What OIG’s RPM Audit Tells Us About RTM Risks

If you’ve been watching the rise of Remote Therapeutic Monitoring (RTM), you’ve probably noticed how fast it’s gained traction—and how quickly questions about compliance have followed. But if you want a glimpse into what regulators are thinking, you don’t have to guess. The Office of Inspector General (OIG) just handed us the blueprint.

In two recent reports—issued in September 2024 and August 2025—the OIG took a hard look at Remote Patient Monitoring (RPM) billing under Medicare. And even though RTM wasn’t the primary target, the message is loud and clear: these programs are next in line for scrutiny.

Reading Between the Lines

When I first read these reports—OEI-02-23-00260 and OEI-02-23-00261—I didn’t just see RPM under the microscope. I saw a roadmap for RTM compliance risks, especially for those of us who’ve helped build, scale, or oversee RTM programs.

The OIG found that 43% of Medicare beneficiaries receiving RPM services didn’t get all three required components—device setup, data transmission, and treatment management. Nearly 12% didn’t get any treatment management at all. That’s a huge problem, especially when you remember that these services were paid for under Medicare.

And here's what makes this even more concerning: the claims data often didn’t include who ordered the service, what kind of data was being monitored, or even what device was used. From a compliance perspective, it’s a black box.

Sound familiar? If you're running RTM programs, chances are you’re using the same or similar systems to track usage, log interactions, and bill claims. The risks—unintended or not—are parallel.

Patterns that Trigger Audits

The second report dug even deeper into billing patterns. Some providers were billing multiple devices per patient per month—when only one should be billed. Others billed for monitoring services even though no one had ever seen the patient before. And many billed for supply and setup but never followed through with treatment management.

These are exactly the types of red flags that catch auditors’ attention. If a provider is billing across hundreds or thousands of patients without proper documentation, it won’t just raise eyebrows—it could lead to recoupments, audits, and even enforcement.

If this is happening in RPM, it’s just a matter of time before CMS and the OIG start asking the same questions about RTM.

What Should We Be Doing Right Now?

I’m always cautious about shouting “audit alert!” from the rooftops, but in this case, it’s warranted. RTM is on a trajectory that’s nearly identical to RPM’s, and CMS is already floating proposals to tweak data thresholds and documentation requirements. The moment to get ahead of this is now.

So what does that look like?

First, document everything—especially the parts we often take for granted: who ordered the service, when patient education occurred, what condition is being monitored, and how often treatment management happens. If your chart doesn’t tell that story clearly, neither will your claims.

Second, be aware of your own billing patterns. Do you have a spike in new RTM patients with no prior visits? Are you billing for monitoring but not for follow-up care? These are the kinds of analytics that can help you self-correct before a payor flags it.

And finally, don’t overlook your vendors. If you're relying on third-party platforms or device companies to track days of data or initiate patient communication, make sure your contracts include expectations around compliance, audit rights, and documentation access. This isn’t just an IT issue—it’s your exposure.

The Real Lesson

The real lesson from these OIG reports isn’t just about RPM or RTM or even billing. It’s about how we build sustainable, compliant programs that live up to their clinical promise. Remote monitoring—whether physiologic or therapeutic—can absolutely improve patient care. But if we lose sight of the rules in the rush to scale, we risk everything: payment, reputation, and most importantly, trust.

The OIG reports are a warning—but they’re also an opportunity. We know what’s coming. Now we can prepare.