Differing state regulations make telehealth compliance more complex

The beauty of telehealth is that it connects patients and providers through technology that transcends boundaries. But when that connection crosses state lines, your healthcare organization could find itself responsible for complying with regulations from jurisdictions hundreds, maybe thousands, of miles away.  

Or from states just down the road. 

Many of those are stricter than the federal regulations, and many cover issues that the federal government doesn’t. Here are some of the key issues to look out for. 

Related: Growth in telemedicine could mean trouble if you are not careful   

Differing reimbursement structures and rates 

Reimbursement structure and rates vary by state and form of telehealth. For instance, all states pay Medicaid reimbursement for some form of live telehealth, but in different ways, and all states reimburse for interactive, real-time telehealth. However, only 14 reimburse for sessions where the patient records a call for later physician review (store-and-forward), and only 22 reimburse for remote patient monitoring of recently discharged hospital patients. There are eight states that reimburse for all three telehealth methods. 

There are two opposite views about reimbursement rates. One view is that a service is a service, so being virtual or in person shouldn’t affect reimbursement. 

The other penalizes telehealth for its efficiencies. In face-to-face visits, “there are built-in inefficiencies that isn’t time spending with the person,” says Dr. Katherine Dallow, vice president of Clinical Programs at Blue Shield Blue Cross of Massachusetts. “I probably spend somewhere between two to five minutes per patient moving from one room to another or pausing to document or checking something on their file or handing something off.” With less provider time and less pro rata overhead, some states reason, there should be less reimbursement. 

Forty states have their own private payer telehealth reimbursement policies, and six have private payer parity laws requiring the same reimbursement for in-person and telehealth care. 

Stricter privacy protections 

The Health Insurance Portability and Accountability Act (HIPAA) is the federal umbrella protecting privacy and confidentiality of patient records, but states are allowed to go beyond it. Many do. 

For example, if there’s a breach of privacy, HIPAA requires that the patient be notified within 60 days. Some states shorten that to 30 days, and California shortens it to ten. Some states also require hospitals to notify the state attorney general and the three major credit reporting companies: Equifax, Experian, and TransUnion. If there’s a breach of an out-of-state telehealth patient’s confidentiality, do you know what the originating state requires? 

Multi-state provider licensure 

Almost all states require physician licensure where the patient is (also known as the originating location). Same for nurses, nurse practitioners, physicians’ assistants, clinical psychologists, registered dieticians, and physical therapists. Different states have different licensing procedures, and there’s no federal umbrella. That’s something you’ll need to look out for, not only with faraway states, but also in New York, New York; Chicago/Hammond, Ind.; Texahoma, Texas/Okla.; or any of 84 other communities that straddle state lines. 

(Speaking of licensure, is your hospital licensed to provide telehealth services? In how many states?) 

Can doctors prescribe online? 

State regulations for phone-in prescriptions from the late 1990s adapt pretty well to online prescriptions today. The problem is, they differ from one state to the next. Different states have different regulations on just what a valid prescription is. About whether the doctor can prescribe without seeing the patient first, and whether seeing a patient on a computer screen is really “seeing.” About whether there has to be a previous doctor/patient relationship, and whether that relationship can be remote or has to be face-to-face. 

Related: Interstate regulations aren’t the only telehealth complexity. Check out this blog post for more: Telehealth compliance considerations: looking ahead

Two ways to keep up; one is practical. 

Complying with more than 50 sets of regulations takes a lot of attention to detail and a lot of reading. One way to keep up is with sheer effort: health organizations designate one or more people to read and track all the regulations that affect them.  

A better, more practical way is to rely on expert compliance professionals and nationally respected law firms to keep you up to date on interstate issues in telehealth regulation. YouCompli users select the agencies that matter to their organizations and receive updates and resources to help them know about new regulations, decide their applicability, manage policy changes, and verify compliance.  

Are you looking for ways to track telehealth regulations in all the states your patients receive treatment? Take a look at YouCompli, the only healthcare compliance software combining actionable, regulatory analysis with a simple SaaS workflow.  

Jerry Shafran is the founder of YouCompli. 

Protecting Hospital Finances in the Post-Pandemic Environment

It’s become a cliche, especially in healthcare, to say that COVID-19 has changed “everything”. One thing that has clearly changed, however, is hospital finances.

Pandemic response stretched every healthcare system in the United States, many to the breaking point. Revenues from non-COVID procedures were significantly reduced, to the point that furloughs of vital medical staff have become necessary.

In this environment, compliance professionals have an important role to play. Ensuring that all payment compliance regulations are being followed helps to protect existing revenue streams, and helps to get the system back on a strong financial footing. As hospitals are getting “back to normal” and trying to find ways to bolster their budgets, good compliance practices are vital.

Outstanding Payments and Patient Insurance

In-hospital treatments declined during the pandemic; however, virtual health visits significantly increased. It’s crucial to continuously monitor payment compliance practices, which include patient insurance information, especially when offering this new treatment vector.

Pre-pandemic, the number of Medicare patients increased by 11 million since 2014, and at least 37 states expanded Medicare eligibility in 2019. While it’s hard to say where Medicare coverage will go as government budgets also come under pressure, these numbers could mean that some outstanding medical bills may be covered.

Historically, about 1% to 5% of self-pay accounts, or patient out of pocket costs, are written off by hospitals as bad debt. Checking and double-checking that your institution has the right information about patients, now and going forward, can be a key step in keeping the hospital financially strong.

The number of uninsured patients has continued to grow — by 12% towards the last months of 2017, and 27 million Americans have lost their employer-provided insurance during the pandemic. Overall, improving payment compliance practices in relation to insurance is an important step in effectively managing these, and other, challenges with patient payment balances.

Reducing Readmission Rates and Penalties

If your hospital serves Medicare and Medicaid patients, you probably know the high number of readmissions that occur in typical months. Readmissions that take place within 30 days of an initial visit cost hospitals a staggering $41.3 billion. In a post-COVID world, these patterns may not hold — but that could mean that readmissions are going to go up, not down.

CMS instituted several programs to try to manage these readmission challenges.

  • The Hospital Readmissions Reduction Program (HRRP): rewards hospitals for lowering readmission rates for common health conditions like heart attacks, pneumonia, COPD, and total hip and knee replacement surgery
  • The Hospital-Acquired Condition Reduction Program (HACRP): encourages a reduction in avoidable infections resulting from colon surgeries and hysterectomies, bedsores, sepsis, and even blood clots

Hospitals with, according to CMS, higher than average readmission rates face steep penalties and lower claims reimbursement. In the fiscal year 2020, pandemic notwithstanding, 83% of the 3,300 hospitals in the U.S. were projected to face penalties. And these penalties can be as high as a 3% reduction in repayment. Across the United States, CMS penalizes the worst-performing hospitals with a 1% reduction in total claim reimbursement.

As hospitals reopen and restart regular procedures and treatment, and try to rapidly scale revenue generation, more hospitals may face penalties, if compliance practices are not strong. Surprisingly, at least 12% of readmission cases of readmission cases are preventable, according to the Medicare Payment Advisory Commission (MedPAC).

Two ways hospitals can comply with CMS’ regulations and boost patient care are:

  1. Embrace a process that sends discharge summaries to the primary care physician
  2. Assign staff follow-up on post-discharge test results.

Setting up such a process can be tricky, especially in larger hospital facilities and in facilities that are still challenged in the aftermath of COVID. Medical staff need to be able to consistently and quickly assign, track, and review summaries and test results.

Monitoring each step of the process is necessary to ensure that your organization is taking the proper steps to adhere to Medicare and Medicaid requirements. That way, your hospital easily avoids significant penalties while boosting patient care. CMS also recommends that hospitals be on the lookout for hospital-related illnesses, which can derail patient care standards.

What You Can Do

Staying on top of the ever-changing world of CMS regulations isn’t easy, especially as we emerge from the pandemic crisis. But we can help by providing you with expert advice and tools that target the regulations and policies needed to run your hospital compliance program more effectively.

Our fully customizable software helps you and your revenue cycle team stay on top of every regulation, so you’ll have the best possible chance of meeting essential mandates, keeping cash flowing and avoiding penalties.

See YouCompli in Action

Easier, faster, more effective compliance is possible

5 Payer Audit Errors Every Hospital Must Avoid

5 payer audit errors

Revised September 2022

Most healthcare providers, from large hospitals to solo practitioners, experience an external audit at some point. The scrutiny can unveil errors and violations, which can lead to hefty penalties. 

The key to surviving an external audit, with the least amount of frustration, is to avoid these five common mistakes. 

1. Late Responses

Your deadline to submit relevant documentation begins upon receiving that external audit request. 

External audits may be requested by a commercial health insurance payer, or government agencies such as the Centers for Medicare and Medicaid Services (CMS) or Office for Civil Rights (OCR). While the origin of the audit request doesn’t matter, a timely response is essential. 

Take all deadlines seriously. If an extension is needed, ask for one, immediately. Missing deadlines can result in hefty fines and penalties. 

2. The Wrong Documentation

A common trigger for payer audits is improper or lack of necessary documentation.  As a healthcare practitioner, you must prove the medical necessity of each test or procedure used to diagnose and treat your patients. 

Here’s the tricky part. Sometimes payers and providers disagree on what tests or procedures are medically necessary.  Additionally, medically necessary guidelines change frequently. CMS provides local coverage determinations (LCDs) and national coverage determinations (NCDs) to help with your documentation. Be sure you are aware of changes to these coverage determinations.  

The best way to mitigate this problem is to educate your staff on what services the payer considers medically necessary, and what documentation is required to establish medical necessity. 

 Additionally, clearly document the need for a particular procedure to treat or diagnose a patient. Finally, when required, ensure that authorization is received from the payer before rendering services. 

3. Billing the Wrong Codes

Incorrect billing and coding practices can raise suspicion of fraud, failed claims, or delayed reimbursement, and — you guessed it — external payer audits. Providers and patients overpay a whopping $68 billion annually due to incorrect billing. 

 Coding systems developed by the American Medical Association and the Centers for Medicare and Medicaid are designed to streamline the billing process. Every medical procedure and service from ambulance rides to chemotherapy drugs to doctor visits are contained within coding systems such as the ICD-10, CPT, and HCPCS. 

Studies show 80 percent of medical bills in the U.S. contain errors. This percentage can decrease by ensuring appropriate staff stay current with billing and coding updates and communicate those changes to the right clinical and administrative staff to avoid old and outdated codes. 

4. No Self-Audit

One way to prepare for payer audits is to perform regular self-audits within your facility.  Internal audits are great for identifying and eliminating weak spots that can potentially lead to headaches down the road, like rejected claims and costly compliance failures. 

 One drawback is the strain on precious resources like time and personnel. You can get around this problem by hiring a third-party audit service. Make sure you have HIPAA-compliant Business Associate Agreements (BAA) so that you’re allowed to share your patient health information with third parties providing auditing services.  

 Another option is to use software provides 24/7 access to survey compliance data. Ideally, this software will provide automatic tracking of all documentation and decisions involved in the process of running your organization. 

 This ensures that compliance professionals can get immediate reporting on how well their team is doing, conducting audits more efficiently and effectively. It’s a time and cost-effective solution to hiring an outside third-party provider. 

5. No Legal Help

Having a healthcare attorney in your corner can mean the difference between a smooth audit experience and an audit nightmare. 

Here’s how a healthcare legal team can benefit your health practice: 

  • Work intimately with your staff to analyze any risky billing procedures. 
  • Challenge any demands from payers for overpayment. 
  • Challenge any allegations of fraudulent billing practices. 
  • Push back on any denied claims and the overuse of service claims. 

 Again, software is a useful tool to support your attorney’s work. A system that stores all compliance information, including payment practices, and has search capability will provide your legal team with the information they need to fight payer audit discrepancies when the time arrives. 

 External payer audits don’t have to be a nightmare. By being adequately prepared and vigilant, your next audit experience can be more streamlined and less stress-inducing. 

Learn More About YouCompli

The best way to prepare for a payer audit is to carefully manage changes to regulatory changes and coverage determinations. YouCompli can help you establish a scalable, repeatable process so you don’t miss a relevant change and you can equip your clinical colleagues to respond to the change. Then, when the audit does happen, you’ll have an easy way to demonstrate your work to comply with the requirements. Find out more. 


Jerry Shafran is the founder and CEO of YouCompli. He is a serial entrepreneur who builds on a solid foundation of information technology and network solutions. Jerry launches, manages, and sells software and content solutions that simplify complex work. His innovations enable professionals to focus on their core business priorities.


Never Miss an Article on Healthcare Compliance

Get a 15-minute strategic overview of YouCompli