TeleVerify Support & FAQ

TeleVerify is a telehealth compliance verification platform that checks location, licensure, compact coverage, and OIG exclusion status for every patient encounter in under 2 seconds. Each check produces a cryptographically signed compliance packet — independently verifiable proof of compliance that survives audits, insurer review, and regulatory scrutiny.

When a session starts, the patient confirms their location. TeleVerify verifies it via GPS/IP, checks the provider's license in that state, checks interstate compact coverage, screens against the OIG exclusion list, and produces a signed compliance packet — all in under 2 seconds. The check runs in the background and doesn't disrupt the clinical encounter.

A compliance packet contains:

• Patient location verification
• Provider licensure status in that state
• Interstate compact coverage determination
• OIG exclusion screening result
• Timestamp of the check
• Ed25519 digital signature proving the packet hasn't been altered since creation

TeleVerify integrates natively with five telehealth platforms: Zoom (via Marketplace sidebar app), plus Doxy.me, SimplePractice, TherapyNotes, and Jane App (via Chrome Extension). Compliance checks run automatically inside your video session — no tab switching or extra apps needed. For other platforms, compliance checks can be run through the TeleVerify web app. API integration is available for organizations wanting to embed checks into their existing workflow. Get in touch to discuss your platform.

Under 2 seconds. The check runs in the background and doesn't disrupt the clinical encounter. You receive the result instantly and can proceed with confidence — or take action if the check flags a compliance gap.

Yes. State licensing law requires that you be authorized to practice in the state where the patient is physically located at the time of the session. A patient's home address on file isn't sufficient — they could be traveling, visiting family, or working remotely from another state. Professional guidance from multiple malpractice insurers confirms this is a per-session obligation.

Skipping this check exposes you to licensing violations, malpractice claim denials, and federal fraud liability.

Interstate compacts (IMLC, PSYPACT, NLC, PT Compact, etc.) are legal agreements between states that allow providers to practice across state lines under specific conditions. Each compact has membership requirements, supervision rules, and coverage limits.

TeleVerify automatically checks whether compact coverage applies to each encounter based on the provider's memberships and the patient's verified state. See our blog post on compacts for a deep dive into how they work and where the gaps are.

The HHS Office of Inspector General maintains a list of individuals and entities excluded from federal healthcare programs (LEIE — the List of Excluded Individuals & Entities). This list includes providers who've been convicted of fraud, been terminated from Medicare/Medicaid, or violated other federal healthcare laws.

TeleVerify screens every provider against this list (8,375+ excluded NPIs, refreshed daily) as part of every compliance check. If a provider is excluded, billing federal programs for their services is prohibited — and doing so carries severe penalties.

You're notified immediately, before the session proceeds. This allows you to make an informed decision — you may choose to reschedule, refer the patient, or document the exception (e.g., emergency consultation). The determination is logged either way.

Having a NON_COMPLIANT check documented is far better than having no documentation at all. It shows you identified the issue and made a deliberate choice. Auditors and regulators view this very differently from operating without verification.

Verbal confirmation creates no independent documentation. If audited, you have only your own chart note attesting to a fact you witnessed yourself. Auditors and insurers treat self-generated documentation very differently from independently verified records with cryptographic proof of integrity.

A TeleVerify compliance packet is third-party verification with digital proof. It's the documentation standard that survives scrutiny.

Federal Civil Penalties: False Claims Act violations carry penalties of $13,946–$27,894 per occurrence (2025 inflation-adjusted figures). These penalties apply when you bill federal programs (Medicare, Medicaid, VA, etc.) for services provided to patients in states where you weren't licensed.

State Criminal Penalties: New Jersey classifies unlicensed telehealth practice as a third-degree crime, carrying 3–5 years of prison time. Other states have similar laws on the books.

Insurance Consequences: Malpractice insurers can deny coverage if the provider wasn't licensed in the patient's state. This leaves you personally liable for damages.

Enforcement Activity: The DOJ's 2025 healthcare fraud takedown charged 324 defendants in connection with $14.6 billion in alleged fraud, with telehealth schemes as a significant component. Enforcement continues to accelerate.

State-level location only. TeleVerify does not collect patient names, medical records, diagnoses, or any protected health information. Location verification resolves to a state code — no street addresses or precise coordinates are stored.

TeleVerify is designed to minimize data exposure. We collect only the minimum information needed for compliance verification (provider NPI, patient state). We do not store protected health information. A Business Associate Agreement (BAA) is available for organizations that require one. Email support@televerify.org to request a BAA.

Every compliance packet is digitally signed using Ed25519 cryptography. The signature mathematically proves two things:

1. The packet was created by TeleVerify (authentic)
2. It hasn't been altered since creation (tamper-proof)

Anyone — an insurer, auditor, or regulator — can verify the signature independently using TeleVerify's public key, without needing access to TeleVerify's systems. This is how compliance packets become third-party evidence.

No. Individual packets are cryptographically signed — any alteration breaks the signature. The audit log is hash-chained: each record is mathematically linked to the previous one via SHA-256 hashing. Altering, removing, or reordering any record breaks the chain and is instantly detectable.

This makes the entire audit trail cryptographically immutable.

Data is stored in PostgreSQL databases hosted on Railway with SSL encryption in transit. Zoom OAuth tokens are encrypted at rest using AES-256-GCM. Passwords are hashed with bcrypt. All connections use HTTPS. Regular security audits and penetration testing ensure the platform remains secure.

TeleVerify offers a free trial so you can evaluate the platform with your actual practice. For current pricing details, visit our pricing page or email support@televerify.org. Individual provider plans start at an accessible monthly rate. Organization pricing scales with provider count and includes dashboarding, real-time compliance status, and audit packet management.

Yes. You can start a free trial at app.televerify.org — no credit card required. The trial gives you full access to run compliance checks with your actual practice data.

Sign up with your NPI, verify your credentials, and you're ready to run compliance checks. The Zoom integration takes an additional OAuth connection step. For Doxy.me, SimplePractice, TherapyNotes, or Jane App, install the TeleVerify Chrome Extension — it activates automatically when you start a video session. Most providers are running their first check within 5 minutes of signing up.

Yes. Organizations get a centralized dashboard with:

• Real-time compliance status for every provider across every state
• OIG exclusion screening on every encounter
• Signed audit packets that insurers can verify independently
• Bulk operations and team management
• Audit-ready reporting and hash-chain verification

Email support@televerify.org for organization setup and pricing.

TeleVerify's public verification key is available at a public API endpoint. We provide working verification code in JavaScript, Python, and curl+openssl. You can also use the browser-based verification tool at our audit verification page. No TeleVerify account or access is needed — verification is fully independent and offline-capable.

A verified packet mathematically proves:

1. The provider's licensure status in the patient's state was checked at the time of service
2. OIG exclusion screening was performed
3. Interstate compact coverage was evaluated
4. The record was created at the claimed timestamp
5. Nothing has been altered since creation

The digital signature and hash-chain make this mathematically verifiable, not just claimed.

Yes. The hash-chained audit log allows you to verify the integrity of the entire record sequence. Each entry's hash incorporates the previous entry's hash. An integrity check walks the chain and detects any tampering, deletions, or reordering.

This cryptographic proof of audit trail integrity is a key differentiator for compliance documentation in healthcare.