Don’t Be Intimidated by External Audits
Make the most of them by knowing the process, acronyms, and what you’re dealing with.
By Sarah Reed, BSE, CPC, CPC-I
An audit is an official inspection of an individual’s or organization’s accounts, typically by an independent body. In healthcare, an audit commonly evaluates:
- Coding, billing, or payment;
- Education and clinical evaluations;
- Credentialing; or
- Adherence to compliance and regulatory guidelines.
Less common, but on the rise, are audits driven by non-financial factors. For example, peer reports may spur audits from outcomes and standards. Patient satisfaction surveys and focus group findings may also raise concerns, such as when organizations evaluate and act on adverse occurrence screenings, and closely monitor critical incidents.
The Comparative Billing Report is an unofficial “audit” for the provider’s benefit. This report (generated by the Medicare administrative contractor (MAC)) compares a provider to their peers, and is primarily for a practice’s internal action and education. It’s a precursor of many government investigations and audits, and may prompt practices to complete a pre-emptive, internal investigation.
Government auditors are authorized to investigate claims submitted by any entity or provider who provides Medicare beneficiaries with procedures, services, and treatments.
Each government audit is established independently, with a different mission and scope of work. There is no standard for the number of record requests, a timeline, appeals process, or type of review, so organizations often struggle to understand the operational and financial impact of these audits.
What Prompts an Audit?
Although external audits may be totally random, they are more likely prompted by:
- Overused procedures
- Outdated codes
- Off label use of medications
- Payer contract renewal time
- Thinning the insurance panel
- Patient complaints
- Use of a new procedure or code
- Very expensive procedure
- Inconsistent coding and/or billing errors
Take Action when the Letter Arrives
If you receive an audit notice, start preparing right away. Search online to determine who is auditing you, and to learn more about the type of audit you are facing. You may want to find out if anyone else is under audit for the same reason(s). Check MAC websites to find out what kinds of audits are happening in your area. Professional organizations such as AAPC, American Academy of Family Physicians, American Medical Association, and other specialty societies are good places to look, too. Try also local groups, such as medical managers and AAPC local chapters.
One key individual should be in charge of all audits that come into the office. Designate a response team based on the kind of audit letter you receive. Each team member must ensure the practice is doing all it can to protect and review the information necessary to respond to the audit. Ideally, the response team members should represent different areas of expertise (clinical, billing, compliance, etc.), so together they have expertise in all potential aspects of an audit. Check in with your response team, regularly.
Identify the Reason for the Audit
If the auditor doesn’t tell you the reason for the audit, you may need to do some investigative work. For example:
- Pull the explanation of benefits (EOB) or remittance for the audited claim(s) and check to make sure nothing was missed or incorrectly posted, or that you didn’t write off charges or balances that could have triggered the audit. This is more common than you may think because of electronic payments.
- Print a CMS-1500 for the claim(s) and look at the claim as the payer would. This helps you to locate glaring errors, or confirm you submitted a clean claim.
- Internal audit teams often fail to review the classification and taxonomy codes of the audited providers. This may play a role in the external audit, and is always worth a look during an internal review.
- Look at the claim online to see what was sent to your clearinghouse. You may find the claim came back to you prior to submission for corrections. If so, note whether the corrections were made. You may even uncover issues with your scrubber.
- Verify that the claim was submitted in accordance with any regulations in your contract or the policy manual of the payer.
You might not always be able to find the exact cause of an audit. Sometimes, the error is as simple listing modifiers in the wrong order.
Submitting Your Items for Review
All submissions require an acknowledgement that they were received. You can use the U.S. Postal Service, UPS, or FedEx, for example. Electronic submission and fax, if secure, are also acceptable methods, but verify that the documentation was received correctly. You won’t be given points for trying. Failure to comply could mean an audit failure.
The following items may be part of the package you’ll submit when audited. The list varies based on the kind of audit.
- Letter or response to request
- Signature log
- Abbreviations commonly used in your practice
- Electronic health record for a date of service
- Registration form for a date of service
- Problem list
- Medication list
- Forms for that date reviewed by the provider that was completed by patient
- Test results reviewed such as lab, X-ray, electrocardiogram
- Phone calls that occurred on the day prior or the day of the visit
- Separate nursing notes reviewed
- Notes from other providers that were reviewed and possibly used in medical decision-making (consults, history and physical examination, daily rounding notes, etc.)
- Education logs, a document from your compliance plan, an office policy, etc.
Examples of other documents of support for your audit may include:
- CMS Internet-only Manuals
- MLN Matters® articles
- CMS Transmittals
- National Correct Coding Initiative edits
- Local coverage determinations/National coverage determinations
- Specialty society articles and supporting documents
- Payer web articles and education
- Internal policies/Procedures/Compliance plans
Know the deadline to respond, and respect that timeframe. If the letter tells you to send the information in a certain way, be sure you follow the directions. For example, RACs may say you can submit all the information on a disc.
Auditors and Auditing Organizations
|Acronym||Program Name||Acronym||Program Name|
|CERT||Comprehensive Error Rate Testing||MIP||Medicaid Integrity Program|
|DOJ||Department of Justice||OIG||Office of Inspector General|
|HEAT||Health Care Fraud Prevention and Enforcement Action Team||OMIG||State Office of Medicaid Inspector General|
|MAC||Medicare Administrative Contractor||PERM||Payment Error Rate Measurement|
|Medicaid RAC||Medicaid Recovery Audit Contractor||RAC||Medicare Recovery Audit Contractor|
|MFCU||Medicaid Fraud Control Unit||ZPIC||Zone Program Integrity Contractor|
|MIC||Medicaid Integrity Contractor|
All government audits should include the Centers for Medicare & Medicaid Services (CMS) logo on the letter of notification.
For more information on auditing organizations, read Kim Huey’s, MJ, CPC, CHC, CPCO, CCS-P, PCS, article, “Understand Auditing Entities,” on page 42-44.
Additional Tips and Conclusions
- Audits are not always high dollar charges, but could be a high volume charge.
- Joint Commission can be a part of what is driving an audit if the patient is in the hospital.
- If there is an opportunity to validate the contact information with a payer or organization, concerning who should receive audit correspondence, do it. Track what you have done.
- Provide an example of an audit letter to the person who opens the mail, and be sure they know who should get those letters.
- Be sure providers know what the letters look like in case they get one at home. It can look like trash.
- Be sure the staff knows how important it is not to discuss an audit among themselves, patients, or family.
- Be sure the providers involved understand what is happening, even if the audit is procedural in nature.
- If possible, subscribe to a list serve in your area that reports information about ongoing audits. AAPC forums are great staying up to date on what is happening in the industry.
- Don’t ever ignore an audit. If you are not sure what it is, ask. Either call the source of the letter, a support organization, or your attorney.
Remember: Not all audits are bad. Audits can generate revenue. Be vigilant on any notice you receive.
Sarah Reed, BSE, CPC, CPC-I, is senior managing consultant for Medical Revenue $olutions, LLC. She has 38 years in the healthcare industry, with the majority spent in an administrative role in both academic and private practice settings. Reed’s roles have included auditor, coder, and educator, and her favorite role has been the daily role of provider educator. She is the past president and now serves as compliance officer of the Kansas City, Mo., local chapter. In 2008 Reed was awarded the AAPC Regional Networker of the Year. She is a member of the WPS Medicare physician Advisory Board (POE-AG).
Latest posts by Guest Contributor (see all)
- Healing the Healer: How to Handle Physician Suicide - September 11, 2019
- I Am AAPC: Christiane M. Pokorny, COC, CPC - September 10, 2019
- Use 2020 ICD-10-CM Codes for More Specific Medical Data Capture - September 9, 2019