March 18, 2020

A Day in Telehealth History: Access to Telehealth Services Expanded, Requirements to Facilitate Virtual Visits Relaxed in Response to Coronavirus

March 17, 2020, will be a day to remember in the history of telehealth in the U.S. Thanks to a slew of federal policy changes, it is now easier for providers to offer telehealth, more people can access telehealth services, and there are fewer restrictions and liability risks. While these policy changes are largely specific to this COVID-19 (commonly known as the coronavirus) emergency, the federal government is recognizing the value and virtue of telehealth, and providers can use this opportunity to scale up and demonstrate its successful use.


On March 17, 2020, the Centers for Medicare and Medicaid Services (CMS) temporarily expanded access to telehealth services covered by Medicare so that more beneficiaries can receive services from their doctors and other health care providers without having to travel to a health care facility. Discussed in detail below, these policy changes were made under CMS’ 1135 waiver authority and the Coronavirus Preparedness and Response Supplemental Appropriations Act and will last for the duration of the COVID-19 Public Health Emergency (the “Public Health Emergency”). The goal is to permit Medicare beneficiaries to receive care in their homes during the COVID-19 pandemic.

Additionally, to facilitate the use of telehealth during the Public Health Emergency:

  1. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a policy not to enforce HIPAA’s Privacy Rule requirement that covered entities use only secure methods of communication for telehealth visits.
  2. The Drug Enforcement Administration (DEA) agreed that DEA-registered practitioners may prescribe controlled substances during telehealth visits without having a prior in-person medical evaluation as otherwise required by the Ryan Haight Online Pharmacy Consumer Protection Act.
  3. The Office of Inspector General (OIG) stated that it would not impose civil monetary penalties against any provider that waives cost-sharing amounts (i.e., co-pays or deductibles) in connection with telehealth visits.

Expansion of Telehealth for Medicare Beneficiaries

With claims starting March 6, 2020, Medicare will now pay for office, hospital and other visits furnished by doctors, nurse practitioners, physician assistants and other providers via telehealth regardless of the originating site of the patient.

  • Without this waiver, fee-for-service Medicare reimbursement for telehealth is subject to restrictions found in Section 1834(m) of the Social Security Act, including the restriction that the patient present at a rural originating site. Under the waiver, the patient can have a telehealth visit using interactive, real-time audio-video in any health care facility or in their home.
  • The services that qualify for reimbursement under this waiver are the same that were previously reimbursed under the 1834(m) restrictions, which for calendar year 2020 includes approximately 100 codes published by CMS.
  • These telehealth visits are considered the same as in-person visits and are paid at the same rate as regular, in-person visits.
    HHS also announced a policy of enforcement discretion for the prior patient relationship requirement recently passed in the Coronavirus Preparedness and Response Supplemental Appropriations Act. HHS will not conduct audits to ensure that such a prior relationship existed for claims submitted during this Public Health Emergency. This is HHS’ way of telling providers to “please use telehealth during this Public Health Emergency”, which should ease providers’ liability concerns.

CMS also reminded practitioners of the availability of reimbursement for other existing telehealth services, including virtual check-ins and e-visits in its waiver announcement. For more, see CMS’ fact sheet and FAQs.

Relaxation of HIPAA Requirements for Telehealth Visits (i.e., Use Everyday Technology for Telehealth)

To further facilitate the use of telehealth services during the Public Health Emergency, OCR announced that it will exercise enforcement discretion and waive penalties for Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule violations against covered entities that serve patients in good faith through non-public facing audio or video communication products, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype. Public-facing products such as Facebook Live, Twitch and TikTok should not be used to provide telehealth. OCR also encourages providers to notify patients that such applications are not secure and to enable as many security measures as are available from the product.

The key takeaway is that providers and patients can use everyday technology to conduct telehealth visits during the pandemic.

Expansion of Telehealth for Prescribing of Controlled Substances

Similarly, the Drug Enforcement Administration (DEA) published guidance that, for so long as the Public Health Emergency remains in place, DEA-registered prescribers may issue prescriptions for controlled substances to patients using telemedicine without a prior in-person patient medical evaluation as otherwise required by the Ryan Haight Online Pharmacy Consumer Protection Act. To comply, a DEA-registered practitioner must use interactive, real-time audio-video telehealth (meaning asynchronous telehealth involving controlled substances is not allowed). And of course, the prescription must still be for a legitimate medical need and the practitioner must be practicing in accordance with other state and federal law.

Flexibility to Waive Cost-Sharing in Federal Health Programs

Finally, the Office of Inspector General (OIG) issued a Policy Statement to notify practitioners that they will not be subject to administrative sanctions for reducing or waiving any cost-sharing obligations (i.e., coinsurance and deductibles) owed by federal health care program beneficiaries for telehealth services during the Public Health Emergency.


These actions address many of the barriers that providers were facing in the effort to provide access to telehealth services during this Public Health Emergency. However, providers will undoubtedly face additional barriers that may need to be addressed at the federal and state levels as they scale up efforts in this new environment.

More specifically, while these federal waivers are helpful, practitioners still need to be mindful of state licensure and other requirements. In addition, we recommend that, to the extent practicable, providers obtain patient consent and advise patients of potential security risks prior to providing virtual care. Faegre Drinker’s digital health professionals are available to help clients navigate this new normal and advocate for state and federal policies to increase patient access to telehealth services during the coronavirus outbreak and beyond.

As the number of cases around the world grows, Faegre Drinker’s Coronavirus Resource Center is available to help you understand and assess the legal, regulatory and commercial implications of COVID-19.

The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

The Faegre Drinker Biddle & Reath LLP website uses cookies to make your browsing experience as useful as possible. In order to have the full site experience, keep cookies enabled on your web browser. By browsing our site with cookies enabled, you are agreeing to their use. Review Faegre Drinker Biddle & Reath LLP's cookies information for more details.