Pitfalls and Traps for Fraud in Telemedicine

In March 2026, the owner of a telemedicine company admitted to organizing and leading a long-running fraud scheme in which he ordered unnecessary orthotic braces and genetic tests and conspired with other providers to further the scheme by failing to meet telemedicine standards of practice. The fraudulent conduct included:

• targeting Medicare beneficiaries with aggressive telemarketing to induce them to accept unnecessary items and tests
• paying physicians to approve orders despite the lack of compliant telemedicine visits, real medical relationships or meaningful patient interactions
• selling signed physician orders to durable medical equipment (DME) suppliers, laboratories and marketers that were participating in the scheme
• operating multiple Florida-based DME supply companies that billed Medicare for orthotic braces that beneficiaries did not want or need

In total, at least $46.2 million in false and fraudulent claims were submitted to Medicare. Medicare paid $17.9 million on these claims, and the defendant personally received more than $10.4 million. The defendant pled guilty to conspiracy to commit healthcare fraud and wire fraud and agreed to pay $17.9 million in restitution. A federal district court judge will determine the sentence, with a statutory maximum of 20 years in prison.

The case was investigated by the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG) and FBI and is being prosecuted by the U.S. Department of Justice (DOJ) Criminal Division's Fraud Section. According to the DOJ, the Fraud Section leads the Health Care Fraud Unit Strike Force Program, which, since March 2007, has charged more than 6,200 defendants for conduct involving more than $45 billion in billed amounts to federal healthcare programs and private insurers. In prosecuting this case, the agencies are signaling that improperly governed and structured telemedicine companies will be priority subjects of future investigations.

Practical Considerations for Telemedicine Providers

This guilty plea, however, should not alarm telemedicine providers committed to providing care in a compliant manner. The underlying fraud in this case was more pervasive than ordering supplies that were not wanted or used. The defendant's deceptive marketing tactics and failure to comply with telemedicine regulations for establishing a doctor-patient relationship and conducting an adequate clinical assessment demonstrated an even greater risk to the Medicare trust fund and operations of other telemedicine providers in the field.

This case serves as a reminder to telemedicine providers that they can also attract bad actors and inadvertently enable fraudulent conduct with vendors if they are not mindful and intentional about ensuring compliance within their organization and those with whom they contract. To avoid a similar outcome, telemedicine providers should consider the following:

• Comply with Applicable State and Federal Telemedicine Laws and Regulations. The Centers for Medicare & Medicaid Services has published an FAQ and MLN 901705, each of which cites the federal laws and regulations applicable to Medicare telemedicine providers. Additionally, most states impose their own telemedicine laws and regulations – commonly through state medical boards – which include requirements for professional practice such as adequate clinical assessments and the establishment of a doctor-patient relationship.
• Require That Providers Place Orders Only When Medically Necessary. Medicare fraud investigations often boil down to whether a service billed to Medicare was medically necessary. In this case, investigators determined that not only were the services unnecessary, but the providers failed to ensure the patients wanted, needed or received the services and supplies being requested and ordered. Though telemedicine companies cannot interfere with or control their providers' clinical decision-making, they can insist that they follow compliant ordering practices and avoid conduct that exposes the company to enforcement risk. Telemedicine companies should require providers to attest that they will meet their ethical obligations and comply with the terms in the Medicare Provider Agreement.
• Review Marketing Strategies for Compliance with State and Federal Law. Medicare beneficiaries typically represent a vulnerable, aging population and may be more susceptible to deceptive marketing. But even without that additional layer of vulnerability, the Federal Trade Commission already governs the manner in which specific health claims are marketed. State licensing and professional boards often also have standards and requirements for marketing clinical services to ensure they are not deceptive. It should be standard practice for telemedicine companies, which are inherently more involved in marketing and advertising than providers with brick-and-mortar practices, to regularly audit their marketing strategies.
• Use Physician Agreements to Enforce Compliance with Law. The relationship between telemedicine company and clinician should be clearly delineated in a written agreement that prohibits improper payments (including payments tied to approvals, referrals or value/volume of business). The agreement should require the provider to comply with all applicable state and federal laws and include representations that the provider is not and has never been the subject of an investigation related to healthcare fraud, privacy or professional licensure requirements.
• Monitor Billing for Outliers and Validate That Claims Reflect Medically Necessary Services Supported by Compliant Encounters and Documentation. Ensuring claim integrity is critical for all providers, but telemedicine companies should be particularly vigilant in reviewing claims data because their businesses often reach across state lines, making it difficult to sense or identify fraudulent activity. In anticipation of any audit or review, telemedicine companies should insist that providers maintain documentation supporting all orders and services (which may be reviewed by a regulator in the future) after all patient encounters.

Holland & Knight continues to monitor developments in this area. For questions, please contact the author.