Jump to Main Content

Policy News

CMS Expands Telehealth Benefits and Waives Penalties for HIPAA Violations During COVID-19 Outbreak

Expanded Telehealth Benefits 

On March 17, the Centers for Medicare and Medicaid Services (CMS) expanded telehealth benefits for Medicare beneficiaries during the COVID-19 outbreak to allow individuals to receive a wider range of healthcare services without having to travel to a healthcare facility.

  • Clinicians can bill immediately for dates of service starting March 6, 2020.  
  • Telehealth services are paid under the Physician Fee Schedule at the same amount as in-person services.
  • Medicare coinsurance and deductible still apply for these services.
  • The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) is providing flexibility for healthcare providers to reduce or waive cost-sharing for telehealth visits paid by federal healthcare programs.
  • This expansion applies to a specific set of services through telehealth including evaluation and management visits, mental health counseling, and preventive health screenings.

There are three main types of virtual services physicians and other professionals can provide Medicare beneficiaries: Medicare telehealth visits, virtual check-ins, and e-visits. Find more information on each, including specific codes to use, click here. And click here for FAQs on this announcement.

Penalties Waived for HIPAA Violations 

Additionally, the HHS Office for Civil Rights (OCR) is exercising its enforcement discretion and, effective immediately, will not impose penalties on physicians using telehealth in the event of noncompliance with the regulatory requirements under the Health Insurance Portability and Accountability Act (HIPAA). 

  • Physicians who want to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency can use any non-public facing service that is available to communicate with patients. 
  • This exercise of discretion applies to telehealth provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment of health conditions related to COVID-19.
  • Under this Notice, physicians may use popular applications that allow for video chats, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype to provide telehealth without risk that OCR might seek to impose a penalty for noncompliance with the HIPAA Rules.
  • Physicians should not use Facebook Live, Twitch, TikTok or other public facing communication services.
  • Physicians are encouraged, but not required, to notify patients of the potential security risks of using these services and to seek additional privacy protections by entering into HIPAA business associate agreements (BAA). 

For more information, click here.

Summary Of Medicare Telemedicine Services