OIG: RPM requires more oversight from CMS

The Office of Inspector General (OIG) published a report on potential oversight vulnerabilities related to remote patient monitoring (RPM) in Medicare.

The OIG conducted this review because the use of RPM is rapidly expanding in the Medicare population. Over 570,000 enrollees received RPM in 2022, while only 55,000 received it in 2019, according to the report. This pattern was observed in both traditional Medicare and Medicare Advantage (MA) plans.

Medicare payments for RPM were also 20 times higher in 2022 than in 2019, according to the report. The OIG partially attributed this change to an increase in the average payment per enrollee. RPM payments in traditional Medicare and MA plans averaged $545 per enrollee in 2022, up from $266 in 2019, according to the report.

RPM involves three components: education and setup, device supply, and treatment management. Medicare pays for each component separately and at the same rate, and providers have a general set of procedure codes to bill for each component.

Approximately 43% of enrollees who received RPM in 2022 did not receive at least one of the three components, according to the report. “Although CMS does not require that providers bill for all three components, the high percentage of enrollees who did not receive all components raises questions about whether these services are being used as intended,” said the OIG.

Approximately 94% of enrollees received RPM to treat a chronic condition in 2022, and 55% received RPM to treat essential hypertension, according to the report. The OIG noted that more than 60% of all Medicare enrollees have hypertension, but only a small fraction of these individuals currently receive RPM to treat their condition.

The report also highlighted problems associated with incident to billing for RPM. For example, although there are approximately 8,760 hours in a calendar year, one provider billed 23,569 hours of treatment management for RPM in 2022, according to the report. CMS currently lacks information about who ordered and delivered RPM services, as well as what health data is being used and what conditions are being monitored, said the OIG. This information could help the agency with oversight activities.

The OIG provided the following recommendations to CMS:

• Implement additional safeguards to ensure RPM is used and billed appropriately
• Require that RPM be ordered and information about the ordering provider be included on claims and encounter data
• Develop methods to identify what health data are being monitored
• Conduct provider education on RPM billing
• Identify and monitor companies that bill for RPM

Revenue integrity professionals should keep an eye out for additional guidance from CMS related to RPM. Ensure your organization is up-to-date on telehealth coding and billing policies.

Editor’s note: Find more NAHRI coverage of OIG audits and reports here.