CT Expands Telehealth via Telephone to Other Providers and Addresses HIPAA Compliance

Under Executive Order No. 7G, late yesterday, Governor Ned Lamont expanded permission to offer “audio-only” telehealth services to commercial insurer’s in-network providers furnishing covered telehealth services.  Two days ago, the Governor granted this permission to Medicaid providers serving Medicaid beneficiaries.  The Executive Order also addresses licensure and location requirements and conditions for other providers wishing to offer telehealth services.  Additionally, the order assures providers that compliance with federal agency guidance on HIPAA is adequate to meet state law. 

To allow certain providers to deliver telehealth services via telephone, the order modifies the statutory definition of “telehealth” to include the use of “audio-only telephone” by “Medicaid enrolled providers providing covered telehealth services to established patients who are Medicaid recipients, or telehealth providers that are in-network providers for commercial fully insured health insurance providing covered telehealth services to patients with whom there is an existing provider-patient relationship. . .” (Eligible Providers). 

In a blog post yesterday, I detailed the rules relating to Medicaid providers.  While commercial insurers may have their own rules for in-network providers, the basic telehealth statutory requirements still apply and the recommendations I offered yesterday on consent and verification of identity apply to commercial insurers’ in-network providers as well.  

The Executive Order also suspends licensure, certification or registration requirements for Eligible Providers “in accordance with any related orders issued by the Commissioner of Public Health.”  This signals likely action by the Commissioner to suspend the requirement that Eligible Providers be licensed, certified or registered in this state to provide telehealth services, although no such order has been issued yet.  Additionally, the Governor’s order waives any requirement that telehealth services must be provided from a provider’s licensed facility. 

With respect to HIPAA compliance, the Executive Order provides necessary clarification on the requirement in the state statute that telehealth services must comply with HIPAA.  To align with recent guidance from federal agencies relaxing HIPAA enforcement for telehealth, the order modifies the HIPAA compliance provision to allow Eligible Providers to rely on the guidance from the federal Department of Health and Human Services and the Office for Civil Rights. 

Finally, a provider who is not an Eligible Provider may furnish telehealth services but only if: (1) the provider first determines whether the patient is covered by a health plan other than Medicaid or a fully-insured commercial plan, and whether such plan provides coverage for the telehealth services; (2) if coverage is available, the provider shall not bill a patient for any charges in addition to the reimbursement under the health plan; and (3) if coverage is not available or the patient is uninsured, the provider “shall accept as reimbursement for that service as payment in full, the amount that Medicare reimburses for such service” and, if the patient is uninsured or otherwise unable to pay for such services, the provider shall offer financial assistance if it is legally required to do so.

Given the fluid nature of things during this COVID-19 pandemic, I suspect that we will see more changes related to telehealth.