1135 Waiver for Existing Limitations on Medicare Coverage for Telehealth Services.
On March 13, 2020, the Secretary (“Secretary”) of the U.S. Department of Health & Human Services (“HHS”) authorized waivers and modifications under Section 1135 of the Social Security Act, retroactive to March 1, 2020.This authorization followed the Secretary’s declaration of a public health emergency in the entire United States on January 31, 2020.Pursuant to this authorization, the Centers for Medicare & Medicaid Services (CMS) waived certain limitations on Medicare coverage for telehealth visits so that beneficiaries can receive a wider range of services from their doctors without having to travel to a healthcare facility.
Under the waiver, starting March 6, 2020 and continuing during the COVID-19 public health emergency, Medicare can pay for office, hospital, and other visits furnished via telehealth across the country and including in a patient’s residence.Before the waiver, Medicare could only pay for telehealth on a limited basis: when the person receiving the service is in a designated rural area and when they leave their home and go to a clinic, hospital, or certain other types of medical facilities to receive the service.The waiver temporarily eliminates the requirement that the originating site must be a physician’s office or other authorized healthcare facility and allows Medicare to pay for telehealth services when beneficiaries are in their homes or any setting of care.
Medicare patients may use telecommunication technology for office, hospital visits and other services that generally occur in-person.The services must be furnished consistent with applicable coverage and payment rules, but the telehealth services are not limited to services related to patients with COVID-19.The provider must use an interactive audio and video telecommunications system that permits real-time communication between the distant site and the patient at home.For example, to the extent that many mobile computing devices have audio and video capabilities that may be used for two-way, real-time interactive communication, they qualify as acceptable technology.The 1135 waiver also allows the Secretary to authorize use of telephones that have audio and video capabilities for the furnishing of Medicare telehealth services during the public health emergency.Distant site practitioners who can furnish and get payment for covered telehealth services (subject to state law) can include physicians, nurse practitioners, physician assistants, nurse midwives, certified nurse anesthetists, clinical psychologists, clinical social workers, registered dietitians, and nutrition professionals.
Further, to the extent the 1135 waiver requires an established relationship between the provider and the patient, HHS has announced a policy of enforcement discretion for Medicare telehealth services furnished pursuant to the 1135 waiver.For claims submitted during the public health emergency, HHS will not conduct audits as to the existence of a prior relationship between the provider and the patient.
Medicare telehealth services are generally billed by professionals as if the service had been furnished in-person.For Medicare telehealth services, the claim should reflect the designated Place of Service (POS) code 02-Telehealth, to indicate the billed service was furnished as a professional telehealth service from a distant site.
The following CMS chart shows the three main types of virtual services physicians and other professionals can provide to Medicare beneficiaries.
|
Type of Service
|
What is the Service?
|
HCPCS/CPT Code
|
Patient Relationship with Provider
|
|
Medicare Telehealth Visit
|
A visit with a provider that uses telecommunication systems between a provider and a patient.
|
Common telehealth services include:
- 99201-99215 (Office or other outpatient visits)
- G0425-G0427 (Telehealth consultations, emergency department or initial inpatient)
- G0406-G0408 (Follow-up inpatient telehealth consultations furnished to beneficiaries in hospitals or SNFs).
For a complete list:https://www.cms.gov/Medicare/Medicare-general-information/telehealth/telehealth-codes
|
For new* or established patients.
*To the extent the 1135 waiver requires an established relationship, HHS will not conduct audits to ensure that such a prior relationship existed for claims submitted during this public health emergency.
|
|
Virtual Check-In
|
A brief (5-10 minutes) check-in with a practitioner via telephone or other telecommunications device to decide whether an office visit or other service is needed. A remote evaluation of recorded video and/or images submitted by an established patient.
|
HCPCS code G2012
HCPCS code G2010
|
For established patients
|
|
E-Visit
|
A communication between a patient and their provider through an online patient portal
|
- 99421
- 99422
- 99423
- G2061
- G2062
- G2063
|
For established patients
|
In a separate 1135 waiver, HHS waived the requirement that physicians or other health care professionals hold licenses in the state in which they provide services if they have an equivalent license from another state.While these waivers only apply to Medicare, and do not address Medicaid or other state licensing law requirements, states may similarly broaden Medicaid reimbursement for telehealth services and remove certain licensing requirements for providers during this public health emergency.For more information, see theFact SheetandFAQ.
OCR Issues Notice of Enforcement Discretion for HIPAA Non-Compliance for Telehealth Services
Effective March 17, 2020, the HHS Office for Civil Rights (“OCR”) issued a Notification of Enforcement Discretion (“Notice”) stating that it will not impose penalties for noncompliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) against health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency. This Notice applies to telehealth provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment COVID-19.
The OCR specified in its Notice that a covered health care provider may provide telehealth services to patients through any non-public facing remote communication product, including popular applications that allow for chats (e.g., Facebook Messenger video chat or Skype). A “non-public facing” remote communication product is one that, as a default, allows only the intended parties to participate in the communication.However, health care providers should not use certain video communication that are public facing (e.g., Facebook Live, Twitch, and TikTok).The OCR further specified that telehealth services may be provided through audio, text messaging, or video communications technology, including videoconferencing software.
- OCR would consider all facts and circumstances when determining whether a health care provider’s use of telehealth services is provided in good faith and thereby covered by the Notice.Some examples of what OCR may consider a bad faith provision of telehealth services include:
- Conduct or furtherance of a criminal act, such as fraud, identity theft, and intentional invasion of privacy;
- Further uses or disclosures of patient data transmitted during a telehealth communication that are prohibited by the HIPAA Privacy Rule (e.g., sale of the data, or use of the data for marketing without authorization);
- Violations of state licensing laws or professional ethical standards that result in disciplinary actions related to the treatment offered or provided via telehealth (i.e., based on documented findings of a health care licensing or professional ethics board); or
- Use of public-facing remote communication products, such as TikTok, Facebook Live, Twitch, or a chat room like Slack, which OCR has identified in the Notification as unacceptable forms of remote communication for telehealth because they are designed to be open to the public or allow wide or indiscriminate access to the communication.
The OCR also noted that it will not impose penalties against healthcare providers for the lack of a business associate agreement (“BAA”) with video communication vendors or any other noncompliance with the HIPAA regulations that relates to the good faith provision of telehealth services during the nationwide public health emergency. For healthcare providers seeking additional privacy protection, the Notice includes a list of vendors that represent that they provide HIPAA-compliant video communication products and will enter into a HIPAA-compliant BAA, including, among others, Skype for Business, Updox, VSee, Zoom for Healthcare, and Doxy.me. However, OCR does not endorse or recommend these vendors.
The Notice addresses the enforcement only of the HIPAA rules. It does not address violations of 42 CFR Part 2, the HHS regulation that protects the confidentiality of substance use disorder patient records, however, the Substance Abuse and Mental Health Services Administration has issued some guidance on COFID-19 and 42 CFR Part 2. For more information, seeNoticeandFAQ.