Medicare Compliance & Reimbursement

Hint: Deciding on scope of audit cuts costs and time.

Audits allow you to keep your Medicare practice running smoothly, alerting your team to both compliance and fiscal bumps in the business. However, it’s essential that your reviews target the problem zones to make the best use of your practice resources and time.

One of the key aspects of conducting a successful audit is having the wherewithal to determine the scope of the audit, said Jaci Kipreos, CPC, CPMA, CDEO, CEMC, CRC, COC, CPCI, the president/owner of Practice Integrity LLC, in AAPC’s AUDITCON in November 2021.

Scope Helps Establish Your ‘Why’ and ‘How’

The only way to determine whether the coding of a service is appropriate is to compare it to the medical record documentation, Kipreos said. But to do this effectively, you really need to focus on the scope of the audit, because that will unlock everything else.

While the official word of the HHS Office of Inspector General (OIG) notes that internal audits are worthwhile, Kipreos cautioned that some practices just aren’t big enough to do a proper internal audit, though monitoring is always possible. She also cautioned that some practices may feel more comfortable with an external auditor.

“If you are internal and even if you have that working relationship with providers, you still need to stand by what is correct, being an auditor, and you still have to perform the audit correctly and compliantly,” she said.

Scope is important for several reasons, and you can think of it as the foundation of your audit because it sets the agenda. Some scenarios that may prompt an audit include a new provider, a new procedure, or an issue with a payer, Kipreos said.

For example: If you’re conducting an audit to figure out an issue with Medicare payments, you’ll need to know which Medicare Administrative Contractor (MAC) applies (which depends on the provider’s location), because you may need to take into account local coverage determinations (LCDs), as well as the Centers for Medicare & Medicaid Services (CMS) Claims Processing Manual.

Ask These Questions

Your scope will become a little more apparent as you answer the following questions. “What’s the goal; what do you want from this; and will it be easy to let someone else read the records? Are they going to have access to your electronic health records?” Kipreos asked.

If the auditor is internal, then they probably already have HIPAA-compliant access to medical records, but if the auditor is external, you’ll need to think about establishing them as a business associate, and then whether you’ll print the records or scan the records or otherwise provide access, she noted.

Find the Originator

Whether you’re arranging the audit or performing it, knowing who requested the service initially is helpful. “This is where you begin your listening and understanding the outcomes, so you know how to formulate a response and start to build the scope,” she said.

From an auditor’s perspective, the “who” matters, Kipreos expounded. “It’s always important to know who started this, who requested it — was it a provider who spoke to the administrator? Was it the compliance team that said, ‘it’s time?’ Was it the billing team who was seeing denials over and over and over? Where did it come from?”

Part of determining the scope means choosing which “universe” you’re exploring with the audit. If you’re auditing an internal billing system, your report may focus on certain providers, certain services within certain dates for these payers. You could instead focus on auditing a particular department or generating your audit reports per provider. “Whatever your system will allow, but you want that report to give you your total universe,” she said.

“If you’re doing reports per provider, you should look at a date of service, a patient diagnosis, a CPT^® [code]. You want everything you need, so when it comes down to selecting your sample, you have good information,” she explained.

Make sure you’re on the lookout for any internal billing policies, too. “Definitely identify any policies that are to be followed. You want to be comfortably up front with everybody,” she cautioned. She defined “everybody” as anyone who’s participating in the audit and anyone requesting the audit.

“You want to know who all your players are; you don’t want there to be any confusion. You want to know ‘this is what we have agreed is going to get done, this is what we’ve agreed is not going to get done,’” she advised. This is important information regardless of who’s conducting the audit, because the boundaries can help everyone involved feel better respected and even more accountable.

Bottom line: Getting your scope down pat helps you start writing the report before you even start the audit. “If you’re not setting good guidelines to begin with, you’re going to be tripping up along the way, and I say that from experience,” Kipreos warned. “I know these things, and I can say them with conviction because I’ve made enough mistakes.”