Annual Self Audits Can Improve Compliance and Enhance Revenue
Regardless of the type of audit a practice is performing, the starting point for most of them is internal.
Reed Tinsley, a certified public accountant, was working with a gastroenterologist a few years ago who was coding a large number of established office visits at 99214. When Tinsley compared the physician with the national average among his peers, he was an outlier. When Tinsley had about 50 of his charts audited, he found the provider's documentation supported the high coding.
Shortly after the audit, the physician received a letter from Humana saying he was coding exorbitantly high and he needed to lower his codes. The physician responded with the results of Tinsley's audit and was able to continue coding as he had been.
For most providers, auditing seems like a burdensome, costly, and time-consuming task, serving only to prevent problems that may never arise.
“In this country, most medical practices that dominate the landscape are between 1 and 10 physicians,” said Tinsley, a past president of the National Society of Certified Healthcare Business Consultants. “And with groups of that size, they are more concerned with getting through the day-to-day stuff. An internal audit or review would be nice, but it just isn't a priority.”
But, as Tinsley's client found, not only do reviews improve the chances a group is compliant with federal regulations, but self-audits can infuse the practice with cash by unearthing revenue loss.
An array of audits
There are a host of areas where practices could be performing self-audits. They include the Occupational Safety and Health Administration (OSHA), corporate compliance, business associate agreements, HIPAA, and revenue cycle management.
“It can be for anything,” Tinsley said. “Progressive practices make auditing a priority and find the time to get it done whether they do it internally, with outside help or a combination of the two.”
Regardless of the type of audit a practice is performing, the starting point for most of them is internal. Even with outside help, recognizing there are issues in some areas is where many practices begin the process.
Tinsley, for instance, worked with an orthopedic group that received a letter from the Centers for Medicare and Medicaid Services that identified one of their surgeons as an outlier on his office visit coding. Although their practice's electronic medical record (EMR) system typically picked the appropriate code based on documentation, the system could be overridden. The system set most of his visits low and he changed it to a higher charge. That kind of thing should be picked up internally, particularly for an office like this with an office manager and chief operating officer.
“You want to know all is well from a compliance standpoint,” Tinsley said. “You don't want a third-party coming in saying something doesn't look right.”
He recounted a case of 2 young physicians who bought a practice from an older physician, who subsequently became an employee of the practice. After the purchase, they found the original doctor was billing high for exams. When audited, the billing was not supported by his charting. The physician refused to change his billing practices.
“This left the 2 young doctors with the dilemma of what to do because they had documentation saying he was committing fraud,” Tinsley said. “They ended up firing him on the advice of counsel.”
Revenue cycle audits
Auditing should be part of an annual internal financial practice assessment review, according to Tinsley. He recommends looking at a group's financial metrics (from revenue cycle management to overhead to collections, billing, and receivables) and comparing them to benchmarks. One of the simplest audits to do is coding.
Though often outsourced, it could be performed in smaller chunks within a practice. One way is to print a CPT frequency report for a particular time period and compare it to similar providers. This can be done using published statistics, typically the Medicare physician E/M management utilization, which can be found on the website of the American Academy of Professional Coders.
Many areas related to coding can spell trouble for physicians, said Lara Sarrett, coding/audit manager at Healthcare Compliance Pros. Chart reviews can show if there are outliers in areas like overutilization and medical necessity.
Groups can perform “claim scrubbing,” which verifies that all of the necessary information is in place and the data are valid. But Sarrett said scrubbing does not necessarily catch everything that may be going on in a practice. EMRs may automatically calculate a higher or lower level of coding based on its settings.
For instance, rheumatologists often see very complex patients with comorbidities. While these specialists may just document the visit, ending up with a low code, they likely have performed reviews of records, lab results, and X-rays performed from other practices. All of these unlisted details may constitute a higher level of coding, Sarrett said.
On the opposite end of that spectrum, an EMR may automatically have a default setting for a system review unless checked otherwise. Someone coming in with a cough who received over-the-counter medication may end up with a higher code than necessary.
The importance of consistency
All of these audits, regardless of whether required, should be performed annually. “If you ask offices when the last time was they looked at their OSHA compliance, there is probably an inch of dust on their manual, if they even have one,” Tinsley said.
Chart audits should be done frequently. They can be performed when a new service is offered to ensure correct coding. When a new physician joins a practice, he or she should be tracked for a while as well. Tinsley recommends these audits be performed after 30 days and then again at 90 days.
Depending on how providers rank in comparison to benchmarks, they may need training after an audit. Sarrett said those that just fall outside of the benchmarks should get some general training and, within 3 months, should be audited in space in which they are outliers. If they are slightly off their peers, they may need a one-on-one conversation and another audit in 3 months. If they are far off, she recommends pulling their charges to be reviewed by a coder before billing.
In larger organizations, a business manager, COO, and chief executive officer should know about the audits being undertaken and the results of those audits. Groups that have the resources may be able to perform much of this work in-house, but Tinsely does not necessarily recommend that.
“That kind of stuff should really be outsourced because if you are trying to audit yourself and someone comes in to question it, it's kind of like the fox guarding the henhouse,” he said.
In smaller practices, the office manager, at minimum, should be doing this as part of taking care of the practice. Outsourced audits are often charged on a per-person basis, which can be $25 to $35 per physician per month. Some organizations will come in to audit providers and may charge around $50 per chart. For a full-service annual audit in various areas, an outside consultant may charge around $5,000 “to do it right,” Tinsley said.