Digital health supporters say there’s no evidence of fraud in RPM programs, refuting an OIG report that calls out the fast-growing digital health strategy for misuse.
The federal government’s call for more oversight of remote patient monitoring (RPM) programs isn’t sitting well with digital health advocates.
Following a report this week from the Office of the Inspector General (OIG) hinting at a possibility of fraud in requests for Medicare reimbursement in RPM programs, the Alliance for Connected Care has criticized the “inaccuracies and subjective nature” of that report and called on the OIG to retract it.
RPM is one of the fastest growing programs in the country, popular with health systems and hospitals looking to monitor patients outside the hospital, clinic or doctor’s office. Its growth is tied to two factors: Medicare reimbursement, which began in 2018 when the Centers for Medicare & Medicaid Services (CMS) began coverage for “remote physiological monitoring” (and later for “remote therapeutic monitoring”), and the pandemic, which gave many healthcare leaders a reason to expand telehealth and digital health efforts into the home.
In many cases the ROI for RPM programs is still murky, and Medicare reimbursement is a crucial part of the sustainability and scalability puzzle. Continued growth, especially among smaller health systems and hospitals, will most likely be tied to governmental and payer support.
According to the OIG, RPM use soared tenfold from 2019 to 2022, from 55,000 Medicare enrollees to more than 570,000. As a result, Medicare reimbursement increased from $15 million in 2019 to more than $300 million in 2022, with increases in both the number of enrollees using RPM and the average payment per enrollee.
However, the OIG says 43% of the enrollees in RPM programs aren’t meeting the three requirements for Medicare coverage: (1) enrollees must receive education and assistance setting up the device; (2) the device used must be FDA-approved and internet-enabled, with providers collecting data at least 16 of every 30 days; and (3) enrollees must be part of a treatment management program, in which the provider reviews the data and makes care management decisions.
According to the OIG report, both OIG and CMS have raised concerns that RPM programs are being conducted fraudulently, particularly by digital health and telehealth companies, and CMS doesn’t have any way of identifying how that fraud is taking place.
“In both traditional Medicare and Medicare Advantage, providers use general procedure codes to bill for remote patient monitoring that indicate only which component of remote patient monitoring was provided (e.g., the device or treatment management),” the OIG report stated. “The codes do not include more detailed information, such as the type of device.”
“This lack of transparency limits CMS’ ability to ensure that remote patient monitoring services meet requirements,” the report continued. “For example, without additional information about the types of health data being monitored, CMS cannot ensure that it is paying for remote monitoring of physiologic data (as opposed to nonphysiologic data) as required. The lack of this information also inhibits CMS's ability to assess the effectiveness of remote patient monitoring and make any necessary changes to coverage in the future.”
Those conclusions don’t sit well with the Alliance for Connected Care. In a letter sent Tuesday to Inspector General Christi Grimm, alliance founder Krista Drobac, a partner at Sirona Strategies, listed five inaccuracies with the report and another four instances where she said the report demonstrates bias.
Among the errors, according to Drobac:
- The OIG says there is no order requirement for RPM, but that requirement is included in Medicare’s 2021 Physician Fee Schedule as well as in guidance from Medicare Physician Contractors.
- There is no CMS requirement that an RPM device be “internet-connected.”
- CMS has not officially adopted the 16-days-in-30 data collection rule as a requirement, and said in the 2024 Physician Fee Schedule that it was not a requirement to receive Medicare reimbursement under CPT codes 99457 and 99458.
In addition, Drobac said the OIG report suggests that fraud is being committed when there is no evidence of any wrongdoing. She notes that the surge in RPM use from 2019 onwards is based more on the fact that reimbursement began in 2018. And she urged the agency not to repeat the same mistake with RPM that it has done with “telehealth fraud,” which is more of a telemarketing issue than a telehealth issue.
“There is no context about fraud in the Medicare program,” she wrote. “In the same year that the entirety of RPM claims were $311 million, the false claims alone in Medicare were $31.2 billion. That tells a different story than the misleading headline and pull-out statements in the report. If we applied the fraud amount in the rest of the program of 3-10%, the fraud in RPM would have been between $9.3 million and $31 million in 2022. That’s less than .01% of the fraud in Medicare.”
“We would be happy to work with you on designing and recommending tools to address the real fraud that is happening in the Medicare program,” Drobac concluded. “Better control of inappropriate Medicare enrollment, solicitation, and prescribing while instituting stronger monitoring and audits to ensure fraudulent providers are caught sooner and weeded out of the system.”
Eric Wicklund is the associate content manager and senior editor for Innovation at HealthLeaders.
KEY TAKEAWAYS
Health systems and hospitals have been embracing remote patient monitoring at a fast clip since Medicare reimbursement began in 2018, as healthcare leaders look for new ways to monitor patients outside the hospital.
The OIG is now calling for extra scrutiny in Medicare programs that use RPM, saying they aren’t meeting the requirements for reimbursement.
RPM advocates say that scrutiny is misguided, and that there is no evidence of fraud.