In its recent notice of proposed rulemaking setting policy for Medicare Advantage (MA) and the Prescription Drug Program (PDP) for calendar year 2020, CMS announced that it would establish extrapolation as a method to be used in risk adjustment validation (RADV) audits, and further, that it would not make any adjustments to account for errors in Medicare fee for service data in determining recovery amounts.

CMS uses a risk adjustment process to modify MA plan payments to better reflect the relative risk of each plan’s enrollees. Payments to each MA plan are adjusted based on risk scores that reflect enrollees’ health status (categorized into Hierarchical Condition Categories (HCCs)) and demographic characteristics derived from member claims data. To counteract incentives that a plan might have to over-report enrollee diagnoses, CMS emphasizes that all diagnoses submitted to enhance risk must be documented in a medical record, and uses RADV audits to ensure that medical record documentation exists, and thus, that payments to MAOs accurately reflect the level of risk assumed. Continue Reading CMS Announces and Solicits Comments on Expanded RADV Audit Methodology

This blog post has been prepared in collaboration with Nemours. Ms. Boyer is a Manager of Nemours Children’s HospitalMaya Upplauru is an associate in Crowell & Moring’s Health Care Group in Washington, D.C.

This Bulletin is brought to you by AHLA’s Children’s Health Affinity Group, which is part of the Academic Medical Centers and Teaching Hospitals and In-House Counsel Practice Groups.

One of the most fear-inducing experiences for new and first-time parents is the middle of the night illness of a young child. Many may head directly to the emergency department (ED) because they lack any means to communicate with their health care provider after-hours. Parents of children with chronic conditions or rare diseases are often forced to travel long distances to see specialists at regional centers of excellence and may struggle to check in or get questions answered once they are back at home. Teenagers managing chronic conditions may prematurely discontinue their treatment plan when they transition to college in a different state or when they enter the working world after college.

Today’s tech savvy parents are comfortable with digital health care solutions that are available 24 hours per day on their mobile phones, as they provide experiences that are similar to virtually any other products or services outside of health care. Yet too often today, their experience with the health care industry does not meet their expectations for digital access, efficiency and convenience.

Virtual care services, such as telehealth and remote patient monitoring, are increasingly being used to create a better experience and deliver convenient, effective care for parents and caregivers of young children. More specifically, telehealth can provide an access point to health care for children and families at times when they cannot reach their primary care provider, are unable to travel, or do not need an in-person visit and can avoid exposure to additional contagions at the ED or doctor’s office.

In low acuity, high distress cases such as a high fever, ear pain, respiratory illness and vomiting, telehealth providers can provide direct care or advise the family whether an ED or primary care visit is warranted. This kind of support is not only reassuring for young families, but can help reduce pressure on EDs so they can prioritize the sickest patients, educate families about which level of care is most appropriate for future health needs, and reduce unnecessary costs to the families and to the health care system.

Telehealth can also help to ensure continuity of care for families who may move or seek specialty care across state lines and want to keep in touch with their provider, particularly for children with complex or chronic diseases or adolescents who attend college out of state.


Telehealth technology has the potential to improve outcomes and patient experience, while improving cost through more appropriate utilization of health care services. Pediatrics is particularly ripe for disruption by digital health technologies, including telehealth, virtual care, and remote patient monitoring solutions, because of the widespread adoption of technology by children and their parents as well as the generally low acuity of most common childhood illnesses. Yet there are still significant regulatory barriers that stand in the way of ubiquitous access to telehealth and related services, especially across state lines. Below, we have outlined several of these issues, focusing on the Medicaid and Children’s Health Insurance Programs (CHIP) populations.

  • Inconsistent State Definitions: The definition of “telehealth” (or “telemedicine”) varies widely across states and remains completely undefined in certain states. Some states include additional modalities, such as “store and forward” (e.g. the patient takes a picture and sends it to the provider) as well as remote patient monitoring, as part of their telehealth definition, while others exclude them. All of these variations make it more difficult for telehealth services to be provided across state lines.
  • State Licensure: Each state has a different set of licensure requirements for health care providers which can make it difficult for providers in different states to deliver care or conduct consultations with patients who may have difficulty traveling. Providers must be licensed in each state where their patients are located, which may lead to multiple fees, rules and administrative processes for them to meet the needs of their patients. The Interstate Medical Licensure Compact (IMLC) is aimed at streamlining this process, but not every state has signed on and, even in those states that participate, obtaining a license can still be costly and burdensome. Some states have enacted telehealth-specific licensure programs – such as New Mexico – which may address some of these challenges.
  • Scope of Practice: Certain states have laws limiting the scope of practice that impact telehealth. For example, some states have prohibitions on the corporate practice of medicine, which create barriers to different types of entities providing telehealth services. Further, some states limit or restrict which types of providers are eligible to receive payment for telehealth services.
  • Coverage Parity: Many states do not require insurance coverage of telehealth services, and some payers, including Medicaid Managed Care Organizations (MCOs), limit coverage to in-network providers only. The resulting confusion about which services are covered– in-person versus via telehealth– can place administrative and financial burdens on patients and families, especially when they receive unexpected bills for services they believed to be covered. Additionally, there is often confusion among providers and payers, resulting in payer denials of coverage or reimbursement.
  • Reimbursement Parity: Some states do not require reimbursement parity between in-person and virtual services of the same kind. If a provider will be reimbursed less for providing the same service virtually, this provides a disincentive to provider adoption and therefore further limits access to virtual care. Again, in some cases, certain provider types are completely excluded from reimbursement.
  • Billing and Coding: There is a lack of uniformity for telehealth billing codes and coding guidelines across states, which leads to incorrect billing and confusion among providers and patients. In some cases, different payers require certain modifiers and place of service codes, making it hard for providers to track and navigate a wide variety of requirements and remedy claims issues. These challenges are exacerbated when a provider works across state lines, as the number of payers and their respective requirements multiply.
  • Broadband Access: Across rural and urban settings, connectivity can be challenging for underserved populations. Rural families may lack broadband access, and urban families may rely solely on mobile connectivity. The Federal Communications Commission (FCC) offers programs to subsidize the cost of broadband, but these programs generally apply to connectivity for providers, not for patients, therefore addressing only part of the problem.


The federal government has made a few encouraging strides that could help to address some of these challenges. These initiatives include:

  • FCC Connected Care Pilot: The FCC has issued a Notice of Inquiry regarding telehealth for low-income consumers. While the comment period is closed, the pilot is a signal that the FCC is interested in creative solutions to solve the connectivity problems described above, within the agency’s statutory limitations.
  • CMS Integrated Care for Kids Model: Building from a Request for Information on pediatric health earlier this year, CMS has announced eight cooperative agreements for up to $16 million each in funding for innovative state Medicaid models addressing behavioral and physical health needs arising from the nation’s opioid crisis. Telehealth and digital health services bring significant value in addressing the health concerns of children; however, more must be done to address challenges relating to providing care across state lines.
  • Modernization of Reimbursement Policy for Digital Health: Changes to Medicare payment policy for telehealth could have a positive downstream impact on Medicaid and other pediatric payers. In the proposed 2019 Physician Fee Schedule Rule, CMS proposed several new remote patient monitoring and virtual check-in codes. Further, the Creating High-Quality Results and Outcomes Necessary to Improve Chronic (CHRONIC) Care Act, passed this year as part of a larger budget deal, aimed at expanding telehealth services for certain chronic condition populations.

In addition to these initiatives, the federal government could make continued progress in the following ways:

Building on Existing Efforts to Increase Evidence

  • Funding Additional Research: More data is needed on the impact of virtual care and other consumer digital health technologies on access, satisfaction, quality, cost and outcomes for children and families. Areas ripe for research and potential future cost-savings include: avoidable ED visits and readmissions, behavioral health services, chronic disease management, and children with medical complexity. Particular attention should be paid to the unique needs of children and pediatric use cases, and how those needs differ from the adult population.
  • Resources for Best Practices: Further investment is needed to identify and disseminate best practices for telehealth and other virtual care services to state Medicaid and CHIP programs. This includes identification of any unique barriers for the pediatric population and ways to address them, and compiling emerging practices, their impact and lessons learned from existing initiatives implementing telehealth services across all federal agencies including the Health Resources and Services Administration (HRSA), the U.S. Department of Defense (DoD), and the U.S. Department of Veterans Administration (VA), to share and encourage alignment across federal programs. This data could also be shared with state Medicaid and CHIP programs.

Leverage Current Policies and Federal Initiatives

  • New Demonstration Project Focusing on the Multi-State Challenge: CMS could launch a regional, multi-state demonstration pilot to test a set of aligned Medicaid policies impacting digital health access and payment focused on Medicaid and CHIP, especially when care is provided across state lines.
  • Integrate Telehealth as a Priority Focus in Existing Models: Exploring and/or promoting the use of telehealth and other virtual health services in existing Center for Medicare and Medicaid Innovation initiatives, like Accountable Communities for Health, where digital health technologies may be foundational to linking clinical care with essential community social services for children and supporting care for children in a range of settings, including school based clinics.

Finally, CMS could provide technical assistance and resources, such as model telehealth service agreements, to support states and providers in managed care contract negotiation as well as service contracts that abide by fraud and abuse regulations to expand coverage and access to consumer digital health technologies for children and families. Two precedent examples of these model contract provisions are (1) the model Business Associate Agreement published by the HHS Office for Civil Rights to aid covered entities entering into agreements with business associates under HIPAA, and (2) the EHR Contracts Untangled resource published by the Office of the National Coordinator for Health IT (ONC) to assist providers in contract negotiation with electronic health record vendors.


Technology offers the opportunity to improve the way health care is delivered and received, and is likely to continue shaping the health care market well into the future. Patients and families are increasingly demanding more convenient health care services, including virtual access to care, despite the many regulatory barriers impeding the seamless flow of care within and across state lines. Opportunities to improve the regulatory landscape abound, and realizing these opportunities could result in increased access, reduced cost for certain populations, and overall improved outcomes. However, such a future requires close partnership between providers, state governments and the federal government to jointly chart a path toward seamlessly connected care.

Federal agencies are signaling closer oversight of Medicaid managed care organizations (“MCOs”). On August 21, 2018, the U.S. Comptroller General Gene Dodaro and Centers for Medicare and Medicaid Services (“CMS”) Administrator Seema Verma testified to the Senate Homeland Security and Governmental Affairs Committee about combating Medicaid fraud and urged additional oversight of Medicaid MCOs and a larger restructuring of the Medicaid program. This testimony follows other steps taken by the Governmental Accountability Office (“GAO”) and CMS earlier this year to encourage increased scrutiny of Medicaid managed care programs.

GAO Reports Recommend Improved Oversight

           Over the past few months, GAO has released several reports focused on program integrity issues in Medicaid and urging increased oversight, including in the managed care context.

           In May, the GAO released the results of a study it conducted to determine whether the methodology used by CMS to calculate program integrity risks adequately measured the risks in the Medicaid managed care context. Using the Payment Error Rate Measurement (“PERM”) methodology, CMS had estimated that $37 billion in improper Medicaid payments were made in fiscal year 2017, equaling about 10.1 percent of the $364 billion in federal spending on Medicaid. For Medicaid managed care, which constitutes about half of total federal Medicaid expenditures, the improper payment rate determined under the PERM methodology was only 0.3 percent ($500 million in improper payments out of $171 billion in expenditures). In its study, the GAO found that the PERM methodology may not account for key program integrity risks such as unidentified overpayments and unallowable costs. GAO recommended that CMS take steps to mitigate program risks not measured in the PERM, consider revising the PERM methodology, or focus additional audit resources on managed care.

           In July, GAO released another report analyzing payment risks in Medicaid managed care, based on interviews with state program integrity stakeholders in ten states. The study identified six payment risks, four of which relate to the payments made by Medicaid agencies to MCOs and two of which relate to payments by MCOs to providers. The report identified two of the payment risks as being the most significant: (1) incorrect fee-for-service payments from managed care organizations to providers, and (2) inaccurate state payments to managed care organizations due to payments being determined on incorrect data. GAO recommended that CMS expedite planned guidance on Medicaid managed care program integrity, address impediments to managed care audits, and ensure that states account for overpayments when setting future capitation rates.

           The GAO has also released several other reports on Medicaid program integrity not specific to managed care. For instance, in June, GAO released a report highlighting the major program integrity risks for the Medicaid program generally. In August, GAO released reports assessing CMS’s oversight of state-reported Medicaid expenditures and recommending additional actions CMS could take to improve oversight of Medicaid.

CMS Increases Oversight

           CMS has taken steps to increase overall Medicaid program integrity oversight. On June 26, 2018, CMS announced several new initiatives and increased emphasis on existing initiatives intended to improve Medicaid program integrity and maintain sustainability of the program. In its press release on the initiatives, CMS noted that Medicaid spending has rapidly increased over recent years due to several factors, with specific mention of the Medicaid expansion. Three of the main initiatives aim to

  1. Emphasize program integrity in audits of state claims for federal match funds and medical loss ratios (MLRs).
  2. Conduct new audits of state beneficiary eligibility determinations.
  3. Optimize state-provided claims and provider data.

The initiatives enhance audit functions, oversight of state contracts with private payers, beneficiary eligibility oversight, and enforcement of state compliance.

Senate Testimony

           On August 21, 2018, Comptroller General Dodaro and Administrator Verma testified before the Senate Homeland Security and Governmental Affairs Committee on the topic of combatting Medicaid fraud. As committee members questioned Dodaro and Verma about oversight of Medicaid managed care programs, all parties appeared to support greater scrutiny.

           Notably, both Dodaro and Verma urged the senators to increase auditors’ review of managed care organizations. Administrator Verma specifically discussed a recent action by CMS to recoup an anticipated $9.5 billion in improper payments made by the State of California to managed care organization. Her written testimony echoed “concerns that managed care rates resulted in significant profits for insurance companies . . . .”

           Comptroller General Dodaro recommended that CMS utilize state auditors to reduce improper Medicaid payments and hold Medicaid programs accountable. He suggested that it would be a “game changer” to involve state auditors in a “substantive, ongoing way.” He noted that Medicaid is projected to cost the federal government and states nearly $1 trillion annually by 2025 and that the program accounts for one-third of many state budgets.

           Verma and Dodaro also directed particular criticism at the use of federal Medicaid funds on the Medicaid expansion population, as provided for under the Patient Protection and Affordable Care Act (the “ACA”). Dodaro criticized the Obama administration for not increasing oversight of Medicaid managed care plans upon the increased Medicaid enrollment caused by the expansion.

           In her testimony, Verma emphasized her support for structural changes to the Medicaid program, which she described as an “open-ended entitlement.” Administrator Verma attributed some of the government’s overspending to the high match rates that states receive for the Medicaid expansion population and urged for a new system that would make states accountable for outcomes. For example, she noted that the high match rate may have incentivized states to improperly keep pregnant women enrolled in the expansion population rather than appropriately transition them to traditional Medicaid when they become pregnant, as traditional Medicaid has a lower match rate.

           Overall, the committee members, Comptroller General Dodaro, and Administrator Verma all agreed that increased oversight is necessary under Medicaid managed care programs.


           Taken together, the reports, announcements, and testimony discussed here provide a clear signal from the Administration that Medicaid managed care is likely to become subject to increasing scrutiny. CMS and federal and state auditors have not yet taken significant concrete action, but MCOs may be well served to proactively evaluate and address program integrity risks related to their payments to providers and their premium rate payments from states.

CMS has issued its 2019 Physician Fee Schedule Proposed Rule, containing highly anticipated new reimbursement policies for telehealth, remote monitoring, and other uses of digital tools, as well as updates to health IT requirements in the Quality Payment Program, with a stronger focus on patient access to health information. Comments are due September 10 at 5pm.

Continue Reading New CMS Incentives for Remote Patient Monitoring and Patient Access

Building on momentum from Administrator Seema Verma’s announcement of the MyHealtheData initiative at HIMSS 2018, CMS has published more clues as to future action to liberate health information for patients.

In the CY 2019 call letter to Medicare Advantage organizations and Part D programs, CMS describes the Blue Button 2.0 project and its use of the interoperable application programming interface (API) standard Fast Healthcare Interoperability Resources (FHIR). CMS encourages Medicare Advantage plans to adopt “data release platforms” that either meet or exceed the capabilities of Blue Button 2.0, and makes it clear that the agency intends to pursue rulemaking requiring such adoption for 2020.

The FHIR standard is also discussed, although not required, in the 2015 Edition Health IT Certification Criteria for API access, regulations promulgated by the Office of the National Coordinator for Health IT (ONC) that set the rules for functionality and interoperability of electronic health record systems. It seems likely that ONC further promote FHIR for API-based patient access in their upcoming rulemaking updating the certification program, expected this summer.

This move from CMS arrives alongside increased Congressional interest in patient access to information about the cost of healthcare services. This includes a recent Senate price transparency initiative led by Senator Bill Cassidy. Almost 1000 pages of feedback have already been received by Senate staffers, describing why and how payers and providers can make healthcare price and cost information more accessible for individual patients.

Health plans that wish to get ahead of the future regulatory action can check out the developer resources for Blue Button 2.0 to see how CMS envisions API access working for payer data. Plans can also participate in an ongoing ONC Tech Lab project to learn more about on how these standard resources can be used for health plan-specific information and influence standards development.

The Health Care Group’s newest partners, William S.W. Chang and Laura M. Kidd Cordova, along with Counsel Stephanie D. Willis, have authored an Alert about the 21st Health Care Fraud and Abuse Control Program (HCFAC) annual report released last Friday.  The HCFAC report is a joint effort of the U.S. Department of Justice (DOJ) and the U.S. Department of Health and Human Services (HHS) that describes the expenditures, results, and enforcement actions of the previous fiscal year.  The authors note that compared to FY 2016, other than expanded efforts to combat the opioid crisis, enforcement remained more or less consistent with prior trends.  In monetary terms, HCFAC spending slightly increased, while overall monetary recovery and returns on investment in fraud prevention efforts significantly decreased.  Interestingly, however, the proportion of overall recoveries resulting from HHS auditing activities considerably increased.

Read the rest of the Alert’s analysis of the HCFAC report and register for our webinar next Tuesday, April 17th.  During the webinar, listeners will hear Will and Stephanie, who were attorneys employed by DOJ and the HHS Office of the Inspector General (HHS-OIG), respectively, give their insights about the significance of the report for health care companies and the health care industry.


On March 22, 2018, the Centers for Medicare and Medicaid Services (CMS) announced a notice of proposed rulemaking (NPRM) that would, if finalized, exempt states with high rates of Medicaid beneficiaries in managed care plans from monitoring and reporting requirements related to Medicaid service access set forth in 42 C.F.R. §§ 447.203 and 447.204. The regulations currently require states to analyze and document the impact of Medicaid fee-for-service (FFS) payment amounts on beneficiary access to covered health care services in access monitoring review plans (AMRPs) submitted to CMS.

States’ AMRPs must, using a data-driven process, address the impact of Medicaid FFS payments on beneficiaries’ access to the following categories of Medicaid services: primary care services, physician specialist services, behavioral health services, pre- and post-natal obstetric services, and home health. The state must update and submit the AMRP related to these service categories to CMS at least every three years. If a state reduces Medicaid FFS rates for services outside of these categories, the state must include those additional services in the AMRP and publicly monitor the rate reductions for three years.

Since the adoption of these requirements, several states have complained that the scheme imposes an undue administrative burden and that it is not an efficient use of limited state program resources. In response, the proposed rule’s changes to the regulations would allow the following:

  • An exemption from most access monitoring requirements for states with an overall Medicaid managed care penetration rate of 85% or greater (currently, 17 States).
  • An exemption from the specific access analysis for reductions to provider payments below the “nominal payment rate change” of 4% in overall service category spending during a state fiscal year (and 6% over two consecutive years).
  • A state to submit an assurance that its baseline data “indicates current access is consistent with requirements of the Social Security Act,” rather than be required to predict the effects of proposed Medicaid FFS rate reductions or restructurings on access to care.

This NPRM aligns with the Trump Administration’s push to “cut the red tape” and to generally reduce states’ administrative burdens under federal programs. The proposed changes are also consistent with CMS’s other efforts to enable states to focus on patient outcomes rather than processes in administering their Medicaid programs, as quantified in the agency’s estimates that the proposed changes will eliminate 561 administrative hours and save a total of $1.66 million for the affected states.

Comments on the proposed rule are due to CMS no later than May 22, 2018.

On March 6, 2018 at the Healthcare Information and Management Systems Society (HIMSS) 2018 conference, Centers for Medicare & Medicaid Services (CMS) Administrator Seema Verma announced a new initiative furthering the current Administration’s focus on value-based care and increasing patient access to healthcare data. The initiative — called MyHealthEData — will be led by the White House Office of American Innovation, in collaboration with the Department of Health and Human Services (HHS), CMS, the Office of the National Coordinator for Health Information Technology (ONC), the National Institutes of Health (NIH), and the Department of Veterans Affairs (VA). (CMS press release here.) Continue Reading Liberating Data to Transform Value-Based Care: MyHealthEData, Blue Button 2.0, and Price Transparency

On Thursday, March 8, the Trump Administration rejected Idaho’s plan to sell health plans that do not include the consumer protections required by the Affordable Care Act (ACA). The rejection came in the form of a letter touting adherence to current law, though in many ways the letter was written by an apologetic Centers for Medicare and Medicaid Services (CMS) wanting to appease Idaho Republicans.

Earlier this year, Idaho Governor C.L. “Butch” Otter signed an executive order that allowed some Idaho health insurance plans to drop certain ACA requirements. For example, plans would not need to cover maternity care, mental illness, or other essential health benefits; insurers could charge higher premiums to those with preexisting conditions; and insurers could deny people coverage if they had failed to maintain continuous coverage. Insurers who sold such “junk” plans would be required to also sell at least one ACA-compliant option over the exchanges. Gov. Otter’s actions seemed to test just how far Alex Azar, Secretary of the U.S. Department of Health and Human Services, would go to support the “state experimentation” Mr. Azar himself advocated for under the exchanges, as discussed in our earlier post. The answer, for Idaho, is not far enough. Continue Reading Trump Administration Rejects (Nicely) Idaho’s Attempt to Skirt ACA

Congress is considering several adjustments to health IT policy which may have significant impact on the Centers for Medicare and Medicaid Services’ (“CMS”) electronic health records (“EHR”) incentives. On July 20th and 21st, Representatives met to discuss bipartisan legislation to improve the Meaningful Use program and introduced legislation that would authorize a CMS Innovation Center (“CMMI”) project to incentivize EHR adoption by behavioral health providers. The bills may be indicative of Congress’ attitude towards the Meaningful Use program, which has garnered criticism from providers for being burdensome.

On July 21, 2017, the House Committee on Energy and Commerce Subcommittee on Health held a hearing on H.R. 3120 and featured testimony from Cletis Earle, Chairman-Elect of the College of Healthcare Information Management Executives. The bill, sponsored by a group of bipartisan lawmakers, will allow CMS to modify the requirements of the Meaningful Use program in order to give the Secretary additional flexibility in implementing the program. Currently, providers and vendors must comply with the Stage 3 measures and objectives of the Meaningful Use program starting January 1, 2018 or be subject to Medicare reimbursement penalties. Earle argued that the implementation timeline for Stage 3 of the program is too rigorous for providers to meet and may lead to an increase in hardship exemption applications. Provider and vendor groups across the industry have suggested that the HHS Secretary Tom Price delay the Stage 3 obligations, noting that software implementation and cybersecurity issues have made the 2018 deadline unreasonable. Sponsors of H.R. 3120 note that the bill will reduce the burden on providers’ use of EHR systems, allowing providers to focus on care coordination and patient outcomes. In response, CMS noted that the proposed “Medicare Program; CY 2018 Updates to the Quality Payment Program,” which is open for comment through August 21, 2017, would give eligible providers an additional year to implement EHR technology that complies with the 2014 or 2015 edition of Certified Electronic Health Record Technology (“CEHRT”) and offers the opportunity to apply for hardship exemptions for the Advancing Care Information performance category of the Merit-based Incentive Payment System (“MIPS”). For more information, see our update on key proposals of the 2018 Proposed Rule here. Continue Reading Congress Remains Focused on Electronic Health Records