The COVID-19 pandemic created unprecedented challenges for how Medicare beneficiaries access health care. In response, the Department of Health and Human Services (HHS) and CMS took a number of actions to temporarily expand access to telehealth for Medicare beneficiaries. In addition, CMS temporarily paused several program integrity activities, including medical reviews of claims.

In a related report, the OIG found that the use of telehealth increased dramatically during the first year of the pandemic. More than 28 million Medicare beneficiaries—about 2 in 5—used telehealth services that first year. In total, beneficiaries used 88 times more telehealth services during the first year of the pandemic than they did in the prior year.

The changes to Medicare telehealth policies, along with the dramatic increase in the use of telehealth, underscore the importance of determining whether providers are billing for telehealth services appropriately and how to best protect Medicare and beneficiaries against fraud, waste, and abuse.

This data brief describes providers’ billing for telehealth services and identifies ways to safeguard Medicare from fraud, waste, and abuse related to telehealth. This information can help CMS, Congress, and other stakeholders determine what safeguards may be needed as they consider permanent changes to telehealth policies in Medicare.

This report is part of a series that examines the use of telehealth in Medicare and the characteristics of beneficiaries who used telehealth during the pandemic.



This data brief is based on an analysis of Medicare fee-for-service claims data and Medicare Advantage encounter data for the first year of the pandemic from March 1, 2020, to February 28, 2021. We focused our analysis on the approximately 742,000 providers who billed for a telehealth service. Using input from OIG investigators, we developed seven measures that focus on different types of billing for telehealth services that may indicate fraud, waste, or abuse. For each of these measures, we set very high thresholds to identify providers whose billing poses a high risk to Medicare. Because this data brief focuses on specific measures with very high thresholds, it does not capture all concerning billing related to telehealth services that may be occurring in Medicare. Additionally, this report does not confirm that any particular provider is engaging in fraudulent or abusive practices. Any determination of fraud or an overpayment would require additional investigation.

Further, a Medicare billing practice-known as “incident to” billing—creates challenges for oversight because it allows services provided by clinical staff who are directly supervised by a practitioner to be billed under the supervising practitioner’s identification number. It is critical for program integrity efforts to identify the individual who delivered the telehealth service that is billed to Medicare. To address these limitations in the data, we developed measures for this report that aim to minimize the effect of “incident to” billing on the results of the claims analysis.



We identified 1,714 providers whose billing for telehealth services during the first year of the pandemic poses a high risk to Medicare. These providers billed for telehealth services for about half a million beneficiaries. They received a total of $127.7 million in Medicare fee-for-service payments.

Each of these 1,714 providers had concerning billing on at least 1 of 7 measures we developed that may indicate fraud, waste, or abuse of telehealth services. All of these providers warrant further scrutiny. For example, they may be billing for telehealth services that are not medically necessary or were never provided.

In addition, more than half of the high-risk providers we identified are a part of a medical practice with at least one other provider whose billing poses a high risk to Medicare. This may indicate that certain practices are encouraging such billing among their associated providers. Further, 41 providers whose billing poses a high risk appear to be associated with telehealth companies; however, there is currently no systematic way to identify these companies in the Medicare data.



Although these high-risk providers represent a small proportion of all providers who billed for a telehealth service, these findings demonstrate the importance of strong, targeted oversight of telehealth services. The findings also offer insight on how Medicare and others can protect beneficiaries against fraud, waste, and abuse. Conducting targeted oversight of telehealth will help ensure the benefits of telehealth are realized while minimizing risk in an effective and efficient manner. Accordingly, we recommend that CMS: (1) strengthen monitoring and targeted oversight of telehealth services, (2) provide additional education to providers on appropriate billing for telehealth services, (3) improve the transparency of “incident to” services when clinical staff primarily delivered the telehealth service, (4) identify telehealth companies that bill Medicare, and (5) follow up on the providers identified in this report. CMS concurred with our recommendation to follow up on the providers identified in this report, but CMS did not explicitly indicate whether it concurred with the other four recommendations.

Don't miss out

Subscribe now for access to exclusive content.