Health Information Compliance Alert

Published on Thu Jun 06, 2013 PDF

Investigate thoroughly before turning over claims processing to a third-party biller.

Hiring a third party may appear to be a positive business move for many practitioners, but it doesn’t eliminate your responsibility to ensure that the company being hired is compliant.

When checking for compliance, make sure to ask the following questions:

• Is an active compliance program in place?
• Is there a written coding and procedures policy?
• Is there a denial review procedure?
• How is patient privacy handled?

Physicians often say, “I will have our billing company handle that, so I don’t have to worry about a lot of compliance issues.” This attitude is fraught with risk as there are just as many bad billing companies as good ones, and it is the practice’s responsibility to do the proper research.

The first step is to check the federal and state exclusion lists. The OIG’s List of Excluded Individuals/Entities (LEIE) provides information on more than 18,000 individuals and entities excluded from program participation.

Keep these tips in mind when researching a third
party biller:

• Ask for a reference list. Then, ask for more references. The best references will be on the first list; a more accurate picture will emerge from
  
• the second.
• Make sure a compliance plan is in effect and that the biller is continuously training its staff on compliance, especially on data security.
• Find out how the company handles F2F documentation, overpayment, unbundling, upcoding and double billing.
• Assess their knowledge of modifiers, Form 5010, PQRI and QAPI requirements.
• Investigate how they maintain good communication with their clients and encryption processes.
• Find out if training programs are available.
• Make sure they know the proper procedures for advance billing notices (ABNs).

It is essential to check references that are in the same specialty as your practice. Coding is very specialty-oriented, particularly regarding the use of modifiers. The major concern about a billing company is the credentials of the company’s employees, particularly those working with your practice. They should all have CPC, CCS-P or CDC certifications. A specialty-specific test is an excellent way to discover the overall knowledge of the coders.

Plan a Visit

Another way to check the professionalism and competency of the billing company is to visit the facility. Touring the office will give you quick answers, especially if your visit is unannounced and you ask to speak with the compliance officer.

During the visit, check to see whether their staff has the most recent HCPCS, CPT^®, ICD-9 and ICD-10 editions. Find out how often their coding software is updated. Ask to see a copy of their compliance manual and recent memos of their training class schedule or copies of e-mails. This will tell you how serious they are about training. Review the code-of-conduct and data security policy, which should be displayed in a high-traffic area.

HIPAA privacy is a hot issue, so it is necessary to discuss patient confidentiality. It is extremely important to know what steps are being taken to safeguard patient information. For example, they should be prudent not to leave confidential information in view. When practitioners are placed on the biller’s e-mail or memo circulation list, it becomes easier to verify security and encryption procedures. You will be able to see how active the company is in training and compliance. It also helps to solidify the relationship between the provider and the billing company.