By Robert A. Pelaia, Esq., CPC, CPCO
It’s foolish to ignore the signs that set off Office of Inspector (OIG) radar. Look around your work environment. If an OIG investigator walked into your office right now, what would he or she see (or not see) that shows compliance is not taken seriously in your practice?
Here are 10 telltale signs, in no particular order, to show investigators that they should take a second look at your compliance activities:
1. Patient Records are in Plain Sight: This is a big Health Insurance Portability and Accountability Act (HIPAA), red flag. It shows that you have no regards for confidentiality of patient information.
2. You Have No Compliance Contact: Your office should designate someone to be in charge of compliance activities. Whether you have an individual or group of individuals responsible for compliance, it’s important to have a “go-to” person for compliance issues.
3. Coding Books Are Outdated: Coders must keep on top of all the newest coding changes and if coders are using outdated coding books or software, that’s a compliance risk. It’s good to keep old coding books around as a historical reference; however, never code from outdated books.
4. Free Limousine Transportation Offered to Medicaid Patients: Section 1128A(a)(5) of the Social Security Act, enacted as part of HIPAA, imposes significant civil money penalties on providers who offer free gifts or services to Medicare or Medicaid beneficiaries that can influence the beneficiary to order items or services from the provider.
5. Coder “Cheat Sheets” Are Posted: It’s alright for coders to have code lists to help work more efficiently; however, an OIG investigator might have a significant problem if the “cheat sheet” only reflects high level codes. For example, if you are listing new patient evaluation and management (E/M) codes on your “cheat sheet,” make sure you list all five levels of new patient E/M codes, not just ones that pay the most money.
6. Memos Posted Instructing Coders to Change Diagnosis Codes: It’s okay to have a list of “covered” diagnoses, but it is not appropriate for the coder to change the diagnosis to one not supported in the medical record. Posted memos telling coders to use particular codes only when submitted with certain “covered” diagnoses and to change to another code if the “wrong” diagnosis is submitted is a red flag to OIG investigators.
7. Coders Get Bonuses when Revenue Increases: The government will closely scrutinize a bonus structure paid to a coder based on increases in revenue because the arrangement might be an incentive for an unscrupulous coder to “up-code.” Coding is complex enough without muddying the water with bonus structures tied to revenue. The less risky route is to base the incentive on productivity, timeliness, or accuracy, rather than revenue.
8. Dusty Compliance Manual: A compliance manual should not sit on the bookshelf, as it should be a useful and comprehensive reference tool used often and updated periodically.
9. Employee Complaints with No Follow-up: An organization that receives complaints or uncovers evidence of improper billing must demonstrate it responded appropriately to the situation, including taking necessary steps to prevent further similar offenses. If the organization’s management personnel fail to investigate employee complaints promptly, this questions the effectiveness of the program.
10. Not Employing “Certified” Coders: You can tell a lot about a health care employer by the company it keeps—it is true that you get what you pay for. Employers who hire certified coders are employers who maintain higher standards, value integrity, and understand that compliance activities are a requirement.
Disclaimer: Information published in this article is the personal views of the author and is not intended to be, nor should it be considered, legal advice. Readers should consult with an attorney to discuss specific situations in further detail.
April 16th, 2013
By Melody S. Irvine, CPC, CPMA, CEMC, CFPC, CPC-I, CCS-P, CMRS
As a physician auditor, I spend much of my time educating clinicians on proper documentation. This involves explaining and interpreting coding and compliance guidelines. When providing such guidance, the most common reply I hear from providers is, “I want it in writing.” An auditing compliance plan helps to satisfy this need.
Formulate a Plan
An auditing compliance plan gives providers written details of what is expected and/or permitted for documentation and billing purposes. For example, a plan may specify what terminology is permissible, which examination guidelines will be used, and the documentation required to support a type or level of service.
An effective plan also provides a map for all auditors (internal or external) to follow, and shows a practice’s “due diligence” in monitoring, education, and documentation. Finally, per the Office of Inspector General (OIG), auditing and monitoring of physician documentation is required.
Get It in Writing
The accompanying sample auditing compliance plan (pages 48-51) can aid in developing an effective plan of your own. Use this as a guide only; your auditing compliance plan should be based on your medical practice, Medicare/payer guidelines, and the recommendations of your compliance officer. I also recommended your practice’s health care attorney to review any compliance plan you put in place.
Put Your Plan into Motion
Formulating your auditing compliance plan is step one. You must also put the compliance plan into effect and ensure that it’s followed.
Auditing Compliance Plan Sample
A. Purpose of Audits
(Name of Medical Practice) promotes adherence to an Auditing Compliance Program as a major element in the performance evaluation of all Providers/Non-physician Practitioners (NPPs) documentation. Providers are bound to comply, in all official acts and duties, with all applicable laws, rules, regulations, standards of conduct, including, but not limited to laws, rules, regulations, and directives of the federal government and the state of ______________, Medicare Contractor, Fiscal Intermediary (FI), or Carrier (Name of MAC Provider) and rules policies and procedures of (Name of Medical Practice).
B. Orientation and Training
All new Physicians/NPPs will receive orientation and training in documentation and auditing policies and procedures. Failure to participate in required training may result in disciplinary actions, up to and including, termination of employment. Every Physician/NPP is asked to sign a statement certifying they have received, read, and understood the contents of the auditing compliance plan.
Every Physician/NPP will receive periodic training updates in auditing. Ongoing education will be based on regulatory changes. Attendance is mandatory for all providers.
Auditors will conduct ongoing evaluations of compliance auditing processes involving thorough monitoring. The audits will inquire into compliance with specific rules, policies, documentation and policies of Medicare FIs or Carriers. Audits should identify any patterns and trends, non-compliance, or violations.
All audits will be performed by Certified Coders with one or more of the following credentials; (CPC®, CPMA®, etc.). Auditors will be audited by external resources to monitor their accuracy and performance.
Frequency of Audits
Internal audits will consist of a minimum of 10 audits per Provider and will be conducted on a (monthly/quarterly/semi-annual/annual) basis. They will be selected on (random basis, trending reports, frequency).
Audit Error Rate
Error rates will be conducted with Provider audits and required to pass audits at a minimum of (90 percent is recommended).
Following each audit, Physicians will receive a written report, including:
- Patient name/date of service
- Provider name
- Level billed/level documentation supports
- Diagnosis codes billed/diagnosis documentation supports
- Any coding/billing discrepancies
- Medical necessity
- Auditor name
E. Non-compliant Physicians/NPPs/Auditors
When disciplinary action is warranted, it should be prompt and imposed according to written standards of disciplinary action. Continuous violations will be reported and the Medical Director will determine the appropriate actions.
F. Documentation Requirements
New vs. Established Patients
Documentation should clearly state when the patient is new to the practice. A new patient is one that has not been seen within the same group practice in three years.
These three components will be used to qualify the level of service performed. If any of the components is missing from the documentation, the services will not be billed.
- Medical decision making
Counseling/Coordination of Care/Time
- Documentation requirements:
- Time spent counseling, detailed documentation of counseling
- Coordination of care – documentation of time, detailed documentation of coordination of care provided, and conversations with other health care providers
The medical record should clearly reflect the chief complaint. The chief complaint will support the medical necessity of the services/procedures provided.
Three chronic illnesses can be used for an extended history of present illness (HPI).
HPI can be recorded by the ancillary staff or by the patient, but must be reviewed and confirmed by the provider.
Review of systems (ROS) and past medical, family, social history does not need to be re-recorded if obtained during an earlier encounter; however, documentation of no change, and that the information was reviewed, must be noted.
Documentation should clearly reflect the patient condition or circumstances that prevented the provider from obtaining any history.
Documentation of unremarkable and non-contributory are not acceptable forms of documentation.
Documentation of normal or negative is permissible, but abnormal findings must be described.
ROS must meet medical necessity of the systems reviewed.
“All others negative” (is or is not) acceptable with (your FI name).
If an element is used in the HPI, it cannot be used in the ROS.
All audits are based on 1995 or 1997 Documentation Guidelines for Evaluation and Management Services.
The extent of examination performed must meet medical necessity for the patient’s illness, condition, or injury.
Abnormal or any relevant negative findings should be documented and described. Negative, normal, unremarkable, and/or noncontributory are not acceptable forms of documentation.
Certain acronyms are not permissible. Each organ system or body area should be described in detail.
The level of examination for 1995 guidelines will be determined as:
- 1 body area or 1 body system – Problem Focused
- 2-4 body areas and/or body systems – Expanded Problem Focused
- 5-7 body areas and/or body systems – Detailed
- 8 or more body systems – Comprehensive
Medical Decision Making (MDM)
No credit is given for a diagnosis that is not applicable to that day’s visit, unless it is a secondary issue.
Diagnoses must have relevance to the treatments provided or ordered.
Attending Physician should document when interpretation was done, and the results.
If history is obtained from someone other than the patient, this information must be documented.
When old records are reviewed, document that fact, along with a summary of those records.
Discussions with other health care providers must be documented, with a summary of the conversation.
Diagnosis codes for billing services, and ordering ancillary services, must be supported in the medical record.
Include information that will be important for ICD-10.
G. Other Evaluation and Management (E/M) Coding Guidelines
Critical Care (99291-99292)
Critical care must be supported by documentation. Time spent with the patient in critical care must be documented in the medical record. If the patient is unable to participate in discussions, time spent with family members or another decision maker must be documented.
Consultation Visits (non-Medicare Patients)
Consultations must be documented as a request for an opinion from another provider. It is the Provider’s responsibility to make sure a report is written to the referring Provider. The report must be documented. The documentation must state the reason for the consultation, as well as the Provider’s opinion and recommendation.
Observation Care Codes (8-hour Rules)
Observation services that are less than 8 hours and performed on the same calendar day: Report 99218-99220 without discharge code 99217.
Observation care performed at a minimum of 8 hours, but less than 24 hours, on same calendar day: Report 99234-99236 without 99217.
Patients admitted to inpatient for less than 8 hours: Report 99221-99223 without discharge codes 99238-99239.
Prolonged Services (99354–99357)
Codes 99254-99357 must be used with other E/M codes.
Time spent with the patient must be face-to-face and documented in the medical record.
Each additional 30 minutes (minimum of 15 minutes) must be documented.
Documentation must support billed prolonged services.
Prolonged services without face-to-face services (99358-99359) are not billable.
Care Plan Oversight
Care plan oversight can be billed for patients in office/outpatient, hospital, home, nursing facility, hospice, home health agency, or domiciliary settings for non-face-to-face services.
Only one Physician can report care plan oversight per month.
Documentation must detail:
i. Patient name, date of service
ii. Detail of services performed
iii. Time spent on non-face-to-face services
iv. Physician name
Preventive Medicine (99381-99397)
Office E/M (can or cannot) be charged during a preventive visit for any abnormality that is encountered.
A separate note for the abnormality must be documented to support the visit.
Any insignificant problem or abnormality is included in preventive care.
H. Procedure/Surgery Documentation
Procedures performed without an E/M component must be documented in detail with:
Date of surgery, patient name and date of birth, surgeons, anesthesiologist and type of anesthesia used, facility where services were performed, consents obtained, preoperative diagnosis/postoperative diagnosis, indications for the procedure, IV infusions, description and details of procedure, findings, complications and how they were resolved, diagnostic reports/pathology reports, intra-operative information, postoperative condition of patient, and signatures.
I. Cloning Documentation
Cloning is “cut-and-paste” documentation resulting in the medical record being worded exactly the same or similarly to previous entries or encounters. Cloning is not acceptable.
J. Medical Necessity
Auditors will take reasonable measures to ensure that claims for services for office encounters and all procedures performed are reasonable and necessary, given the patient’s condition. All documentation must meet the medical necessity and MDM of the level charged.
K. Addendums/Late Entries
Any corrections to the medical record, such as addendums or late entries, are acceptable within (days/weeks/months). Dates of addendums/late entries must be documented.
Below are the only acceptable acronyms used for (Name of Medical Practice):
1. HTN – Hypertension
2. COPD – Chronic Obstructive Pulmonary Disease
1. HEENT in examination)
M. Handwritten Notes
Handwritten notes (i.e., hospital encounters that are handwritten) will be reviewed by two separate auditors, if illegible. If either auditor is unable to decipher handwritten information, the documentation will be considered non-billable.
Modifier use will be audited according to frequency and proper use.
O. Advanced Beneficiary Notice
of Noncoverage (ABN)
ABNs must be presented to the patient before a service/procedure is performed to notify the patient that Medicare may not cover the service. The entire form must be completed and signed by patients, but only for those services that may not be paid by Medicare.
P. Unbundling of Services
Some services are bundled into services per National Correct Coding Initiative (NCCI) edits. These services will not be unbundled per the request of a Provider unless documentation or modifiers support the medical necessity. Some items—such as pulse oximetry and electrocardiograms—are routinely bundled into office visits and not billed separately.
Q. Global Days/Surgical Packages
Services included in global days and surgical packages cannot bill be separately.
NPP professional services can be billed as incident-to with the following guidelines.
New patients are not billed as incident-to.
Established patients with new problems are not billed as incident-to.
The Supervising Physicians must be present in the office and immediately available when billing incident-to.
The record must be clear that the Physician has performed all components of the service. Documentation should include that the information was obtained by the scribe acting on behalf of the Physician, the scribe’s name, and the date. Documentation should include a statement that the information obtained by the scribe has been reviewed and verified by the Physician.
All signatures should be original or electronic and legible. Stamped signatures are not allowed. Attestation statements may be required if signature requirements are not met.
U. Teaching Physician Guidelines
Provided office services will be determined by the combine documentation from the Resident and Teaching Physician. The Resident can document his or her services in the office and the Teaching Physician must also document his or her participation of the service rendered. If documentation is incomplete or invalid, the Teaching Physician must document as if services were performed in a non-teaching setting.
Most practices have a medical director or a physician who is a “cheerleader” and supports coders, auditors, and compliance standards. This is the person you want to have help you develop and implement your plan. If you have a physician’s support, you have won half the battle. Organize an auditing compliance committee to develop the plan, and meet regularly for follow-up, amendments, and disciplinary measures with non-compliant individuals. You cannot expect your physicians to follow all rules and regulations without proper training.
Melody S. Irvine, CPC, CPMA, CEMC, CFPC, CPC-I, CCS-P, CMRS, is owner of Career Coders, LLC, a medical billing and coding school in Colorado. She served as an officer on the AAPC National Advisory Board.
April 1st, 2013
By Ida Landry, MBA, CPC
Knowing coding and billing rules, and following them with integrity, is key to success.
Compliance is an important part of medical coding. Novice coders are instructed early on that “correct coding is the No. 1 objective,” and “if it isn’t documented, it wasn’t done.” These rules of thumb are the backbone of compliant coding for all coders. To be an effective coding compliance professional, however, you must also stay current with coding and billing regulations and have a solid code of ethics.
Know How Compliance Fits into Today’s Coding and Billing
Payment is generated or denied by the guidelines, rules, and federal laws payers use to direct their part of the revenue cycle. In the past, payers acted as compliance overseers, but in recent years legislation like the Tax Relief and Health Care Act of 2006 and the Affordable Care Act of 2010 have mandated more oversight regarding documentation and coding compliance. An example of the reimbursement climate resulting from these regulations is increased scrutiny by recovery audit contractors (RACs). “From 2005 through 2008, the Medicare RACs identified and corrected over $1 billion in improper payments. The majority, or 96 percent, of the improper payments were overpayments, while the remaining 4 percent were underpayments,” according to the Federal Register, 2011, p. 57808.
A byproduct of increased oversight is the establishment of more compliance departments and restructuring in health care organizations to meet the growing need for proper coding and documentation.
Key Compliance Principles
To understand fully coding compliance and be an effective medical coding compliance professional, you must have a commitment to the core principles, rules, guidelines, and laws that embody medical compliance. This is the first objective to successfully mastering compliance elements. Another important element is adhering to a code of ethics and integrity.
These core elements can be realized through successful instruction, education, and guidance of compliant coding and documentation requirements.
Compliance Means Trust, Not Opinion
As a coding compliance professional, you should provide tangible information whenever you instruct another health care professional on appropriateness of coding or documentation. If established guidelines, specifications, and/or legislation cannot provide validation, than any guidance given is considered opinion.
Protect trust at all cost. When an opinion is given as fact and later proven to be incorrect, this is unprofessional and risky. Once trust is broken, your opinion as a coding compliance professional is no longer credible. This guidance is simple; however, there are instances in the coding community where trust is destroyed.
Trust also is abused when a compliance professional tells a coder one thing and the health care provider something different. This behavior can stem from provider pressure or a provider’s inability to comply with rules and guidelines. To prevent inconsistent information from being disseminated, present the same guidelines, rules, and regulations to all parties involved. Using information consistently also shows ethics and integrity. To maintain consistency throughout an organization, consider following a code of ethics.
Code of Ethics
AAPC has a code of ethics which addresses coding professionalism and compliance integrity. The eight components of AAPC’s Code of Ethics are:
- Maintain and enhance the dignity, status, integrity, competence, and standards of our profession.
- Respect the privacy of others and honor confidentiality.
- Strive to achieve the highest quality, effectiveness, and dignity in both the process and products of professional work.
- Advance the profession through continued professional development and education by acquiring and maintaining professional competence.
- Know and respect existing federal, state, and local laws, regulations, certifications, and licensing requirements applicable to professional work.
- Use only legal and ethical principles that reflect the profession’s core values, and report activity that is perceived to violate this Code of Ethics to the AAPC Ethics Committee.
- Accurately represent the credential(s) earned and the status of AAPC membership.
- Avoid actions and circumstances that may appear to compromise good business judgment or create a conflict between personal and professional interests.
Other places to look for a code of ethics are your compliance or coding departments. Human Resource departments also may assist you if your company has a written code of ethics.
Use Compliance Tools at Your Fingertips
You can easily find useful tools to help you attain your goals. Here is a list of some typical resources you use:
- Office of Inspector General (OIG) website – On the “Compliance Guidelines” page, there are links to “Compliance 101 and Provider Education” and “Compliance Resource Material,” as well as other useful tools.
- Coding books - CPT® codebook, CPT® Assistant, ICD-9-CM, HCPCS Level II, AHA Coding Clinic for ICD-9, AHA Coding Clinic for HCPCS, OptumInsight’s™ Uniform Billing Editor, DRG Expert, and the AAPC website
- Government coding/billing resources – Centers for Medicare & Medicaid Services (CMS) manuals; National Coverage Determinations; Medlearn Matters; the Federal Register; 1995 and 1997 Documentation Guidelines for Evaluation and Management Services; Medicare administrative contractors, Local Coverage Determinations, etc.
- Freedom of Information Act – Used to request federal agency records not publicly available.
- Federal acts - Health Insurance Portability and Accountability Act (HIPAA); Health Information Technology for Economic and Clinical Health (HITECH) Act; the Affordable Care Act; Tax Relief and Health Care Act of 2006; False Claims Act; Medicare Prescription Drug, Improvement, and Modernization Act of 2003; Stark law; anti-kickback statute, etc.
- Commercial payer resources – Look to company manuals, websites, webinars, and newsletters for guidance.
- Company compliance manuals – Your employer should be anxious to share its compliance manuals and plans with coding and billing staff.
Being a coding compliance professional is a noble profession with ethics and integrity, knowledge of documentation and coding guidelines, and trust and validation at the core of its foundation. If you think you have what it takes to be a coding compliance professional or are thinking about becoming certified, AAPC now offers the Certified Professional Compliance Officer (CPCO™) credential. Go to aapc.com for details on how to begin this exciting journey.
Ida Landry, MBA, CPC, works for CareOregon and has worked in the health care industry since 1995. She acquired CPC® certification in 2004. Ms. Landry holds a Bachelor of Science in Health Administration and a Master of Business Administration in Health Care Management. She enjoys teaching and sharing her knowledge of coding.
March 1st, 2013