Coding Accuracy and Compliance in Telehealth Services

The rapid expansion of telehealth, accelerated by the COVID-19 Public Health Emergency (PHE), has permanently integrated virtual care into the U.S. healthcare system. However, providers now face a complex and high-risk compliance environment. The post-PHE regulatory landscape is a patchwork of temporary federal extensions (currently through September 30, 2025), permanent changes for behavioral health, and significant policy differences between Medicare, Medicaid, and commercial payers. This fragmentation creates numerous pitfalls for coding and billing. Key areas of risk include the correct use of post-PHE Place of Service (POS) codes (02 and 10) and modifiers (93 and 95), which are now primary reasons for claim denials. Furthermore, telehealth documentation is held to a higher standard, requiring explicit proof of patient consent, verification of patient and provider locations, and justification for the modality used. High-risk areas such as "incident-to" billing with virtual supervision, cross-state licensure, and HIPAA compliance are under intense scrutiny from auditors.

Pros: Benefits of Telehealth

Expanded Patient Access to Care: Telehealth removes geographic barriers, allowing Medicare beneficiaries to receive care in their homes and eliminating pre-PHE rural restrictions. This has been particularly crucial for ensuring access to behavioral and mental health services.

Increased Operational Flexibility: Temporary extensions, such as allowing direct supervision for "incident-to" services to be conducted virtually, offer providers more efficient staffing models and operational flexibility.

Broader Scope of Services and Providers: The range of practitioners eligible to provide telehealth under Medicare has been expanded to include professionals like physical and occupational therapists, increasing the types of care that can be delivered remotely.

Continuity of Care with Audio-Only Options: The continued coverage of audio-only services for certain encounters ensures that patients without access to video technology can still receive care, maintaining crucial continuity.

Cons: Compliance Challenges and Risks

Complex and Fragmented Payer Rules: Providers must navigate a maze of inconsistent telehealth policies between Medicare, state-specific Medicaid programs, and various commercial insurers, which increases administrative burden and the likelihood of billing errors.

Heightened Audit Scrutiny: The massive growth in telehealth spending has made it a primary target for oversight bodies like the Office of Inspector General (OIG) and Recovery Audit Contractors (RACs). Auditors are using data analytics to identify red flags such as upcoding, billing for impossible hours, and improper use of modifiers.

Strict and Specific Documentation Requirements: Telehealth claims require documentation that goes beyond a standard clinical note. Failure to explicitly document patient consent, the physical location of both the patient and provider, and the specific technology used is a common reason for claim denials.

Significant Legal and Financial Risks: Major compliance traps include providing care across state lines without the proper license, violating HIPAA security rules now that PHE waivers have expired, and failing to meet the strict criteria for "incident-to" billing. Each of these can lead to recoupments, fines, and potential medical board sanctions.

Impending Coding Complexity: A major challenge looms for 2025, as the American Medical Association (AMA) is introducing new telehealth-specific CPT codes that CMS has stated it will not adopt. This will force providers to maintain two separate and parallel coding and billing systems for Medicare and other payers, dramatically increasing the risk of errors.

Conclusion

Telehealth is an indispensable component of modern healthcare, but providers must recognize that the era of relaxed, emergency-era compliance is over. The current regulatory environment is defined by temporary extensions, creating a "compliance cliff" that will expose unprepared organizations to significant financial risk when these flexibilities expire in late 2025. To ensure financial stability, healthcare organizations must move beyond ad-hoc approaches and implement a formal, proactive telehealth compliance program. This requires investing in continuous staff training, conducting regular internal audits to identify and correct vulnerabilities, and standardizing documentation to meet the highest level of audit scrutiny. Failure to strategically manage these complexities will inevitably lead to an increase in claim denials, costly recoupments, and regulatory penalties.