

HIPAA Right of Access initiative results in serious enforcement actions

OCR’s HIPAA Right of Access Initiative drives investigations and enforcement settlements. Four settlement examples and remedies.

HIPAA

Privacy protection: When our colleagues are our patients

How can you protect personal health information (PHI), medical records, and patient communication when the provider is also the patient?

HIPAA How to regulatory change management risk management Tips

Compliance expert Martie Ross explains critical regulatory change management issues facing healthcare in 2022

Regulatory Change Management is Critical

As a compliance officer, it’s time to go back through your compliance documentation over the past two years. How are you going to unwind from these changes

HIPAA regulatory change management

What is information blocking and how does it relate to our patients?

Information Blocking Rule works with HIPAA’s regulatory “right of access” provisions. Patients should have access to their health information.

HIPAA regulatory change management risk management

Telehealth policies and programs center on patient care

Patients and providers alike flocked to telehealth in 2020. Before the COVID-19 pandemic began, fewer than one percent of Medicare primary care visits (PCV) were conducted via telehealth. By April 2020 that number had risen to 43 percent. (See the data.)

This spike was in response to fear of spreading the virus, of course. But it was only possible because healthcare organizations worked so hard to adjust to meet the ongoing patient needs. The federal government helped by announcing a public health emergency that eased key rules.

Compliance professionals worked across their organizations to make sure that everyone understood and complied with documentation, coding and confidentiality requirements. For example, compliance professionals collaborated with clinical teams to ensure telehealth workflows were HIPAA compliant. And, given the potential for abuse and scrutiny, providers who bill Medicare/CMS took extra care to document visits properly.

Telehealth has been hugely popular with patients and has led to better visit compliance, particularly for uninsured and underinsured populations. Telehealth has improved patient care by allowing convenient appointments from the comfort of home via a smartphone, tablet, or computer. Another benefit is that telehealth has the potential to expand health care access to underserved populations by eliminating traditional barriers to care such as transportation needs, distance from specialty providers, and approved time off from work. These visits were essential for patients with limited mobility. And of course, there’s the most immediate and urgent benefit of telehealth: reducing the spread of COVID-19 by limiting person-to person-contact.

The work for the Compliance team and colleagues across the organization was significant. They had to determine how to maintain confidentiality, obtain consent, and determine proper billing codes. Despite the enormity of this task, the effort seems to be worth it. Patients are reporting that telehealth helps them take better care of themselves. According to Medical Economics:

93% of patients would use telehealth to manage prescriptions, and

91% shared telehealth would help them stick to appointments, manage prescriptions and refills, and follow wellness recommendations.

Providers seem to feel that they have worked through a lot of the challenges of telehealth compliance, especially when internet connections are stable. Nicole Craig is a Family Nurse Practitioner at Children’s Rehabilitative Services in Phoenix. She says compliance guidance helps providers “know what has to be documented in the chart to protect ourselves from things such as improper billing and coding.” And, “in 2021 the billing is now different. Getting help from Compliance allows providers to bill time-based care. We have to understand the billing rules and compliance factors in order to follow them, especially during telehealth visits.”

For most PCVs, telehealth proved to be an efficient way to provide care. This method limited in-person visits to those instances where the patient needed a hands-on physical assessment or diagnostic testing.

Isabella Porter, JD, director of Compliance at District Medical Group, Inc., is confident that 2020 created a rebirth of telehealth. She also sees a new appreciation of this method of care delivery which healthcare will not abandon once the pandemic is deemed “over.” And she knows that her team will be a big part of her organization’s success. “I do believe that in the context of telemedicine during COVID-19, our Compliance department’s assistance with telehealth workflows lead to overall better patient outcomes during the pandemic,” she said.

It’s a good thing. While concern about the coronavirus will recede, providers and patients alike will want to continue some telehealth visits. Healthcare leaders will work collaboratively to ensure their organizations can continue to offer this important option.

Keep on top of regulations affecting telehealth and make sure those regulations are translated into policies and procedures that affect patient care. YouCompli customers have access to notifications about changes to regulations, resources to inform policy and procedure updates, and tools to track compliance. Contact us today to learn more. 

Denise Atwood, RN, JD, CPHRM has over 30 years of healthcare experience in compliance, risk management, quality, and clinical areas. She is also a published author and educator on risk, compliance, medical-legal and ethics issues. She is currently the Chief Risk Officer and Associate General Counsel at a nonprofit, multispecialty provider group in Phoenix, Arizona and Vice President of the company’s self-insurance captive.

Subscribe to receive updates from YouCompli

Denise Atwood, RN, JD, CPHRM
District Medical Group (DMG), Inc., Chief Risk Officer and Denise Atwood, PLLC
Disclaimer: The opinions expressed in this article or blog are the author’s and do not represent the opinions of DMG.

HIPAA How to regulatory change management risk management

Differing state regulations make telehealth compliance more complex

The beauty of telehealth is that it connects patients and providers through technology that transcends boundaries. But when that connection crosses state lines, your healthcare organization could find itself responsible for complying with regulations from jurisdictions hundreds, maybe thousands, of miles away.

Or from states just down the road.

Many of those are stricter than the federal regulations, and many cover issues that the federal government doesn’t. Here are some of the key issues to look out for.

Differing reimbursement structures and rates

Reimbursement structure and rates vary by state and form of telehealth. For instance, all states pay Medicaid reimbursement for some form of live telehealth, but in different ways, and all states reimburse for interactive, real-time telehealth. However, only 14 reimburse for sessions where the patient records a call for later physician review (store-and-forward), and only 22 reimburse for remote patient monitoring of recently discharged hospital patients. There are eight states that reimburse for all three telehealth methods.

There are two opposite views about reimbursement rates. One view is that a service is a service, so being virtual or in person shouldn’t affect reimbursement.

The other penalizes telehealth for its efficiencies. In face-to-face visits, “there are built-in inefficiencies that isn’t time spending with the person,” says Dr. Katherine Dallow, vice president of Clinical Programs at Blue Shield Blue Cross of Massachusetts. “I probably spend somewhere between two to five minutes per patient moving from one room to another or pausing to document or checking something on their file or handing something off.” With less provider time and less pro rata overhead, some states reason, there should be less reimbursement.

Forty states have their own private payer telehealth reimbursement policies, and six have private payer parity laws requiring the same reimbursement for in-person and telehealth care.

Stricter privacy protections

The Health Insurance Portability and Accountability Act (HIPAA) is the federal umbrella protecting privacy and confidentiality of patient records, but states are allowed to go beyond it. Many do.

For example, if there’s a breach of privacy, HIPAA requires that the patient be notified within 60 days. Some states shorten that to 30 days, and California shortens it to ten. Some states also require hospitals to notify the state attorney general and the three major credit reporting companies: Equifax, Experian, and TransUnion. If there’s a breach of an out-of-state telehealth patient’s confidentiality, do you know what the originating state requires?

Multi-state provider licensure

Almost all states require physician licensure where the patient is (also known as the originating location). Same for nurses, nurse practitioners, physicians’ assistants, clinical psychologists, registered dieticians, and physical therapists. Different states have different licensing procedures, and there’s no federal umbrella. That’s something you’ll need to look out for, not only with faraway states, but also in New York, New York; Chicago/Hammond, Ind.; Texahoma, Texas/Okla.; or any of 84 other communities that straddle state lines.

(Speaking of licensure, is your hospital licensed to provide telehealth services? In how many states?)

Can doctors prescribe online?

State regulations for phone-in prescriptions from the late 1990s adapt pretty well to online prescriptions today. The problem is, they differ from one state to the next. Different states have different regulations on just what a valid prescription is. About whether the doctor can prescribe without seeing the patient first, and whether seeing a patient on a computer screen is really “seeing.” About whether there has to be a previous doctor/patient relationship, and whether that relationship can be remote or has to be face-to-face.

Related: Interstate regulations aren’t the only telehealth complexity. Check out this blog post for more: Telehealth compliance considerations: looking ahead.

Two ways to keep up; one is practical.

Complying with more than 50 sets of regulations takes a lot of attention to detail and a lot of reading. One way to keep up is with sheer effort: health organizations designate one or more people to read and track all the regulations that affect them.

A better, more practical way is to rely on expert compliance professionals and nationally respected law firms to keep you up to date on interstate issues in telehealth regulation. YouCompli users select the agencies that matter to their organizations and receive updates and resources to help them know about new regulations, decide their applicability, manage policy changes, and verify compliance.

Are you looking for ways to track telehealth regulations in all the states your patients receive treatment? Take a look at YouCompli, the only healthcare compliance software combining actionable, regulatory analysis with a simple SaaS workflow. 

Jerry Shafran is the founder of YouCompli.