
RPM: A New Frontier
Remote Patient Monitoring (RPM) is reshaping healthcare by allowing providers to track patient health outside traditional clinical settings. This approach cuts down on the need for frequent in-person visits and helps clinicians intervene earlier when managing chronic or acute conditions. The rapid expansion of RPM has also resulted in increased scrutiny from regulators, with close attention being paid to providers’ compliance with proper billing and coding practices. Thus, it’s more essential now than ever before to understand the benefits and legal risks of adding RPM services to your practice.
Growth and Revenue Potential

Demand and public support for RPM services continues to climb. Market research has indicated that by 2025, more than 71 million Americans are expected to use RPM services. Globally, RPM is expected to reach a market value of $42 billion by 2028, thanks to software innovations and the growing availability of connected medical devices. For medical practices, enrolling as few as 500 patients in RPM could generate between $100,000 and $240,000 per year, as noted in a recent MedCentral report. RPM therefore poses significant opportunities for established telemedicine providers looking to offer additional services to their patients.
Regulatory Oversight and Fraud Concerns
Regulators like OIG and CMS have also taken notice of the significant demand for and revenue generating potential of RPM, noting it as a potential hotbed for fraud. An OIG report observed a tenfold rise in Medicare beneficiaries using RPM from 2019 to 2022, but also found that 43% of beneficiaries did not receive all three required components of RPM services (education/setup, device supply, and treatment management). Fraudulent activities, such as enrolling beneficiaries without medical necessity or billing for services that never took place, have also been highlighted as concerns.
This heightened scrutiny underscores the need for compliance. The OIG recently added RPM fraud oversight to its Work Plan for 2025, signaling more frequent audits and possible enforcement actions. Providers who do not meet documentation and billing requirements could face recoupments or legal penalties.
What is Remote Patient Monitoring (RPM)?
.jpg)
RPM refers to the collection of patient data through devices such as blood pressure monitors, glucose meters, and wearable sensors, offering real-time insights that inform clinical decisions. RPM is commonly seen as a subset of traditional telehealth services, which generally focus on communication—video visits, phone calls, or messaging—to deliver care remotely. Although both approaches fall under virtual healthcare, RPM deals more with continuous data collection, while telehealth is about remote interaction with a provider. When used together, these strategies can help clinicians address potential issues before they escalate.
The Legal Risks of Noncompliant RPM Billing
Because RPM devices transmit large volumes of data outside of office visits, they can introduce unique risks. For one, incomplete service delivery is a prominent concern. Research indicates that nearly half of Medicare beneficiaries using RPM do not receive all required service components. Additionally, collecting inaccurate or incomplete data is another risk, as technical problems with RPM devices or insufficient patient education on proper device usage can reduce reliability. These gaps can complicate patient care and create billing complications if the data does not meet payor documentation standards.
Key RPM CPT Codes and Their Applications
The Centers for Medicare & Medicaid Services (CMS) has established specific CPT codes for RPM services. Each code corresponds to a distinct aspect of RPM care. Common codes used for RPM services include:
- CPT Code 99453: Covers the initial setup of monitoring devices and patient education. This is a one-time billable code billed after patient enrollment. It requires at least 16 days of device usage within a 30-day period to qualify for reimbursement.
- CPT Code 99454: Reimburses for the monthly supply of devices, data collection, and transmission. Like 99453, the code cannot be billed unless the patient has at least 16 days of device usage or readings within a 30-day period.
- CPT Code 99457: Applies to the first 20 minutes of interactive remote care management provided by a physician or qualified healthcare professional each month. This code applies only where the provider has live and/or interactive virtual communication with the patient.
- CPT Code 99458: An add-on code for each additional 20 minutes of interactive care management beyond the initial 20 minutes covered by 99457.
- CPT Code 99091: Covers at least 30 minutes of physician time spent collecting and interpreting physiologic data digitally transmitted by patients. Unlike other codes, it does not require interactive communication but focuses on data analysis.
These codes allow providers to bill for various components of RPM services, from device setup to ongoing care management, ensuring comprehensive reimbursement for their efforts.
Meeting Medicare Requirements: How Providers Can Avoid Common RPM Billing Pitfalls

Medicare outlines specific guidelines for RPM billing. First, as with other forms of telehealth, patient records must document the patient’s consent (whether written or verbal) to RPM and should clearly detail the care provided, including the amount of time spent on patient management. Several types of documentation mistakes can open providers up to claim denials or audits, including incomplete documentation of time, misunderstanding code requirements (e.g., the 16-day usage rule), and missing the 20-minute threshold for codes that require interactive communication. Further, any devices used must meet the definition of a medical device as defined by the FDA.
Non-compliance with Medicare’s reimbursement requirements can have serious consequences. Notably, the Office of Inspector General has flagged insufficient documentation and improper billing as areas of concern, recommending stricter documentation practices and expanded education on RPM billing codes for healthcare providers.
Strategies for Compliance and Profitability
Providers wanting to tap into RPM’s financial potential while minimizing regulatory risks should focus on thorough documentation, staff training, and patient engagement. Having detailed records of device usage, time spent on patient interactions, and clinical decision-making build a strong defense in the event of an audit. But keeping detailed patient records is only half the battle. Training billing teams and clinicians on best practices for appropriate billing, including RPM-specific code requirements and time thresholds, helps prevent errors at the source. Finally, patient education is essential. Explaining the importance of consistent device usage, and offering patients technical support when necessary, can ensure data accuracy and prevent claims denials tied to incomplete monitoring periods.
Many practices also conduct regular internal audits. These reviews help identify coding or documentation issues before they snowball into larger compliance problems. Automated care management software can further simplify claims submission, verify that time and usage thresholds are met, and alert staff to missing or incomplete documentation.
Conclusion
RPM has the potential to improve patient outcomes and create new revenue streams, but it also requires providers to establish thorough compliance protocols tied to new and evolving regulations. As federal oversight increases, providers must ensure that their billing and coding practices align with Medicare guidelines and other payor requirements. By staying informed, documenting all services thoroughly, and fostering patient engagement, healthcare organizations can harness RPM’s benefits while mitigating legal and financial risks.
MORE ARTICLES BY CATEGORY
How DME Suppliers Can Maintain Compliance with Medicare Enrollment Requirements
If you are a Durable Medical Equipment (DME) supplier and you are fearful of being scrutinized by CMS or the National Provider Enrollment contractors for violating the onerous Medicare enrollment standards, we hope this article will help. It lays out the essential steps to maintain compliance with Medicare's enrollment requirements. We break down the complex regulations surrounding Medicare enrollment standards, covering everything from initial enrollment and accreditation to revalidation and reporting changes, and tells providers to reach out to Health Law Alliance if they are seeking advice.
Read More >>OIG Issues Advisory Opinion 25-03, A Roadmap for Compliant Telehealth Staffing Models
On June 6, 2025, the US Department of Health and Human Services’ Office of the Inspector General issued Advisory Opinion 25-03, offering key compliance guidance for telehealth arrangements involving the leasing of health care providers and other administrative services to a physician-owned professional corporation (PC). Learn more about the opinion and what it tells us about the future of telehealth regulatory compliance.
Read More >>HLA Wins Full Reversal of PBM Audit Findings for Maryland Pharmacy
Health Law Alliance achieved full reversal of final audit findings for a Maryland pharmacy—just one of numerous victories our attorneys has achieved for our clients. Learn more about the stunning reversal and how Health Law Alliance’s tenacious advocacy can help your pharmacy in PBM disputes.
Read More >>HLA Attorney Anthony Mahajan Secures Major Victory Over Cardinal as Federal Court Dismisses Lawsuit Against Independent Pharmacies
Health Law Alliance secured a major win for independent pharmacies with the dismissal of Cardinal Health’s lawsuit, exposing it as a baseless attempt to intimidate smaller providers. This outcome reinforces the firm’s commitment to protecting healthcare businesses from corporate overreach.
Read More >>