HEALTH & WELLNESS

By NCDS Medical Billing and Practice Management
What independent practices need to know about virtual care regulations in the year ahead.
Telemedicine didn’t disappear when the public health emergency ended—it matured. And now, with the passage of the Consolidated Appropriations Act of 2026, Congress has extended key Medicare telehealth flexibilities through Dec. 31, 2027.
Health insurance professionals can advise clients of the current telehealth rules and regulations. That means no January 2026 rollback. No short-term lapse. No sudden return to restrictive pre-pandemic rules.
But make no mistake: telemedicine compliance is still evolving. In 2026, telemedicine compliance will be less about whether you offer virtual care—and more about how you deliver it, where it’s delivered from, what platform you use, how you bill it, and how well you document it.
This article breaks down the confirmed regulatory landscape shaping telemedicine compliance in 2026—and what your practice should be doing now to avoid audits, denials, and revenue disruption.
Compliance Isn’t Static—Telemedicine Rules Are Structured (But Temporary)
The Consolidated Appropriations Act of 2026 extends many Medicare telehealth flexibilities through Dec. 31, 2027, including:
- Home as an eligible originating site
- Removal of geographic restrictions (rural and urban allowed)
- Expanded practitioner eligibility
- Continued coverage for audio-only services in certain situations
- Delayed in-person visit requirements for mental health services
- FQHC and RHC distant site billing
- Extension of Hospital-at-Home waiver (through Sept. 30, 2030)
- Temporary telehealth prescribing flexibility for controlled substances (through Dec. 31, 2026)
This provides stability—but not permanence. Practices must prepare now for a regulatory shift that could occur in 2028.
1. Telehealth flexibilities are extended—but not forever
The biggest compliance misconception in 2026 is assuming telehealth rules are now permanent. They are not. Unless Congress acts again, many flexibilities are scheduled to change beginning Jan. 1, 2028, including:
- Potential return of geographic restrictions
- Facility-based originating site requirements (except behavioral health)
- Removal of certain practitioner types from telehealth eligibility
- In-person requirements for mental health telehealth initiation
What this means: You have stability through 2027—but planning for 2028 should begin now.
2. Approved telemedicine platforms are non-negotiable
Pandemic enforcement discretion is over. Telemedicine visits must be conducted using HIPAA-compliant, secure platforms that:
- Encrypt data in transit
- Provide access controls
- Offer audit trails
- Include Business Associate Agreements (BAAs)
Consumer platforms like FaceTime or non-healthcare Zoom licenses expose practices to:
- HIPAA violations
- Compliance findings
- Payer scrutiny during audits
Secure technology is now a baseline expectation—not a recommendation.
3. Place of Service (POS) accuracy is critical
CMS continues to enforce accurate POS coding for telehealth services. Current guidance:
- POS 10 – Telehealth Provided in Patient’s Home
- POS 02 – Telehealth Provided Other than in Patient’s Home
Since Jan. 1, 2024, telehealth services provided to patients in their homes are paid at the non-facility rate. Common compliance triggers:
- Using POS 11 (office) incorrectly
- Failing to distinguish between POS 02 and POS 10
- Missing documentation of patient location
These errors affect both reimbursement and audit risk.
4. Audio-only services continue—with conditions
Through Dec. 31, 2027, Medicare beneficiaries may receive audio-only telehealth services in their homes. Beginning Jan. 1, 2028:
- Audio-only will be limited primarily to behavioral health
- The practitioner must be capable of audio-video technology
- The patient must be unable or unwilling to use video
Documentation must clearly identify:
- Modality used
- Patient consent
- Clinical appropriateness
5. Behavioral health telehealth: expanded but structured
Behavioral health continues to receive strong telehealth support. Geographic restrictions for behavioral health are permanently removed. However, beginning after Dec. 31, 2027:
- An in-person visit within six months prior to the first telehealth service may be required
- Ongoing in-person visits every 12 months may apply
- Patients who began telehealth behavioral health services prior to 2028 may be treated as established patients.
Tracking this requirement will be essential to protect reimbursement.
6. Virtual supervision and teaching physician flexibilities
Beginning Jan. 1, 2026: CMS allows virtual presence (audio/video only, not audio-only) for:
- Direct supervision services without a 010 or 090 global surgery indicator
- Most incident-to services
- Many diagnostic tests
- Cardiac and pulmonary rehab
- Certain outpatient services
Teaching physicians may also maintain a virtual presence during key portions of Medicare telehealth services. Supervision rules are no longer temporary—but they are highly specific.
7. Remote Patient Monitoring (RPM) remains under scrutiny
While not directly altered by the new legislation, RPM continues to be closely audited. Common risk areas:
- Time tracking accuracy
- Proof of device usage
- Clinical review documentation
- Medical necessity documentation
Telehealth extensions do not relax RPM compliance standards.
8. State licensure compliance is back to normal enforcement
Temporary interstate licensure waivers are largely expired. Providers must be licensed in the state where the patient is physically located at the time of service.
This remains a high-risk area for:
- Behavioral health
- Multistate virtual practices
- Growing telehealth groups
- Common documentation mistakes that trigger audits
Across telemedicine services, compliance gaps most often include:
- Missing telehealth consent
- No documentation of modality (audio-only vs. audio-video)
- Incorrect POS coding
- Incomplete supervision documentation
- Failure to track mental health in-person visit requirements
- Weak RPM documentation
These are operational gaps—not rare mistakes.
How to prepare now for 2026 and beyond
The extension provides breathing room—but not immunity. Independent practices should:
- Confirm all telehealth platforms are HIPAA-compliant
- Train billing teams on POS 02 vs. POS 10
- Update EHR templates to capture modality and consent
- Implement tracking for future mental health in-person requirements
- Review licensure coverage
- Monitor regulatory updates tied to 2028
How NCDS helps practices stay compliant
Telemedicine compliance is layered. Billing, documentation, supervision, technology, licensure—they all intersect. At NCDS, we help practices:
- Validate telehealth coding before claims submission
- Monitor CMS updates in real time
- Identify risk areas before audits occur
- Align workflows with payer expectations
- Prepare for 2028 changes proactively
Compliance isn’t reactive. It’s structured. Telemedicine compliance is stable—but not permanent. The Consolidated Appropriations Act of 2026 provides welcome stability through 2027.
But the message for practices in 2026 is clear: Secure platforms. Accurate documentation. Correct coding. Verified licensure. And a forward-looking plan for 2028. Telemedicine isn’t temporary anymore. But the flexibility still is.
“Health insurance professionals can advise clients of the current telehealth rules and regulations.”
