Stop Waving Compliance Red Flags
By Robert A. Pelaia, Esq., CPC, CPCO
It’s foolish to ignore the signs that set off Office of Inspector (OIG) radar. Look around your work environment. If an OIG investigator walked into your office right now, what would he or she see (or not see) that shows compliance is not taken seriously in your practice?
Here are 10 telltale signs, in no particular order, to show investigators that they should take a second look at your compliance activities:
1. Patient Records are in Plain Sight: This is a big Health Insurance Portability and Accountability Act (HIPAA), red flag. It shows that you have no regards for confidentiality of patient information.
2. You Have No Compliance Contact: Your office should designate someone to be in charge of compliance activities. Whether you have an individual or group of individuals responsible for compliance, it’s important to have a “go-to” person for compliance issues.
3. Coding Books Are Outdated: Coders must keep on top of all the newest coding changes and if coders are using outdated coding books or software, that’s a compliance risk. It’s good to keep old coding books around as a historical reference; however, never code from outdated books.
4. Free Limousine Transportation Offered to Medicaid Patients: Section 1128A(a)(5) of the Social Security Act, enacted as part of HIPAA, imposes significant civil money penalties on providers who offer free gifts or services to Medicare or Medicaid beneficiaries that can influence the beneficiary to order items or services from the provider.
5. Coder “Cheat Sheets” Are Posted: It’s alright for coders to have code lists to help work more efficiently; however, an OIG investigator might have a significant problem if the “cheat sheet” only reflects high level codes. For example, if you are listing new patient evaluation and management (E/M) codes on your “cheat sheet,” make sure you list all five levels of new patient E/M codes, not just ones that pay the most money.
6. Memos Posted Instructing Coders to Change Diagnosis Codes: It’s okay to have a list of “covered” diagnoses, but it is not appropriate for the coder to change the diagnosis to one not supported in the medical record. Posted memos telling coders to use particular codes only when submitted with certain “covered” diagnoses and to change to another code if the “wrong” diagnosis is submitted is a red flag to OIG investigators.
7. Coders Get Bonuses when Revenue Increases: The government will closely scrutinize a bonus structure paid to a coder based on increases in revenue because the arrangement might be an incentive for an unscrupulous coder to “up-code.” Coding is complex enough without muddying the water with bonus structures tied to revenue. The less risky route is to base the incentive on productivity, timeliness, or accuracy, rather than revenue.
8. Dusty Compliance Manual: A compliance manual should not sit on the bookshelf, as it should be a useful and comprehensive reference tool used often and updated periodically.
9. Employee Complaints with No Follow-up: An organization that receives complaints or uncovers evidence of improper billing must demonstrate it responded appropriately to the situation, including taking necessary steps to prevent further similar offenses. If the organization’s management personnel fail to investigate employee complaints promptly, this questions the effectiveness of the program.
10. Not Employing “Certified” Coders: You can tell a lot about a health care employer by the company it keeps—it is true that you get what you pay for. Employers who hire certified coders are employers who maintain higher standards, value integrity, and understand that compliance activities are a requirement.
Disclaimer: Information published in this article is the personal views of the author and is not intended to be, nor should it be considered, legal advice. Readers should consult with an attorney to discuss specific situations in further detail.