In the latest of a series of guidances and alerts regarding remote patient monitoring (“RPM”) services, the U.S. Department of Health and Human Services Office of Inspector General (“OIG”) issued a issued a report analyzing Medicare billing practices for remote patient monitoring 2204’s RPM services on August 25, 2025. Like the rise of telemedicine, remote patient monitoring has enhanced patient care and improved patient access to medical services. Yet, like telemedicine, it enables opportunities for fraud, is drawing scrutiny from the government, and is rife with pitfalls for providers. The August Report discusses patterns that may be indicators of potential fraud and abuse and reiterates the need for enhanced oversight by the Centers for Medicare & Medicaid (“CMS”), detailing findings that can assist providers in assessing compliance and regulatory implications.

KEY FINDINGS AND TAKEAWAYS

1. Medicare Payments: Nearly one million Medicare enrollees received RPM services in 2024, a 27% increase from 2023. Medicare payments for RPM services also increased 31% from 2023, reaching $536 million.

2. Provider Participation Increases: Approximately 4,600 medical practices routinely billed for RPM services in 2024, adding roughly five new RPM enrollees each month and 70 new enrollees annually.

3. OIG Scrutiny of Billing Practices: Analyzing its data, OIG opined that the following RMP billing practices “warrant further scrutiny” and could possibly indicate fraud:

  • Spikes in Billing: The report highlights one practice that added 3,400 new enrollees in a single month, which OIG asserted could be a marker for potential fraud but acknowledged could also be legitimate growth of the practice.

 

  • Missing Treatment Management: 52 medical practices billed for RPM services for more than 75% of their enrollees even though they did not receive required treatment management (such as actual review of enrollee data to make clinical decisions about care). OIG expressed concern that “a medical practice that has a high percentage of enrollees who never received treatment management in any month warrants further scrutiny” but acknowledged that some patients do not need treatment management on a monthly basis.

 

  • No Prior Patient Relationship: In most cases, Medicare requires a medical practice to establish a patient relationship with the enrollee through either an in-person service or telehealth service prior to billing for RPM services. The report details how 45 medical practices billed Medicare for RPM services for more than 80% of patients with whom they had no prior medical relationship.

 

  • Duplicate Enrollees Across Different Practices: OIG expressed concern that 34 medical practices frequently billed RPM services for the same enrollees as two or more other practices, opining that this could indicate that some of the practices were providing duplicative or unnecessary services to these enrollees or not actually providing the services claimed.

 

  • Billing for Multiple Devices:  In most cases, Medicare only covers one RPM device per enrollee per month, and the report expressed concern that some medical practices routinely billed for at least two RPM devices per enrollee per month.

INCREASED AUDIT RISK AND HEIGHTENED ENFORCEMENT

As with previous reports and guidances, OIG once again called for the Centers for Medicare & Medicaid Services (“CMS”) to add safeguards to ensure RPM is used and billed properly. Suggestions included regular monitoring for the billing practices and hallmarks discussed above. Providers should anticipate more frequent audit inquiries from CMS, particularly if billing patterns resemble the above billing indiciations warranting further scrutiny. Providers would do well to avoid these patterns where possible and otherwise document the medical necessity of all treatment and ensure that supporting evidence of treatment is maintained and available.

OIG previously published a consumer alert in November 2023 involving a fraud scheme related to RPM billing (the “Consumer Alert”). The Consumer Alert discussed a scam whereby Medicare patients were enrolled in RPM through television advertising, click bait internet ads, and cold call phone solicitations (cold calling). The perpetrators billed Medicare for set-up, patient teaching, and monthly monitoring data even though FDA-approved devices were typically never sent.

In September 2024, OIG published a report reviewing and recommending increased oversight over RPM services and billing praetices in Medicare. The 2024 Report detailed the significant rise in the use of RPM in Medicare between 2019 to 2022 and OIG’s growing concern regarding potential Medicare fraud. As noted above, RPM fraud typically entails companies signing-up enrollees for medically unnecessary RPM and billing for services that were not actually provided. OIG stated that the Medicare program currently lack critical information for oversight, particularly regarding details about the heath data monitored, devices used, and providers who request and deliver the services.

An audit of Medicare Part B RPM services was announced in December 2024, following the calls for increased oversight in the Consumer Alert and 2024 Report. Findings are expected to be published sometime in 2026. OIG has stated that it will, through the audit, “determine whether providers furnished and billed for RPM services in accordance with Medicare requirements.”

NEXT STEPS AND RECOMMENDED ACTION

Providers involved in RPM should consider the following safeguards and actions:

  • Updated Policies and Training: Policies should require and ensure training of relevant provider staff on Medicare RPM coverage, billing requirements, and documentation standards.
  • Internal Audits: Providers should regularly review RPM billing data for spikes in new enrollees, lack of prior patient relationships before providing medical services, missing treatment management, multiple device billing, and other anomalies. Any abnormalities should be corrected or the reasons for such practices should otherwise be documented and justified.
  • Enhanced Documentation: Providers should maintain clear records of prior patient relationships, medical necessity, device provision, and treatment management.
  • Ensure Medical Necessity: Providers should ensure RPM is medically necessary for every patient through documentation of their initial diagnoses and confirm the need for ongoing monitoring of the patient’s condition through an FDA-approved device.
  • Prepare for Audits: Providers should be ready to respond to OIG or CMS inquiries regarding RPM billing practices.

The August 2025 Report highlights the need for rigorous provider compliance programs around RPM services. Providers should proactively assess and strengthen RPM billing practices to mitigate risk of government action and ensure compliance.

For more information about RPM billing, compliance, audits, or investigations, please complete our website’s contact form. We represent RPM providers and medical device manufacturers with pertinent relationships with providers.