As government relaxes healthcare provider requirements due to COVID-19, will fraud risk increase?

Topics: Compliance, COVID-19, Criminal Enforcement, Financial Crime, Fraud, Government, Government Fraud, Medicare Fraud, Regulatory Intelligence, Risk Management

healthcare provider requirements

The federal government has begun relaxing its healthcare provider requirements in order to provide increased flexibility for healthcare providers and facilities during the COVID-19 public health emergency.

As part of that, the US Centers for Medicare and Medicaid Services (CMS) has issued several blanket waivers of administrative requirements under Section 1135. Some of these waivers include allowing providers to deliver care in alternate care settings, expand workforce capacity, and other important steps to create flexibility and efficiencies.

But could this leave open loopholes for healthcare fraudsters?

What is Section 1135?

Section 1135 waivers can be issued when the US president or the secretary of Health and Human Services declares a public health emergency. Although CMS can waive federal requirements, it does not have the authority to waive state licensure or conditions of participation requirements. The waivers also do not allow reimbursement for services not otherwise covered under Medicare.

In addition to relaxed requirements, Congress and CMS have provided billions of dollars in advanced payments and operational loans to the healthcare industry to maintain operations while some facilities were overwhelmed with COVID-19 patients at the same time other facilities were shut down because elective procedures were suspended.

The intersection of relaxed regulation and an influx of billions of dollars is certain to result in an enforcement reckoning in the future.

Telehealth expands

One of the areas that has seen the most regulatory change during the pandemic is the use of telehealth. CMS expanded the delivery of healthcare services through telehealth in order to allow providers to virtually see patients while ensuring appropriate social distances was maintained and reducing the need of fresh personal protective equipment (PPE) after every patient visit.

Under previous rules, initial encounters with a new patient had to be in person; the relaxed rules allow even first encounters to be via telehealth. Additionally, some recertifications, such as those for hospice patients, can now be completed via telehealth.

CMS will now pay for more than 80 additional services when provided through telehealth.

While providers and patients can safely rely on telehealth during the pandemic, providers should maintain their documentation carefully to support the services. This is particularly true with new patients or for services that have been subject to Office of Inspector General (OIG) scrutiny in the past, such as home health care, hospice certifications, durable medical equipment, opioid prescribing, and other target enforcement areas.

Provider licensing & enrollment relaxed

CMS and a number of states have relaxed provider licensing requirements so that areas experiencing a surge in COVID-19 cases has maximum flexibility to provide services to critical patients. The relaxed requirements include:

  • permitting out-of-state providers licensed in another state to provide services;
  • allowing physicians with expired privileges to continue practicing in a facility;
  • allowing new physicians to practice before full governing board review; and
  • reducing in-person supervision requirements for many providers.

CMS has already relaxed provider enrollment requirements such that providers and facilities not previously in the Medicare system can enroll and receive Medicare reimbursements without the normal enrollment vetting. However, the enrollment flexibilities do not absolve providers and facilities from being aware of the potential for fraud and abuse.

Provider enrollment in Medicare and Medicaid has been a focus area for CMS in recent years. Relaxing its requirements now does not mean CMS will cease examining these enrollments closely in the future. Additionally, the CMS blanket waivers do not supersede state licensing requirements. Therefore, providers and facilities should verify compliance at both the federal and state levels before employing a provider or allowing them to perform services.

The physician self-referral law detailed

CMS issued blanket waivers from sanctions under the physician self-referral law, often called the Stark law, for 18 transactions or referrals related to the COVID-19 crisis. The physician self-referral law:

  • prohibits a physician from making referrals for certain Medicare services when the physician or immediate family member has a financial interest in the entity unless an exception applies; and
  • prohibits an entity from billing Medicare for a service provided pursuant to a prohibited referral.

Although CMS provides a detailed list of the 18 transactions and referrals as well as several examples, CMS also states a physician will be entitled to reimbursement and waiver of sanctions only “absent the government’s determination of fraud or abuse.” Further limiting this waiver, the OIG announced it will limit its enforcement discretion to only 11 of the 18 CMS blanket waivers.

The OIG is also requiring that:

  • providers are acting in good faith to provide care in response to the COVID-19 pandemic;
  • the government does not determine that the financial relationship creates fraud and abuse concerns; and
  • providers seeking protection under the OIG policy statement maintain sufficient documentation.

Document, document, document

Although CMS appears to have relaxed some documentation requirements, providers should still follow best practices when possible. The only protection providers and facilities will have from allegations of fraud and abuse relating to the COVID-19 crisis will be to document their attempted compliance and any deviations from standard practices.

Supporting a claim for reimbursement for COVID-19 related services will require showing that the providers and treatment were reasonable and medically necessary even when provided in the middle of a pandemic surge.


Learn more about potential COVID-19 fraud from our Regulatory Intelligence Experts. Access our recent webinar, Mitigating Fraud and Protecting Clients in the Age of COVID-19.