By Donielle McCutcheon, Chris Abbinante, Jaime Jones, Geoffrey Levin
Telehealth utilization rapidly expanded this year due to the covid-19 public health emergency. The success of this market has led to a flurry of deal activity for telehealth assets. Investments in telehealth companies offering primary and behavioral healthcare, disruptive technology platforms, and robotic devices used in telehealth reflect a desire by investors to bet on a boom in virtual healthcare.
While the opportunity to invest in innovative technology can be enticing, there are significant regulatory challenges that should be considered before investing, including: status of government waivers, reimbursement, privacy and corporate practice limitations.
Status of covid-19 waivers
A number of the regulatory hurdles that previously inhibited large-scale adoption of telehealth have been temporarily removed for the duration of the pandemic. To facilitate telehealth utilization during this period, the government and private payors have relaxed limitations on the types of telehealth services covered, reimbursement amounts and rigid state professional licensure rules.
These efforts have greatly accelerated the use of telehealth, but a key uncertainty impacting investment decision-making is whether any of these regulatory waivers and private payor policies will become permanent post-pandemic. Fortunately, there is broad stakeholder support to maintain at least some subset of the recent expansions. An executive order issued by the President in August instructed the Department of Health and Human Services (HHS) to review the temporary telehealth measures, particularly with respect to patients in rural areas, and propose extensions.
HHS contemporaneously acted on the order and issued a proposed rule that, if finalized, would permanently expand coverage for certain telehealth services for Medicare beneficiaries.
In September, the Taskforce on Telehealth Policy (TTP) recommended that policymakers make permanent certain covid-19 policy changes, including lifting geographic restrictions and limitations on originating sites, allowing telehealth for various types of clinicians and conditions, allowing a telehealth visit to satisfy requirements for establishing a patient/provider relationship, and eliminating unnecessary restrictions on telehealth across state lines.
This suggests that changes that allow patients to receive telehealth in their homes and allow for a broader range of providers to perform telehealth may become permanent. There has also been a significant push to ensure continued access to telehealth for behavioral health services. What we may see is a trial period during which certain changes are extended and later reevaluated, based on data and stakeholder feedback, to determine if the changes should be made permanent. Regardless, understanding the scope and nuance of these developments is key when investing in this space.
Payor coverage and reimbursement
Return on investment will be tied to whether, and to what extent, telehealth services will be covered by public and private insurers, including Medicare and Medicaid. Many payors, including Medicare, will not reimburse for services that are solely text-message based, and it is unclear the extent to which federal and private payors will continue to reimburse for delivery of telehealth under models that do not provide for two-way video connection. While part of the recent expansion has included temporary bumps in reimbursement amounts – for example, Medicare has increased reimbursement rates for telehealth to be at parity with in-person visits – it is not expected that these increases will be permanently adopted across-the-board, and the TTP stopped short of calling for in-person reimbursement rates in its report.
Reimbursement often drives adoption; therefore, it is critical for investors to carefully assess reimbursement risk.
Patient privacy risks
Telehealth platforms present unique privacy and security vulnerabilities that are not present in traditional provider practices. Compliance costs to protect from eavesdropping, misdirected audio visual communications, and other security susceptibilities can be significant. While the government issued guidance stating it will exercise enforcement discretion and waive penalties under the federal patient privacy law (HIPAA) against providers that serve patients in good faith through everyday platforms – like FaceTime or Skype, which are not as secure as HIPAA requires – this exercise in enforcement discretion is unlikely to remain permanent. In fact, the TPP recommended that policymakers fully reinstate enforcement of HIPAA privacy protections.
Patient privacy considerations are particularly relevant for those who may have only operated under relaxed HIPAA rules. The ramp-up required to ensure HIPAA compliance is both administratively burdensome and resource intensive, and can be a barrier to entry for companies.
Corporate practice considerations
A number of telehealth assets involve a national platform that provides consumers with convenient access to a licensed-healthcare provider. When evaluating such targets, it is important to diligence whether the entity is structured to comply with state corporate practice of medicine rules. Depending on the state, failure to comply with these rules can result in civil or criminal penalties, loss of licensure or invalidation of contracts.
The pace of consumer and provider telehealth adoption is at historic heights. The potential cost savings and public health benefits are undeniable, but continuation of the trend in utilization will require additional investment, and that will turn on the status of the regulatory and payment changes summarized above.
This article has been prepared for informational purposes only and does not constitute legal advice. This information is not intended to create, and the receipt of it does not constitute, a lawyer-client relationship. Readers should not act upon this without seeking advice from professional advisors. The content therein does not reflect the views of the firm.