Law360 (December 17, 2020, 3:52 PM EST) --
|Mary Kate McGrath|
Among so many other changes, 2020 also redefined the practice of medicine. While traditional experiences like crowded waiting rooms, face-to-face provider visits and elective surgeries took a back seat while the COVID-19 pandemic raged across the country, a different type of medical practice began to take center stage: telehealth.
As we take stock of 2020, this article will assess the telehealth turboboost, which over the past nine months took a long-standing form of medical practice, and expanded it on an unprecedented scale.
By examining the technological, legal and logistical trajectory of telehealth over the past year, we can begin to plan for the future — not only a future without COVID-19, but one with new possibilities within this rapidly growing field.
Winter: Telehealth Prior to COVID-19
In the early weeks of 2020, the U.S. remained essentially untouched by COVID-19. Reports began to surface about a novel virus spreading in China, and as a public health emergency began to develop on the other side of the world, the U.S. slowly became aware of the existence of the disease, its tendencies and the threat it posed to Americans.
Pre-COVID-19, health care providers had implemented some telehealth systems, but most had not committed to large-scale practices. To begin with, patients resisted learning new technology and were skeptical that telehealth visits would compare favorably with in-person care.
Health care providers saw the benefits of telemedicine, but struggled with the reality that many telemedicine services were not compensated at the same rate as in-person care. Consequently, technological advances did not demand that the law keep pace with telehealth regulation.
On Jan. 31, the U.S. Department of Health and Human Services Secretary Alex Azar declared a public health emergency. Case counts began to rise, initially on the West Coast, then followed shortly thereafter on the East Coast. As concepts like mask wearing and social distancing came into the public arena, the new landscape demanded changes to the availability and deliverability of medical services.
Thus, the COVID-19 public health emergency became the impetus for an immediate implementation of national telehealth practices and systems. Swift federal and state governmental responses provided a safe harbor for health care providers and patients regarding telehealth services, focusing on the dual objectives of relaxing regulations and expanding telehealth public access.
Spring: The Beginning of the Telehealth Turboboost
The tipping point in the early days of the pandemic ultimately came about in March. Face-to-face medical encounters sharply diminished, and health systems and telehealth vendors across the country reported rapid and substantial increases in the demand for telehealth services.
Much of the pandemic's effect on the telehealth industry can be viewed as a push-and-pull model. As COVID-19 brought us an unprecedented demand for medical services, it also facilitated an unprecedented response, ranging from individual health systems, to the upper echelons of government.
With the former, during the initial weeks of the pandemic, health systems across the across the country expanded their pool of telehealth providers, and in some instances, created or expanded their own technological infrastructures for telehealth delivery.
The U.S. government, at both state and federal levels, promulgated statutes, executive orders and waivers designed to broaden access to medical care, by breaking down traditional boundaries regarding the delivery of care.
The Coronavirus Preparedness and Response Supplemental Appropriations Act was passed on March 6.
Signed into law on March 6, the Coronavirus Preparedness and Response Supplemental Appropriations Act laid the foundations for loosening telehealth requirements.
As a precursor to the Coronavirus Aid, Relief, and Economic Security Act, the act relaxed mandated Medicare reimbursement for telehealth services, e.g., by allowing a telephone to be used as a device for compensated telehealth. It also expanded the scope of telehealth providers beyond physicians, to include other licensed practitioners like physician assistants and nurse practitioners.
Trump declared a public health emergency on March 13.
On March 13, President Donald Trump declared that a national emergency began on March 1.
Thereafter, the Centers for Medicare & Medicaid Services began to implement temporary waivers under Section 1135 of the Social Security Act to address the public health emergency, identifying March 6 as the effective date for the 1135 waivers.
States followed suit, and both federal and state waivers bridged the divide in order to implement telehealth practices, to facilitate the provision of medical care while encouraging social distancing.
Both states and the CMS have used the waiver process to expand telehealth by permitting temporary licensure of medical providers, allowing patients to receive telemedicine at home, and waiving the requirement for a prior in-person physician relationship.
The HHS Office For Civil Rights relaxed privacy requirements through a notice of enforcement discretion and OCR privacy bulletin on March 17.
Notice of Enforcement Discretion
On March 17, the Health and Human Services Office for Civil Rights issued a notice of enforcement discretion, which addressed the privacy requirements applicable to covered entities, their business associates and sub-business associates during the COVID-19 crisis.
The notice's primary focus was to address privacy requirements within the context of telehealth services, which had rapidly expanded in the wake social distancing guidelines and other quarantine measures.
The OCR notice contained several key takeaways.
First, it established a three-tiered system for evaluating telemedicine platforms. The first tier consisted of recommended telecommunication platforms, which it identified as Skype for Business/Microsoft Teams, Updox, Vsee, Zoom for Healthcare, Doxy.me, Google G Suite Hangouts Meet, Cisco Webex Meetings/Webex Teams, and Amazon Chime & GoToMeeting.
If these platforms were unavailable, the notice recommended alternative platforms that utilized a nonpublic facing format, meaning a platform that allowed only the intended parties to participate in the communication. Critically, a covered entity would never be permitted to use a public-facing platform which facilitated communications open to the public, i.e., Tik Tok or Facebook Live.
Second, the OCR's notice directed providers to make good faith efforts to enter into a business associate agreement directly with telecommunication vendors.
The OCR attempted to account for possible growing pains, related to the rapid expansion of new telemedicine applications.
Accordingly, the notice stated that the OCR would forego penalties against covered health care providers that lacked a business associate agreement with video communication vendors, or who otherwise failed to comply with Health Insurance Portability and Accountability Act rules, if the provider's activities pertain to "the good faith provision of telehealth services during the COVID-19 nationwide public health emergency."
Practical Implications Regarding Data Security
While the OCR's March 17 notice impacted the delivery of telehealth services in a number of different ways, one of the most significant areas pertains to its effect on data security.
Against the general backdrop of COVID-19, the explosion of telehealth during the pandemic presents new challenges for treating patients and protecting medical data.
One one hand, the relaxation of regulations and security restrictions, most notably through the OCR's March 17 notice of enforcement, has allowed telehealth systems to expand access to medical care quickly, broadly, and effectively. As described in the OCR's notice, one of the primary vessels for telehealth services includes patient facing apps, which can be utilized on a personal computer, tablet or smartphone.
On the other hand, this rapid expansion arguably presents a significant risk to data security. As the provision of telehealth services via apps becomes more ubiquitous, so too does the baseline risk of data breach. With COVID-19, security relaxations also present additional vulnerabilities for telehealth systems.
The threat to data security is yet another manifestation of the push-and-pull model that has developed within the COVID-19 pandemic. As the pandemic increases the demand for medical services, state and federal entities relax restrictions and eliminate barriers, so as to broaden access to care and meet that demand.
However, with these measures, new externalities and consequences arise, which present additional complications. Finding a happy medium between these two concepts will be one of the key challenges facing telehealth as we enter into 2021.
Office for Civil Rights Privacy Bulletin
The OCR also issued a bulletin on March 17, confirming circumstances under which a health care provider or covered entity may disclose a patient's protected health information without patient authorization during the COVID-19 public health emergency.
The OCR created the waiver for cases where disclosing protected health information would be necessary to treat the patient, or if the information would help treat a different patient. Disclosure would also be appropriate to persons at risk of contracting or spreading a disease or condition, as well as in cases involving an imminent threat to public health or safety.
The CARES Act relaxed regulations and expanded access to telemedicine, but as a temporary response.
On March 27, Trump signed the CARES Act into legislation.
Regarding telehealth, the act sought to relax requirements and conditions precedent to telehealth care (i.e., patient location, licensure, prior physician relationship required), while also expanding its reach.
The CARES Act also expanded the power of the Section 1135 waivers to apply to telehealth. It ensured parity in payment for certain telemedicine services, and allocated significant resources to fund the logistics of rolling out telemedicine services.
In addition, the act provided $150 million to fund grants to expand telehealth to underserved and rural communities through the Public Health Services Act.
An additional $200 million in funding was extended to the Federal Communications Commission to develop telecommunications services, information and devices to broaden the population of patients able to participate in care via telemedicine.
Relaxations in medical licensure requirements facilitated interstate telehealth services.
At its essence, telehealth involves the delivery of medical services by a provider in one location, to a patient in another location. As this often involves the delivery of medical services across state lines, medical licensure frequently constitutes a significant issue for telehealth.
If a physician at at distant site in Pennsylvania wants or needs to provide services to a patient at an originating site in New Hampshire or Texas, does that physician need to be licensed state where the originating site is located?
While the answer to this question has traditionally been yes, COVID-19 changed the landscape of how we can and should address medical licensure.
Throughout the spring, many states issued varying forms of orders, guidance and waivers regarding this issue. While the format of these directives varied in scope and substance, they shared a common goal: address the increased need for medical services, by breaking down barriers to expand access to those services.
Here, the barrier consisted of licensure requirements for out of state physicians, who wished to provide medical services in furtherance of the COVID-19 response. Depending on the state, out of state providers were granted temporary leave to treat in-state patients without a license, or provided with an expedited pathway to obtain a limited license with respect to that state.
By June, both the U.S. House of Representatives and the U.S. Senate recognized the necessity of converting temporary telehealth waivers into permanent solutions.
To this end, the House introduced the Helping Ensure Access to Local Telehealth Act, seeking to expand permanently expand Medicare reimbursement and parity of payment for certain telehealth services.
The HEALTH Act also included the removal of the originating site facility requirements, as well as the removal of location requirements for the distant site telehealth provider.
Similarly, the U.S. Senate proposed the Equal Access to Care Act.
There is overlap between the goals of the HEALTH Act and the EACA, which also seeks to permanently expand telehealth services and to remove licensure requirements for the medical provider.
Under the EACA, a medical provider with a license in good standing in one state in the U.S. would be permitted to provide telehealth services to a patient located anywhere in the U.S., even if that medical provider was not licensed in the state where the patient was located.
On Aug. 3, Trump issued Executive Order 13941 on improving rural health and telehealth access, directing Azar to examine the Section 1135 telehealth waivers which went into effect because of the pandemic, and deliver proposals about which waivers should be made permanent.
The order also directed Azar to work with the U.S. Department of Agriculture, to roll out plans to provide the necessary telecommunications infrastructure in rural communities, so that telemedicine may be available.
Fall and Looking Toward 2021
After COVID-19 transmission somewhat improved during the summer, the return to school, coupled with an increase of indoor activity, contributed to a rise of cases during the fall. By this time, telehealth systems were in place, functioning with high levels of success and patient satisfaction.
In October, the Department of Health and Human Services announced that the CMS will produce a report in 2021, providing the results of investigation of Medicare telehealth services during the COVID-19 pandemic, to identify program integrity risks.
The focus of the investigation will be to examine Medicare Parts B and C data, to analyze billing patterns for telehealth services, describe key characteristics of providers that may pose a program integrity risk. Essentially, the CMS is studying up on telehealth, in order to effectuate efficient telehealth practices and procedures.
As we look ahead to 2021 and beyond, it is likely that telehealth is going to be a driving force in modern medicine.
Simply stated, telehealth is here to stay, because consumers like it. Aside from the added convenience, it takes the commuting factor out of healthcare, which provides patients with more time in their day.
With millennials surpassing baby boomers as America's largest population, electronic access to medical attention has nowhere to go but up. Knowing this means accepting that the landscape has forever changed, and practitioners will likely be forced to adapt in the new environment.
Adapting can mean many different things, depending on a provider's practice. For one, the way insurance companies reimburse telehealth will depend largely on the proper use of coding that is available.
It is advisable, and in fact recommended, to become familiar with any and all current procedural terminology codes and modifiers that are available in this space. The narrative or SOAP note should be specific and detailed as to the service, so as to not provide room for doubt.
It is anticipated that there will be at least some mild consternation of the part of insurance companies as how to properly reimburse practitioners for certain telehealth services.
Thus, there is going to be an evolution of getting used to new codes that some insurance companies, or their third party vendors, are just not used to processing. Staying up to date and being well informed about local laws is paramount to getting medical services timely reimbursed.
This point is further illustrated when one realizes that health care, property and casualty carriers are using more and more artificial intelligence in the processing of claims.
While this has been a gradual build up over time, the pandemic has only accelerated the technological arms race so that carriers can remain competitive in the post-COVID-19 environment. The entry of AI in the claim space has many benefits including faster payments on claims.
However, as discussed above, success will hinge on the submission of properly formatted bills. This runs parallel with the insurance industries' retreat from commercial real estate. As such, it is fair to anticipate less human touch in this new environment, so better to be prepared than be out of pocket.
As reports surface regarding the approval and distribution of several COVID-19 vaccines, and the prospect of a post-COVID-19 world breaches the horizon, it becomes essential for medical and legal communities alike to plan for the new normal of telehealth.
Research data released in late summer indicates that telehealth usage will not remain at the stratospheric levels seen in the early months of the pandemic, particularly as we find new ways to treat and mitigate the spread of the disease.
That said, the proliferation of telehealth bookings and infrastructure development, especially compared to prepandemic numbers, has cemented telehealth within the mainstream of the medical industry.
The challenge for the future will be finding the proverbial sweet spot, in which telehealth can be utilized in conjunction with face-to-face treatment, so as to maximize the efficacy and efficiency of medical services.
Ultimately, achieving such a balance will depend in many ways on the specific needs of the provider. As certain medical fields have shown themselves to be well-suited to a virtual platform (e.g., mental/behavioral health services), providers will need to consider the extent to which they can most effectively deliver services via telehealth medium, as opposed to in-person.
On the regulatory side, governments that have relaxed restrictions in order to respond to the novel demands of the pandemic will need to determine the extent to which these adjustments, whether they pertain to licensure, reimbursement, or care delivery, can be made permanent.
In so many ways, 2020 and the COVID-19 pandemic has allowed us to see what we are capable of. It has also shown us what is possible with respect to telehealth.
As we continue to turn the page, it will take a unified, collective effort throughout the public and private sectors, to chart the course of new industry standards in a post-COVID-19 world. But one thing is sure: Telehealth is here to stay, and its future is bright.
Jeffrey Rapattoni and Mary Kate McGrath are shareholders, and Adam Fulginiti is an associate, at Marshall Dennehey Warner Coleman & Goggin PC.
The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.
For a reprint of this article, please contact email@example.com.