OIG recommends expanded CMS oversight of remote patient monitoring
On September 24, 2024, the Office of Inspector General (OIG) of the U.S. Department of Health and Human Services published a report recommending that the Centers for Medicare & Medicaid Services (CMS) expand its oversight of remote patient monitoring to ensure that the services are properly used and billed.
The OIG’s study of Medicare claims and encounter data on remote physiologic monitoring (RPM) billing from 2019 to 2022 revealed that over 570,000 Medicare enrollees received RPM services in 2022, a tenfold increase since 2019, while Medicare payments (through traditional Medicare and Medicare Advantage) increased twentyfold during the same period, reaching $300 million. The report notes the potential for further growth of remote patient monitoring to treat chronic and acute conditions.
Medicare pays for RPM under three main categories (components) of CPT billing codes:
- patient education and device setup (CPT 99453)
- medical device supply with collection and transmission of health data at least 16 days in a 30 day period (CPT 99454))
- treatment management involving review of the collected health data and use of the data in managing the patient’s condition (CPT 99457 for the first 20 minutes in a month and CPT 99458 for additional 20 minute increments).
Medicare data showed that from 2019 to 2022 approximately 43% of Medicare RPM recipients received fewer than all three of the RPM billing components, which caused the OIG to question whether RPM services are being used as intended. The report points to the OIG’s consumer fraud alert, released last fall, about scammers who sign up Medicare enrollees for remote patient monitoring even if the services aren’t needed or are billed but not provided and notes other potential fraud risks such as insufficient staffing, billing for monitoring time not furnished, and lack of patient training on how to use the devices.
The OIG observed that a lack of transparency and key information regarding remote patient monitoring devices, the providers ordering and administering the monitoring, the data collected, and the conditions being monitored hinders CMS's ability to ensure billing requirements are met, assess the effectiveness of RPM, and implement future improvements. The report reveals that OIG is examining remote patient monitoring and intends to issue a companion evaluation identifying remote patient monitoring billing patterns that may be indicators of fraud, waste, and abuse.
The OIG concluded that the findings demonstrate the need for additional oversight and safeguards to ensure the proper use and billing of remote patient monitoring. The report recommends that CMS strengthen its oversight of remote patient monitoring by taking the following steps:
- Implement additional safeguards to ensure that remote patient monitoring is used and billed appropriately, including:
- Identify providers who frequently bill for enrollees who do not receive all three RPM components, especially if the enrollee never receives treatment management (which the OIG views as raising question about the necessity and benefit of monitoring)
- Work to ensure that Medicare pays the proper amount and that remote patient monitoring is appropriate (the report recommends identifying providers who frequently submit Medicare claims with diagnosis codes that do not represent a chronic or acute condition)
- Require that remote patient monitoring services be ordered by a physician or other qualified healthcare professional (e.g., NP or PA) and that claims and encounter data include information on the ordering provider
- Develop methods to identify the health data being monitored, as well as the types of monitoring or devices involved
- Conduct provider education about billing of remote patient monitoring
- The report notes the lack of CMS comprehensive educational resources focused on billing for remote patient monitoring billing, and suggests publication of such materials (such as a Medicare Learning Network publication specific to remote patient monitoring)
- Identify and monitor companies that bill for remote patient monitoring (the report mentions the possibility of developing a provider enrollment classification for companies who primarily deliver remote patient monitoring services)
In addition, the OIG reiterated its prior recommendations that CMS improve the efficiency of “incident to” billing by requiring the use of a modifier on Medicare claims and encounters to indicate “incident to” services, and by allowing providers to report the identification number of the staff members who deliver the service.
In its response to the report, CMS concurred with three of the OIG’s recommendations and agreed to consider the other recommendations.
This report highlights the rapid expansion of remote patient monitoring and suggests that providers furnishing remote patient monitoring can expect increasing scrutiny and, eventually, expanded reporting requirements in connection with billing for remote patient monitoring. While the study focused on RPM, similar scrutiny may extend to remote therapeutic monitoring (RTM), which is billed under similar CPT component codes but for different types of data and devices.
For more information on remote patient monitoring and other digital health services, please contact attorney Rick Hindmand.