Internal Audits

Why is an internal audit plan essential for healthcare practices?

An article by the AMA “13 reasons your practice should have a medical record audit” quotes Deborah J. Grider as saying that an audit “is a preventive measure if done at least once a year.”

What does an audit prevent?

One key risk is governmental investigational auditors.

On CMS’ Recovery Audit Program webpage, it states: “CMS often receives referrals of potential improper payments from the MACs, UPICs, and Federal investigative agencies (e.g., OIG, DOJ).”

As a sample, here are the Approved Recovery Audit Topics required of all Medicare health care insurers (MAC) related to evaluation and management services.

In the 2018 AMA article Avoid these missteps to slash your medical coding audit risk, the author writes:

The OIG also warns against billing for services:

• You did not actually render.
• Were not medically necessary.
• Were performed by an improperly supervised or unqualified employee.
• Were performed by an employee who has been excluded from participation in the federal health care programs.
• That were of such low quality that they are virtually worthless.
• That were already included in the global fee, such as billing for an E/M service the day after surgery.

What about private insurers?

As of 2019, Blue Cross states: “Blue Cross follows the Centers for Medicare & Medicaid Services (CMS) 1995/1997 and CPT E/M selection guides for these services.” Most private insurers follow the policies and guidelines published by CMS and the AMA.

An internal audit plan is essential to ensure that your practice stays healthy.

There are many firms that offer compliance services. Compliance is often the topic of conferences, webinars, in-services, and articles. As a result, many practices have a compliance plan.

The operational questions are:

When was the last time you reviewed your compliance plan?

What topics in the compliance plan are not being followed?

What is the goal of your auditing efforts?

“Day-to-day operations in a medical practice involve significant amounts of clinical documentation and medical claims information. Ensuring accuracy of that information via regular audits — to ensure all processes and transactions are functioning appropriately — is an imperative for both risk mitigation and revenue cycle management.”

Veronica Bradley CPC, CPMA, Insight Article, MGMA, March 2, 2020

The Value and Purpose of Medical Coding Audits

Beyond identifying accidental or unknown “fraudulent” billing, there are other benefits to conducting an audit of your billing procedures.

Audit for education

As Veronica states and we’ve observed, encounter/chart reviews (“audits”) often provide a base for education – for providers, coders, billers, and practice managers. Proper coding for billing purposes has many potential points of failure. These “pain” points impact both compliance risk and revenue. These failure points can include: 

• Insufficient clinical or procedural documentation
• Improper use of CPT and ICD-10-CM codes
• Lack of modifiers
• Unbundling
• Missed billing opportunities

Audit to improve your reimbursements

The article also lists audit topics that impact your practice’s revenue stream.

Audit topics that impact your practice’s financial health can include:

• Inefficient payer reimbursement
• Payer rules that limit, delay, or reject your billing
• Payer downcoding
• Errors in claims scrubbing
• Trends in denials

Audit to reduce risk of payer audits

Performing your own documentation, coding, and risk audits will also provide you a view of the possible areas of risk if you were visited by a Recovery Audit Contractor (RAC) or any type of payer audit.

Resources from the OIG

For more compliance resources, here is a list from the Office of the Inspector General (OIG).

OIG Compliance Resources

If you need audit software or audit services, contact us at swiftaudit.com

We will be happy to help you with your compliance and revenue improvement needs.

Compliance Programs – Tips

Health care Compliance Program Tips from the OIG

The Seven Fundamental Elements of an Effective Compliance Program

1. Implementing written policies, procedures and standards of conduct.
2. Designating a compliance officer and compliance committee.
3. Conducting effective training and education.
4. Developing effective lines of communication.
5. Conducting internal monitoring and auditing.
6. Enforcing standards through well-publicized disciplinary guidelines.
7. Responding promptly to detected offenses and undertaking corrective action.

Five Practical Tips for Creating A Culture of Compliance

1. Make compliance plans a priority now.
2. Know your fraud and abuse risk areas.
3. Manage your financial relationships.
4. Just because your competitor is doing something doesn’t mean you can or should.
   Call 1-800-HHS-TIPS to report suspect practices.
5. When in doubt, ask for help.

Compliance Programs – Part 2

Though this keynote was presented in 2010, practices have seen these topics change how they operate over the last 10 years. With greater patient and caregiver involvement in care plans, innovation, and growth in use of technology, we will see greater demand for these key issues by all stakeholders in healthcare.

Some Questions Compliance Professionals Should Ask as They Prepare for Health Care Reform

Highlights of Keynote delivered by Daniel R. Levinson, Inspector General for HHS at the Health Care Compliance Association’s Annual Compliance Institute, April 19, 2010

• Transparency: Are you prepared to operate in a more transparent health care system?
• Quality: Are you focused on quality as a compliance issue?
• Accountability: Is your organization prepared for greater accountability?

Fast forward to 2021, have these compliance “predictions” come to pass?

Transparency: Provisions in the 21st Century Cures Act (Cures) of 2016, prohibits Information Blocking. As of April 5, 2021, healthcare providers, HIT, health information networks or exchanges (HIN or HIE) are governed by rules and regulations regarding access to patient health information.

According to the AMA, “Physicians may implicate the info blocking rule if they knowingly take actions that interfere with exchange, access, and use of EHI, even if no harm materializes. A physician organization, for instance, may
have a policy that restricts access to patient lab results for a certain amount of time. Even if patients are not
aware there is a delay between when the results are available to the physician and when they are made available
to the patient, a practice that is merely “likely” to interfere with the access, use, or exchange of EHI could be
considered info blocking.”

Quality: There are numerous articles regarding the False Claims Act recovering millions in healthcare related fraud due to “medically unnecessary services or services not rendered as billed.” The U.S. Justice Department levied millions in fines in 2020 for not reasonable or medically necessary services / tests.

Accountability: If you google “healthcare accountability,” you will see that there are many types of accountability. There is legal accountability, patient accountability, personal accountability, systems accountability, leadership accountability, and more. CMS developed a program called Accountable Care Organizations (ACOs). ACO’s are accountable to:

• voluntarily to give coordinated high-quality care to Medicare patients;
• coordinate care to ensure that patients get the right care at the right time, while avoiding unnecessary duplication of services and preventing medical errors;
• deliver high-quality care and spend health care dollars more wisely

As a compliance professional, you are part of your organization’s program to provide transparent accountable quality of care to the patients and families who count on you.

Compliance Programs

Continuing from our last post, this week we are reviewing the topics offered on the HHS OIG website in quick reads. Here are outlines of 5 documents from the OIG website.

HHS-OIG Compliance Training Materials

About OIG’s Training

OIG’s provider compliance training initiative is an outgrowth of the HHS/DOJ Health Care Fraud Prevention and Enforcement Action Team’s (“HEAT”) efforts. In Spring 2011, OIG and its government partners provided training focused on the realities of Medicare and Medicaid fraud and the importance of implementing an effective compliance program. The training focused on a  three-pronged message about provider compliance.

• Get the Facts. Understand the law and the consequences of violating it.
• Make a Plan. Cultivate a culture of compliance within your health care organization.
• Know Where To Go. Learn what to do when a compliance issue arises.

So, you might be thinking “That great. But, what should a compliance program for my organization look like?

There is a lot of information you can pull from searching, and it can be overwhelming.

Let’s look at how a compliance should operate.

The OIG provides a 2-page outline to help you develop and operate a compliance program. Here are the high-level topics the OIG recommends to “operate an effective compliance program.” For details, review the full outline at the following link.

Operating an Effective Compliance Program

• Review and Update your Policies and Procedures
• Measure your Program’s Effectiveness
• Train. Train. Train.
• Have open lines of Communication
• Conduct Internal Audits
• Enforce Policies and Procedures and Promptly Respond to Compliance Issues

Were you aware that your day-to-day efforts for coding compliance was driven in large part to  OIG’s program to fight fraud and abuse?