DOJ and State Attorneys General Bolster Efforts on Telehealth Consumer Protection Enforcement

The landscape of telehealth regulation is undergoing a significant transformation, marked by intensified collaboration between federal and state enforcement agencies. The U.S. Department of Justice (DOJ), in conjunction with State Attorneys General (AGs) across the nation, is escalating its focus on consumer protection within the telehealth sector. This coordinated effort aims to combat deceptive marketing practices, fraudulent billing, and substandard care delivery that can harm patients and exploit healthcare systems.

The Regulatory Imperative: Addressing Telehealth's Rapid Expansion

The rapid expansion of telehealth services, particularly accelerated by the COVID-19 pandemic, has brought unprecedented access to care but also presented new avenues for fraud and abuse. While many telehealth providers operate ethically and provide valuable services, a subset has engaged in practices that mislead consumers, compromise patient safety, and defraud public and private payers. These issues range from aggressive and deceptive marketing for unproven treatments to billing for services never rendered or medically unnecessary prescriptions.

Federal agencies, including the DOJ, Federal Trade Commission (FTC), and the Department of Health and Human Services (HHS) Office of Inspector General (OIG), have long been active in pursuing healthcare fraud. However, the unique interstate nature of telehealth often necessitates a broader, more unified approach. State Attorneys General, empowered by state consumer protection laws and medical practice acts, play a crucial role in addressing localized abuses and protecting their state's residents.

Enhanced Coordination and Enforcement Strategies

The DOJ's strategy involves working closely with State AGs to share intelligence, coordinate investigations, and launch joint enforcement actions. This collaboration allows for a more comprehensive attack on fraudulent schemes, leveraging both federal statutes and state-specific regulations. Key areas of focus include:

• Deceptive Marketing and Advertising: Targeting companies that make unsubstantiated claims about treatment efficacy, guarantee results, or misrepresent the nature of their services or providers. This often involves aggressive digital marketing tactics that lure vulnerable consumers.
• Fraudulent Billing Practices: Investigating telehealth providers who bill for services not provided, upcode services, or charge for medically unnecessary consultations or prescriptions. This can impact both private consumers and federal healthcare programs like Medicare and Medicaid.
• Subscription Traps and Hidden Fees: Addressing practices where consumers are enrolled in recurring subscription services without clear consent, face difficulty canceling, or are charged undisclosed fees.
• Unlicensed Practice and Prescribing Issues: Scrutinizing instances where providers may be prescribing across state lines without proper licensure or engaging in inappropriate prescribing practices (e.g., prescribing controlled substances without a legitimate medical purpose).

This coordinated approach allows federal agencies to pursue violations of laws such as the False Claims Act, which prohibits knowingly submitting false or fraudulent claims for payment to federal healthcare programs, and the Federal Trade Commission Act, which prohibits unfair methods of competition and unfair or deceptive acts or practices in commerce. State AGs, in turn, can utilize their state's Unfair and Deceptive Acts and Practices (UDAP) statutes and other consumer protection laws to bring actions against companies operating within their borders.

Notable Trends and Enforcement Examples

While specific ongoing cases are often confidential, the trend is clear. For instance, the DOJ has consistently highlighted its commitment to combating healthcare fraud, including telehealth-related schemes. The HHS-OIG and DOJ have regularly announced enforcement actions that include telehealth components, often involving schemes where patient recruiters or marketers facilitate medically unnecessary services or durable medical equipment (DME) orders, sometimes in conjunction with telehealth providers who rubber-stamp prescriptions.

State Attorneys General have also been active. For example, several states have taken action against telehealth companies for deceptive marketing of mental health services, alleging that companies misrepresented provider availability or quality of care. Others have focused on predatory subscription models for various health and wellness products delivered via telehealth platforms.

This increased coordination is often formalized through task forces, information-sharing agreements, and joint training initiatives that empower both federal and state investigators and prosecutors to tackle complex, multi-jurisdictional telehealth fraud schemes effectively.

Implications for Healthcare Businesses

For telehealth providers, medspas, dental practices, chiropractic offices, and other healthcare businesses expanding into or operating via telehealth, this enhanced enforcement coordination signals a critical need for robust compliance. The days of operating in a regulatory vacuum or relying on ambiguous interpretations are rapidly coming to an end. Businesses must understand that a violation identified by a State AG could quickly escalate into a federal investigation, and vice-versa.

Key Compliance Areas to Address:

1. Marketing and Advertising Transparency:

   • All claims made in advertising, on websites, and through social media must be truthful, non-misleading, and substantiated. Avoid making exaggerated claims about efficacy, speed of results, or guaranteed outcomes.
   • Clearly disclose all costs, fees, and subscription terms upfront. Ensure cancellation policies are clear and easy to execute. Avoid automatic renewals without explicit, informed consent.
   • Be transparent about the nature of the provider-patient relationship, including whether an in-person exam is required or if the service is purely consultative.

2. Clinical Appropriateness and Medical Necessity:

   • Ensure that all services provided, and prescriptions issued, are medically necessary and delivered within the appropriate standard of care.
   • Providers must conduct thorough patient evaluations, even via telehealth, and document their medical decision-making comprehensively.
   • Avoid any arrangements that incentivize prescribing specific medications or ordering unnecessary tests or services.

3. Licensure and Scope of Practice:

   • Verify that all providers are appropriately licensed in every state where they treat patients. Maintain meticulous records of provider licensure.
   • Ensure that services provided fall within the scope of practice for the respective licensed professional.
   • Stay updated on state-specific telehealth practice standards, which can vary significantly.

4. Billing and Coding Accuracy:

   • Implement rigorous internal controls to ensure accurate billing for services rendered. Avoid upcoding or billing for services not performed.
   • If participating in federal healthcare programs, ensure strict adherence to Medicare and Medicaid billing rules and anti-kickback statutes.

5. Data Privacy and Security:

   • Maintain robust HIPAA compliance, protecting patient health information from breaches and unauthorized access. This includes secure telehealth platforms and data storage.

Proactive Risk Mitigation

To mitigate risks, healthcare businesses should:

• Conduct Regular Internal Audits: Periodically review marketing materials, patient intake processes, billing records, and clinical documentation for compliance with federal and state laws.
• Implement Comprehensive Compliance Programs: Develop and enforce a robust compliance program that includes policies and procedures, employee training, and a mechanism for reporting concerns without fear of retaliation.
• Engage Legal Counsel: Consult with legal experts specializing in healthcare and consumer protection law to review practices and stay abreast of regulatory changes.
• Monitor Patient Feedback: Actively monitor and respond to patient complaints, as these can often be early indicators of potential compliance issues that could attract regulatory attention.

Conclusion

The coordinated enforcement efforts by the DOJ and State Attorneys General represent a significant commitment to safeguarding consumers and maintaining integrity within the telehealth ecosystem. Healthcare businesses operating in this space must recognize this heightened scrutiny and proactively strengthen their compliance frameworks. A failure to adapt to this evolving regulatory environment could result in severe penalties, including substantial fines, exclusion from federal healthcare programs, and damage to reputation.

Sources:

• U.S. Department of Justice, Office of Public Affairs: https://www.justice.gov/opa
• National Association of Attorneys General (NAAG): https://www.naag.org/
• HHS Office of Inspector General (OIG): https://oig.hhs.gov/
• Federal Trade Commission (FTC): https://www.ftc.gov/

(Note: Specific press releases regarding joint DOJ-State AG actions are often released by both agencies simultaneously, and general policy statements on coordination are frequently found on their respective 'news' or 'press releases' sections.)