The past year has been a nightmare for most businesses—and a godsend for telehealth.
Not only did remote health practices suddenly flourish during the pandemic, with various types of telehealth businesses mushrooming across the US and the world, but in the US the emergency pushed the government and private insurance providers to relax their reimbursement requirements. While easing the restrictions has been a boon to doctors and patients, it has also opened the door to a new type of scam.
A scheme that exploits telehealth vulnerabilities
In October, the Department of Justice (DOJ) announced the biggest healthcare fraud bust in US history. “Operation Rubber Stamp” identified $6 billion in losses across the country due to fraudulent claims—$4.5 billion of which were related to telehealth scams.
Most recently, the DOJ identified another $143 million in false billing, and telehealth providers were once again a prominent contributor to the frauds.
Most of the scams follow the same template—to the point that the DOJ has created a flier to summarize it.
The mastermind behind the scams are usually telemedicine executives, who have access to data about patients and are able to identify those who are insured through Medicare—that is, people who are older or disabled.
They then share this information with telemarketers who reach out to the patients, often at senior living facilities, and direct them to get Covid-19 tests. But other unnecessary and expensive tests, covered by Medicare, might also be performed alongside the Covid-19 screening.
The samples are sent to labs for processing, and telehealth providers give the necessary referrals for the labs to get reimbursed. The telemarketers make money by charging the labs that will eventually file the claim. Labs make money by charging for unnecessary tests. And telehealth providers are paid both by the telemarketers for the data, and by labs for the referrals.
Sometimes, Covid-19 testing isn’t even involved, and telehealth companies charge for testing—for instance for cancer—on unsuspecting Medicare policyholders. In other cases, health providers ordered unnecessary medications and equipment rather than testing.
The vulnerabilities of telehealth
Schemes to exploit telehealth’s vulnerabilities have been around since at least 2016. Prior to Covid-19, however, Medicare and Medicaid would only reimburse a telehealth visit if it happened in a doctor’s office. For instance, a patient would visit their primary care physician’s office and have a virtual consultation with a specialist.
Now, consultations done outside of a provider’s office are reimbursed, too, which has unlocked the possibility of both a dramatic expansion of healthcare access and vast new potential for fraud.
The magnitude of losses they caused in 2020 and 2021 shows just how important it is to make telehealth not just more available but safer, too—both in terms of avoiding unnecessary billing, and perhaps more importantly, protecting patient data.
Although the primary victim of the scam is Medicare, which has footed the bill for billions worth of unrequired services, in some cases patients had to pay for declined services.
These frauds also highlight a unique shortcoming of the US health system, with its pay-for-services model creates financial incentive for prescribing tests or drugs, rather than ensuring patient health.