AAMAS Core Domain and Auditing Principles 2012

Transcription

1 AAMAS Core Domain and Auditing Principles Copyright 2012 William L. Malm, ND, CMAS & AAMAS

2 TABLE OF CONTENTS Introduction: Acknowledgements Disclaimer: Recommended Toolkit AAMAS DEFINITION (s) Other Definitions insurance Definitions: Core Domain 1 Professional Standards & Audit Behavior Participate In Goal Setting, Strategic Planning, Mission/Vision Development Activities Integrate Code/Standards of Conduct Policies and Performance of Medical Audit Activity Establish & Monitor appropriate Patient Access and Confidential Policies Establish and Participate in Enforcing Expectations and Systems of Accountability Apply principles of objectivity in performance of medical audit activity Develop and Monitor Effectiveness of Internal Control Policies Apply Principles of Independence in Performance of Medical Audit Activity Overview of Generally Accepted Auditing Standards (GAAS) Overview of Health Insurance Portability & Accountability (HIPAA) 37 Core Domain 2A Medical Audit Process and Methodology 40 2A: Medical Audit Investigate and Verify Charges Against The Medical Record 40 2A- 1 Investigate & Verify Charges Against Medical Records Inpatient 41 2A- 2 Investigate & Verify Charges Against Medical Records Outpatient Hospital 41 2A- 3 Investigate & Verify Charges Against Medical Records Physician 42 2A- 4 Investigate & Verify Charges Against Medical Records Ambulatory Centers 42 2A- 5 Investigate & Verify Charges Against Medical Records SNF/LTC/Rehab 42 Core Domain 2B: Audit Process, Workflow and Audit Findings 2B- 1 Plan & Discuss Pre- Audit Process 2B- 2 Line by Line Bill Audit 2B- 3 Validate Eligibility / Benefits 2B- 4 Apply Third Party Payment Rules 2B- 5 Review and Audit OF A UB- 04 Understanding Field Locators 2B- 6 Assign & Validate ICD- 9- CM codes ICD- 9 Guidelines 2B- 7 Assign & Validate MS- DRG code Calculating the MS- DRG 2B- 8 Assign & Validate Evaluation and Management Codes Introduction to Evaluation and Management 2 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

3 Assignment of Non- Facility (Profesional) Evaluation and Management (E&M) Codes Guidelines: Evaluation & Management Guidelines 90 Understanding Visit Levels for Facilities (Facility E & M) 93 2B- 9 Apply Official Coding Rules 96 ICD- 9 Coding Rules 96 ICD- 10 CODING OVERVIEW 98 Outpatient Procedural Coding: CPT & HCPCS Level II 100 Other Forms of Coding Guidance 100 2B- 10 Assign and Validate Revenue Codes 104 2B- 11 Audit Billing / Claims Systems for Accuracy & Timeliness 106 2B- 12 Conduct Focused and Target Audits 108 OIG Targeted Audits 109 Indian Health Targeted Audits 109 2B- 13 Write Audit Report Using Standard Format 114 2B- 14 Develop Pre- Audit Procedures and Tools 118 2B- 15 Use Statistically Generated Audit Samples 120 2B- 16 Post Audit Conference and Discussion 122 2B- 17 Conduct Exit Interview 123 2B- 18 Review / Audit Accuracy OF CMS B- 19 Assign & Validate CPT Codes 129 Overview of CPT Coding 129 CPT Sections 130 Understanding CPT 131 Add- On Codes 131 Modifier Concept 132 Time Based CPT Codes 133 Assignment of CPT codes 133 2B- 20 Assign and Validate APC Codes 134 Status Indicators 134 OPPS Addendum s 137 2B- 21 Apply Correct Coding Initiative Rules 138 Code Pair Edits: 138 Medically Unlikely Edits (MUEs): 138 Column 1 / Column 2 EDIT: 139 Mutually Exclusive Edits: 140 Utilizing Modifiers With NCCI 141 References 144 2B- 22 Assign & Validate Physician Fee Schedule 144 2B- 23 Assign & Validate HCPCS Level II Codes 147 HCPCS Level II Code Ranges 147 Steps In Assigning A HCPCS Code 150 Core Domain 2C: Other Relevant Medical Audit Responsibilities Copyright 2012 William L. Malm, ND, CMAS & AAMAS

4 2C- 1 Update / Review / Maintain the Charge Description Master (CDM) 151 CDM Basics 151 CDM & The Revenue Cycle 152 Chargemaster Maintenance 153 Year End Maintenance 153 Quarterly CDM Maintenance 158 CDM Mapping 158 Using CDM Software 159 CDM Audit Tips 160 2C- 2 Provide Clinical Interpretation / Guidance to Fellow Auditors & Staff 160 2C- 3 Recommend / Approve / Monitor the Use of External Auditors & Subcontractors 161 External Auditor Evaluation - Sample 162 2C- 4 Apply Medical Necessity Rules in Audit Activity 164 2C- 5 Apply Utilization Review Criteria & Protocols in Medical Audit Activity 165 2C- 6 Apply Coding Rules in Medical Audit Activity 166 2C- 7 Apply Regulatory and Legislative Policies in Medical Audit Activity 167 Medicare Internet Only Manuals (IOMs) 168 Medicare Paper- Based Manuals 170 2C- 8 Report identified and potential quality and risk management issues 172 2C- 9 Participate / conduct inter- rater reliability (irr) and validation exercises 172 2C- 10 Develop / update database for tracking and trending medical audit findings 174 2C- 11 Prepare / submit cost benefit and financial impact analysis reports 175 Core Domain 2D: Quality Improvement; Education & Training 177 2D- 1 , dev/update/maintain/disseminate training manuals and educational materials 177 2D- 2 Participate in education and training of staff 178 2D- 3 Develop quality assurance / improvement policies & procedures 178 2D- 4 Monitor productivity levels of staff 179 2D- 5 Recommend Process Improvement Solutions 180 Core Domain 2E: Compliance / Special Investigations 180 2E- 1 Develop Risk Assessment Surveys 180 2E- 2 Conduct Due Diligence and Compliance Audits Using Set Rules, Policies and Procedures 182 2E- 3 Prepare Audit Work Papers and Report Findings 182 2E- 4 Develop Compliance Plans 183 2E- 5 Investigate Compliance Reports and Issues 184 2E- 6 Recommend / Monitor Disciplinary and Corrective Action Plans 184 2E- 7 Collaborate / cooperate with external and regulatory auditors 185 2E- 8 Monitor / Apply OIG and General Service Administration Sanctions List 185 2E- 9 Interpret / Apply / Disseminate Laws, Accreditation, Licensure and Certification Mandates 187 Core Domain 2F: Contracts and Negotiations 188 2F- 1 Review / Write Contracts 188 2F- 2 Negotiate With External Auditors Copyright 2012 William L. Malm, ND, CMAS & AAMAS

5 2F- 3 Negotiate With Payors Core Domain 2G: Denials and Management 2G- 1 Track and Review Denied Claims 2G- 2 Write Appeal Letters 2G- 3 Participate In Denial And Appeal Discussion And Follow- Ups 2G- 4 Conduct Adjustments and Payments 2G- 5 Recommend Business Process Rules Core Domain 2H: Health Information Management (Medical Records) 2H- 1 Abstract/Collect Records for Department Indices / Databases / Registries 2H- 2 Collect Data for Internal / External Use (Quality Assurance, Utilization Management, Risk Management and Other Related Studies) 2H- 3 Perform Quantitative and Qualitative Analysis 2H- 4 Calculate and Interpret Healthcare Statistics 2H- 5 Monitor and Enforce JCAHO Standards on Health Information management 2H- 6 Evaluate Software and Coding Systems 2H- 7 Maintain Record Storage and Filing Systems 2H- 8 Monitor Credentialing Programs Core Domain 2I: Informatics and Technology 201 2I 1 , Word Processing, Spreadsheets and Databases 201 E- Mail / Word Documents 201 Worksheets and Databases 204 2I- 2 Graphics, Flow Chart and Presentation Tools 245 2I- 3 Statistical Applications 246 2I- 4 Project Management Tools 247 2I- 5 Other Commercial Billing And Auditing Systems, Homegrown Systems, Coding Systems and Anti- Fraud Software 247 Core Domain 3A: Audit Skill: Interaction / Communication Overview of Communications 3A- 1 Interaction & Communication Physicians 3A- 2 Interaction & Communication Nurses and Other Clinical Practitioners 3A- 3 Interaction & Communication Senior Management Team 3A- 4 Interaction & Communication Legal Counsel /Attorneys 3A- 5 Interaction & Communication Regulatory Auditors Core Domain 3B: Specific Knowledge Skill Set 3B- 1- A: Accounting / Finance Basic Overview 3B- 1- B: Accounting / Finance In- Depth 3B- 2: Problem Solving 3B- 3: Statistics 3B- 4: Quantitative And Qualitative Analysis Copyright 2012 William L. Malm, ND, CMAS & AAMAS

6 3B- 5: The Nursing Process 3B- 6: Clinical Judgement 3B- 7: Project Management 3B- 8: Programming and Configuration 3B- 9: Health Information Management Principles 3B- 10: Proposal Writing 3B- 11: Research 3B- 12: Negotiating Core Domain 3C: Leadership And Management 270 3C- 1: Prepare / Submit Budget 270 3C- 2: Hire / Recommend / Terminate Staff 271 3C- 3: Develop Productivity, Quality Control And Process Improvement Measures 271 3C- 4: Conduct Performance Appraisals 272 3C- 5: Develop Departmental Policies And Procedures 272 3C- 6: Develop Strategic Plans, Goals And Objectives For Unit / Dept Assigned 273 3C- 7: Participate In Internal / External Work Groups & Committees 273 3C- 8: Supervise Billers / Patient Accounting Or Claims Personnel 274 3C- 9: Supervise Coding, Medical Transcription Or Health Information Management Personnel 274 3C- 10: Supervise Nursing Or Clinical Staff 274 Core Domain 4: Medical Audit Environment, Applicable Laws and Guidance National Billing Audit Guidelines 276 AAMAS Disclaimer 276 Guidelines 276 Definitions 276 Qualifications of Auditors and Audit Coordinators 277 Notification of Audit 278 Provider Audit Coordinators 279 Conditions and Scheduling of Audits 280 Confidentiality and Authorization 280 Documentation 281 Fees and Payments Federal and State Mandated Laws 282 Title XVIII Health Insurance for the Aged and Disabled 283 TITLE XIX Grants To States for Medical Assistance Programs Code of Federal Regulations (CFR) 292 Manuals, Transmittals and Other Guidance 292 Medicaid Regulations Office of Inspector General (OIG) Compliance Guidance Generally Accepted Accounting Principles Medicare / Medicaid Policies 297 Medicare Policies 297 Medicaid Policies Copyright 2012 William L. Malm, ND, CMAS & AAMAS

7 4-6 National and local coverage determinations National Coverage Determinations National Coverage Determinations Manual Laboratory National Coverage Determinations Local Coverage Determinations Anatomy of an NCD or LCD Audit Considerations for NCD/LCD 4-7 National Committee for Quality Assurance 4-8 Health Information Portability and Accountability Act of 1996 Who Is Covered Business Associate What Is Considered Protected Information Compliance with HIPPA HIPAA and AAMAS HIPAA Summation 4-9 Medicare Integrity Program 4-10: U.S. Sentencing Guidelines 4-11 The Joint Commission (TJC) (aka) Joint Commission On The Accreditation Of Healthcare Organisations (JCAHO)) TJC Standards 4-12 Interpretative Guidelines, UM Criteria, Standards and Protocols Medicare Interpretative Guidelines Utilization Management Utilization Management Standards, Criteria and Protocols Medicaid Utilization Management Commercial and Managed Care Utilization Management tools 4-13 HEDIS And Quality Measures 4-14 Sarbanes Oxley Act 4-15 General Health Insurance Reimbursement Methodologies Medicare Reimbursement Methodologies Medicaid Reimbursement Methods Commercial & Managed Care Contracting 4-16 Employee Retirement Income Security Act (ERISA) Title I: Protection of Employee Benefit Rights Title II: Amendments to the Internal Revenue Code Relating to Retirement Plans Title III: Jurisdiction, Administration, Enforcement; Joint Pension Task Force, Etc. Title IV: Plan Termination Insurance Exhibits Audit Samples and Forms Surgical Audit Samples Anesthesia Record Operating Room (Intra- operative) Documents Post Anesthesia / Recovery Unit Documents NICU High Dollar Example Claims Copyright 2012 William L. Malm, ND, CMAS & AAMAS

8 APPENDIX A Revenue Code Tables APPENDIX B National Coverage Determinations Appendix C - National Health Care Billing Audit Guidelines AAMAS Disclaimer Guidelines Definitions Qualifications of Auditors and Audit Coordinators Notification of Audit Provider Audit Coordinators Conditions and Scheduling of Audits Confidentiality and Authorization Documentation Fees and Payments News AAMAS Appendix D: Example Payer Policy Blue Cross and Blue Shield Appendix E: References Rural Health Center for Medicare and Medicaid Services - Links Office Of Inspector General - Links U.S. Government Printing Office - Links NTIS US Department of Commerce - Links Department of Health & Human Services - Links Department of Health & Human Services - Links Center for Drug Evaluation - Links Appendix F - Type Of Bill Appendix G - NAIC Model Act What Is NAIC? The NAIC Model ACT - AAMAS Copyright 2012 William L. Malm, ND, CMAS & AAMAS

9 INTRODUCTION: This author has worked with the American Association of Medical Audit Specialists (AAMAS) to prepare a document that captures the core domain and auditing concepts as declared by AAMAS. These core domains are known as the Body of Knowledge. From this Body of Knowledge the Certification Exam was created. The examination is based on four main core curriculum domains, each domain supported by task- specific categories and sub- categories representing the scope and job responsibilities of medical auditors nationally. While this document will assist the auditor potentially with the examination it s sole intent is to accurately represent the AAMAS Core Domain to better assist the auditor and his/her clients. It is not designed as a study guide for the examination although many of its components may be relevant to the examination materials. The author and AAMAS are cooperatively presenting this material with an objective of assisting the auditor to better serve their clients and/or employer. The American Association of Medical Audit Specialists (AAMAS) is a national organisation composed of healthcare professionals from various health care reimbursement backgrounds. Professional member disciplines that are represented within AAMAS include but are not limited to hospital bill audit, compliance, healthcare internal audit, utilization review, case management, risk management, health information management, quality improvement, workmen s compensation, representatives from health plans, insurance carriers, fiscal intermediaries, government and regulatory bodies, and healthcare consulting agencies. AAMAS also provides CMAS certification and renewal. Our AAMAS partner, Craneware is the leading provider of solutions that improve financial performance for US hospital and healthcare organisations through strategic pricing, revenue cycle and supply management solutions. Founded in 1999, Craneware has established a client base of 1,000 healthcare facilities of all sizes, from critical access hospitals to integrated delivery networks. Craneware solutions support the transformation of healthcare organisations revenue integrity processes. Both of these organisations come together to introduce a course specific to auditing and compliance. In this changing healthcare environment payers and providers alike strive to achieve clean reimbursable claims. Additionally, the increased focus on governmental audits and enhanced fraud and abuse through the Affordable Care Act make this course very timely. The course curriculum will follow the AAMAS Core Domain and will be provided in several sections beginning with the basics and moving toward advanced auditing techniques. On behalf of the author, co- contributors and our organisation, we hope that you find this course helpful in your roles and substantive in information that will increase your overall efficiency and knowledge of auditing. William L. Malm, N.D., RN, Author 9 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

10 ACKNOWLEDGEMENTS The author would also like to dedicate this work to Mr Michael Lloyd, Manager Data Team at Craneware PLC. His dedication, encouragement, support and friendship during the process was invaluable. His pursuit of excellence has been a guiding vision in the development of this manual. The author would like to thank the many members of AAMAS and The AAMAS Board of Directors, without whom this manual would not have become a reality. Special consideration and thanks needs to be extended to Ms Bonnie Arp, RN, BSN, CMAS, Marilyn Balcita RN, CMAS,CPUR, CICA and Sharon Hockett JD who s contributions and guidance in the creation of this manual was invaluable. Their embodiment of the AAMAS core values and her tireless work in the creation of this document is appreciated. Additionally, the following auditors in the preparation of this document Leslie Spector, RN, BSN, CMAS Patricia Berryessa, RN, BSN, CMAS Allen Shane, BSN, RN, CMAS, CCM, CLNC, LHRM Alex Sanchez, RN, MBA, CCM, CMAS DISCLAIMER: AMA CPT/ADA CDT/ Revenue Code Copyright Statement CPT Codes, descriptions and other data only are copyright 2012 American Medical Association (or such other date of publication of CPT). All Rights Reserved. Applicable FARS/DFARS Clauses Apply. Current Dental Terminology, (CDT) (including procedure codes, nomenclature, descriptors and other data contained therein) is copyright by the American Dental Association. 2002, 2004 American Dental Association. All rights reserved. Applicable FARS/DFARS apply. All UB- 04 Revenue Codes are copyrighted by the National Uniform Billing Committee (American Hospital Association.) All Rights Reserved. RECOMMENDED TOOLKIT Outpatient Auditor: ICD- 9- CM (Vol. 1, 2, 3) (current year) CPT - 4 Codebook (current year) HCPCS Level II Manual (current year) Pharmacy Drug Book any book that gives descriptions of the pharmaceuticals Government Audit Standards (Yellow Book) can be found on- line UB- 04 Specifications Manual by NUBC Inpatient Auditor: 10 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

11 ICD- 9- CM (Vol. 1,2,3) (current year) DRG code book Documentation Improvement Manuals Access to an encoder if possible AAMAS DEFINITION (S) The following definitions are found within the AAMAS document National Healthcare Billing Audit Guidelines as Amended by AAMAS (1 May 2009). This document can be accessed at: audits- guidelines.html. Ø Audit log: An historical record kept by a payer or provider that records the audit experience related to a particular party. Ø Bill: Any document that represents a provider s request for payment. (referred to as an invoice or claim.) Ø Billing audit: A process to determine whether data in a provider s health record, and/or appropriate and referenced medical policies, documents or supports services listed on a provider s bill. Providers conduct such audits either through an internal process or by hiring an external audit firm. (These audits can be conducted on a retrospective or concurrent basis and commonly are referred to as revenue recovery audits.) Also, third party payers conduct billing audits through their employees or their agents. (Also known as chart audit or charge review.) Concurrent audit: a billing audit conducted before the issuance of an interim or final bill. Retrospective audit: a billing audit conducted after the issuance of a final bill. Ø Health record: A compilation of data supporting and describing an individual s health care encounter including data on diagnoses, treatment, and outcomes. (Formerly known as medical record or clinical record.) Ø Payers: In health care, generally refers to entities including the patient that finance or reimburse the cost of health services. In most cases, this term refers to insurance carriers, other third- party payers, or health plan sponsors (employers or unions). Ø Providers: Any healthcare provider (e.g., hospital, skilled nursing facility, home health agency, outpatient physical therapy, comprehensive outpatient rehabilitation facility, end- stage renal disease facility, hospice, physician, non- physician provider, laboratory, supplier, etc.) providing medical services. 11 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

12 Ø Unbilled charges: Services that are documented but were never billed originally Ø Undercharges: the volume of services indicated on a bill is less than the volume identified in a provider s health record documentation Ø Unsupported or undocumented charges: the volume of services indicated on a bill exceeds the total volume identified in a provider s health record documentation. (Also known as over- charges.) OTHER DEFINITIONS Ø Statistical Confidence Level: The probability (expressed in %) that the value obtained from the sample will in fact depart from the true population value by no more than the amount of the sample precision. 1 Ø Statistical Expected Error Rate In Attribute Sampling, used in calculating sample size. Auditor's estimate of the true rate of occurrence of the event (error) in the population being tested. This is the expected error rate anticipated by the auditor. 2 Ø Statistical Sample Precision Error in a statistical sample. Usually expressed as a +/- percentage in relation to the sample result. Denotes the degree to which the sample result (statistic) reflects the true population parameter (e.g., error rate). 3 INSURANCE DEFINITIONS: Excerpts from Ø Coinsurance - A form of medical cost sharing in a health insurance plan that requires an insured person to pay a stated percentage of medical expenses after the deductible amount, if any, was paid. o Once any deductible amount and coinsurance are paid, the insurer is responsible for the rest of the reimbursement for covered benefits up to allowed charges: the individual could also be responsible for any charges in excess of what the insurer determines to be usual, customary and reasonable. o Coinsurance rates may differ if services are received from an approved provider (i.e., a provider with whom the insurer has a contract or an agreement specifying payment levels and other contract requirements) or if received by providers not on the approved list. o In addition to overall coinsurance rates, rates may also differ for different types of services Copyright 2012 William L. Malm, ND, CMAS & AAMAS

13 Ø Copayment - A form of medical cost sharing in a health insurance plan that requires an insured person to pay a fixed dollar amount when a medical service is received. The insurer is responsible for the rest of the reimbursement. o There may be separate copayments for different services. o Some plans require that a deductible first be met for some specific services before copayment applies 5 Ø Deductible - A fixed dollar amount during the benefit period - usually a year - that an insured person pays before the insurer starts to make payments for covered medical services. Plans may have both per individual and family deductibles. o Some plans may have separate deductibles for specific services. For example, a plan may have a hospitalization deductible per admission. o Deductibles may differ if services are received from an approved provider or if received from providers not on the approved list. 6 Ø Health Care Plans and Systems o Indemnity plan - A type of medical plan that reimburses the patient and/or provider as expenses are incurred. o Conventional indemnity plan - An indemnity that allows the participant the choice of any provider without effect on reimbursement. These plans reimburse the patient and/or provider as expenses are incurred. o o o o o o Preferred provider organization (PPO) plan - An indemnity plan where coverage is provided to participants through a network of selected health care providers (such as hospitals and physicians). The enrollees may go outside the network, but would incur larger costs in the form of higher deductibles, higher coinsurance rates, or non- discounted charges from the providers. Exclusive provider organization (EPO) plan - A more restrictive type of preferred provider organization plan under which employees must use providers from the specified network of physicians and hospitals to receive coverage; there is no coverage for care received from a non- network provider except in an emergency situation. Health maintenance organization (HMO) - A health care system that assumes both the financial risks associated with providing comprehensive medical services (insurance and service risk) and the responsibility for health care delivery in a particular geographic area to HMO members, usually in return for a fixed, prepaid fee. Financial risk may be shared with the providers participating in the HMO. Group Model HMO - An HMO that contracts with a single multi- specialty medical group to provide care to the HMO s membership. The group practice may work exclusively with the HMO, or it may provide services to non- HMO patients as well. The HMO pays the medical group a negotiated, per capita rate, which the group distributes among its physicians, usually on a salaried basis. Staff Model HMO - A type of closed- panel HMO (where patients can receive services only through a limited number of providers) in which physicians are employees of the HMO. The physicians see patients in the HMO s own facilities. Network Model HMO - An HMO models that contracts with multiple physician groups Copyright 2012 William L. Malm, ND, CMAS & AAMAS

14 to provide services to HMO members; may involve large single and multi- specialty groups. The physician groups may provide services to both HMO and non- HMO plan participants. o Individual Practice Association (IPA) HMO- A type of health care provider organization composed of a group of independent practicing physicians who maintain their own offices and band together for the purpose of contracting their services to HMOs. An IPA may contract with and provide services to both HMO and non- HMO plan participants. o Point- of- service (POS) plan - A POS plan is an "HMO/PPO" hybrid; sometimes referred to as an "open- ended" HMO when offered by an HMO. POS plans resemble HMOs for in- network services. Services received outside of the network are usually reimbursed in a manner similar to conventional indemnity plans (e.g., provider reimbursement based on a fee schedule or usual, customary and reasonable charges). o Physician- hospital organization (PHO) - Alliances between physicians and hospitals to help providers attain market share, improve bargaining power and reduce administrative costs. These entities sell their services to managed care organizations or directly to employers. 7 Ø Managed care plans - Managed care plans generally provide comprehensive health services to their members, and offer financial incentives for patients to use the providers who belong to the plan. Examples of managed care plans include: o Health maintenance organizations (HMOs), o Preferred provider organizations (PPOs), o Exclusive provider organizations (EPOs), and o Point of service plans (POSs). 8 Ø Maximum plan dollar limit - The maximum amount payable by the insurer for covered expenses for the insured and each covered dependent while covered under the health plan. o Plans can have a yearly and/or a lifetime maximum dollar limit. o The most typical of maximums is a lifetime amount of $1 million per individual. 9 Ø Maximum out- of- pocket expense - The maximum dollar amount a group member is required to pay out of pocket during a year. Until this maximum is met, the plan and group member shares in the cost of covered expenses. After the maximum is reached, the insurance carrier pays all covered expenses, often up to a lifetime maximum. (See previous definition.) 10 Ø Premium - Agreed upon fees paid for coverage of medical benefits for a defined benefit period. Premiums can be paid by employers, unions, employees, or shared by both the insured individual and the plan sponsor. 11 Ø Self- insured plan A plan offered by employers who directly assume the major cost of health insurance for their employees. Some self- insured plans bear the entire risk. Other self- insured employers insure against large claims by purchasing stop- loss coverage. Some self- insured Copyright 2012 William L. Malm, ND, CMAS & AAMAS

15 employers contract with insurance carriers or third party administrators for claims processing and other administrative services; other self- insured plans are self- administered. Minimum Premium Plans (MPP) is included in the self- insured health plan category. All types of plans (Conventional Indemnity, PPO, EPO, HMO, POS, and PHOs) can be financed on a self- insured basis. Employers may offer both self- insured and fully insured plans to their employees. 12 Ø Stop- loss coverage A form of reinsurance for self- insured employers that limits the amount the employers will have to pay for each person s health care (individual limit) or for the total expenses of the employer (group limit). 13 Ø Third party administrator (TPA) An individual or firm hired by an employer to handle claims processing, pay providers, and manage other functions related to the operation of health insurance. The TPA is not the policyholder or the insurer. 14 Ø Usual, customary, and reasonable (UCR) charges - Conventional indemnity plans operate based on usual, customary, and reasonable (UCR) charges. UCR charges mean that the charge is the provider s usual fee for a service that does not exceed the customary fee in that geographic area, and is reasonable based on the circumstances. Instead of UCR charges, PPO plans often operate based on a negotiated (fixed) schedule of fees that recognize charges for covered services up to a negotiated fixed dollar amount Copyright 2012 William L. Malm, ND, CMAS & AAMAS

16 CORE DOMAIN 1 PROFESSIONAL STANDARDS & AUDIT BEHAVIOR 1.1 PARTICIPATE IN GOAL SETTING, STRATEGIC PLANNING, MISSION/VISION DEVELOPMENT ACTIVITIES This section should begin with the definition of an audit and auditing. Audit Process: Department of Labor: The term "audit" is used by the Federal Government to describe not only works done to examine financial operations, but also encompasses work to: review compliance with applicable laws and regulations, evaluate economy and efficiency of operations, and evaluate effectiveness in achieving program results. An audit is a look at the past performance of an entity, program, or function to determine whether funds were properly administered and whether the projects have met or fallen short of program intent and expectations. Auditing: AHIA/HCCA s definition Auditing: Auditing is a formal, systematic and disciplined approach designed to evaluate and improve the effectiveness of processes and related controls. Auditing is governed by professional standards, completed by individuals independent of the process being audited, and normally performed by individuals with one of several acknowledged certifications. Objectivity in governance reporting is the benefit of independence. Internal Auditing: The Institute of Internal Auditors (IIA) Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Quality Audit: American Society for Quality Quality audit: A systematic, independent examination and review to determine whether quality activities and related results comply with plans and whether these plans are implemented effectively and are suitable to achieve the objectives. The Medicare manuals do not define audit similar to the definitions above. However, it is clear that the process of auditing is considered their top priority in ensuring viability of the Medicare program. For example, in this website: Medicare Program Integrity Manual, Chapter 1 - Medicare Improper Payments: Measuring, Correcting, and Preventing Overpayments and Underpayments, Goal of AC and MAC MR Program it clearly states the goal of the AC and MAC MR program is to reduce payment error by preventing the initial payment of claims that do not comply with Medicare s with coverage, coding, payment, and billing policies. To achieve the goal of the MR program, ACs and MACs Identify provider noncompliance with coverage, coding, billing, and payment policies through analysis of data. (E.g., profiling of providers, services, or beneficiary utilization) and evaluation of other information (e.g., complaints, enrolment and/or cost report data). 16 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

17 The Medicaid Program Integrity Manual Chapter 10 Medicaid Integrity Audits provides a definition of three types of audits in this manual. (Click here): Focused Desk Reviews, Focused Field Audits, and Comprehensive Audits. Be reminded of the definition of Medical Audit adopted by AAMAS Medical Audit is a process that is integrated throughout the revenue cycle to meet the national healthcare compliance standards. Its scope includes but is not limited to: Case management Healthcare informatics Charge data master review Healthcare reimbursement Cost containment Special investigations Health information management Utilization management This section should begin with the definition of an audit and auditing. Wikipedia provides a concise definition, which is usable by any type of auditor or firm. The general definition of an audit is an evaluation of a person, organisation, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist in project management, quality management, and energy conservation... Due to practical constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. 16 The remainder of this instructional guidance will be focused on providing the tools, references and direction to accomplish audits that are insightful, provide valid information for business decisions and/or support on- going billing compliance. The key to all of these different audits is the there is independence and that the result provides a reasonable assurance that the final product is free from material error. This section of the guidance is dedicated to participating in goal setting, strategic planning, and mission/vision development activities. In preparing for audits the actual goal of the audit, or in other words what the deliverable, will need to be. Strategic planning and develop a vision of what the result should be is essential. Therefore, every audit should really begin with the deliverable in mind. Organise the audit to achieve the deliverable, in other words use the deliverable as the starting point and work backward. The goal should be stated in writing and the development of the audit should occur from that point. The following sets forth a vision for an audit: Recovery audit contractors have a list of approved issues for outpatient services. These auditors mirror commercial auditors for both physicians and hospitals in the area of units of service billed. RACs have specifically identified pharmacy as a risk area and have a singular approved issue for Neulasta as an example. The Main Street Hospital and Physician Services want to ensure that units of services for Copyright 2012 William L. Malm, ND, CMAS & AAMAS

18 pharmaceuticals are appropriately represented on the claim and in compliance with payer regulations. This audit will randomly look at 25 pharmacy lines from the order through the claim submission and reimbursement to ensure our professionals are ordering, charging and being reimbursed for the correct number of billing units for pharmacy items. Strategically this audit will be one of the identified potential risk areas for our facility and we will include this within our yearly audit plan(s). Medicaid Program Integrity Manual Chapter 10 Medicaid Integrity Audits (MIC) Purpose: The objectives of the MIC audits are to audit provider claims and identify overpayments by ensuring that claims are paid for items and services provided and properly documented; that items and services are billed using appropriate procedure codes; and the covered items and services are paid in accordance with Federal and State laws, regulations and policies. State of New York Office of Medicaid Inspector General Work Plan Mission Statement: Our mission is to enhance the integrity of the New York State Medicaid program by preventing and detecting fraudulent, abusive, and wasteful practices within the Medicaid program and recovering improperly expended Medicaid funds while promoting high quality patient care. Vision Statement: To be the national leader in promoting and protecting the integrity of the Medicaid program. Department of Defense Audit Goals and Objectives The primary goal of this audit is to examine the accuracy and precision of Department of Defense (DoD) medical record data coding. A second goal of the audit is to conduct a focused study evaluating the impact of providing feedback to providers on coding accuracy. From the point of the written objective one can develop the audit using coding, reimbursement, quality or whatever other standard is required. At the end of the day, the mission of an audit is to conform to your stated objectives, using accepted or nationally recognized standards or concepts. At every OIG Work Plan Report, you will find this statement below attesting to the use of the generally accepted government auditing standards. Yearly, an audit plan should be developed to engage in the process of auditing high risk or high volume activities. The planning process and development of the plan is the same whether you are a facility auditor, professional services auditor (Physician) or insurance/ payer auditor. 18 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

19 Regardless of the type of setting you are involved with, consider looking to the Office of Inspector General (OIG) for a template. Yearly the OIG publishes their audit workplan of high risk / high volume activities. For information on this workplan consult: Therefore, the overall consideration is to have a plan of action, know what you are going to audit, why you are auditing it and have clear measurable goals and outcomes for the audit. Start and the end and work forward in designing your audit practices. RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here Aligning the Internal Audit Function with Strategic Objectives è Click here Defining Auditing and Monitoring. AHIA è Click here EY: Unlocking the strategic value of Internal Audit è Click here IIA: Maximize Your Internal Audit Function è Click here Independent Review Organization: A Contract with the HHS Office of Inspector General è Click here Medicaid Program Integrity Manual Chapter 10 Medicaid Integrity Audits è Click here Medicaid Work Plan OIG Recommended Compliance Resources è Click here OIG Work Plan PWC: Building a Strategic Internal Audit Function è Click here Six Steps to an Effective Continuous Audit Process. IIA è Click here State of NY 2011 Medicaid Work Plan Cross Reference from the CMAS BOK Domain Compliance and Special Investigations 04 Medical Audit Environment 19 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

20 1.2 INTEGRATE CODE/STANDARDS OF CONDUCT POLICIES AND PERFORMANCE OF MEDICAL AUDIT ACTIVITY Medical auditors, similar to financial auditors, must utilize regulations, policies, procedures and business ethics to provide guidance. Most facilities also offer detailed job descriptions to delineate basic expectations of the position and job duties. Within the job description there are specifics such as educational requirements, clinical /coding expertise requirements and proof of prior experience with medical audits. The auditor will need to be familiar with a core component of the compliance plan, the Code of Conduct also referred to as Principles of Responsibility. This Code provides the facility s expectation for ethical behaviour and is a paramount benchmark for the audit behaviour. The auditor will need to follow all the regulatory requirements of the Federal and State payers. Additionally, the facility, provider or supplier will have contracts with private payers who will also have guidelines. Therefore, the auditor will need to review the universe of payers in the audit and abide by their regulations or guidance. For Federal payers (such as Medicare), the auditor will need an understanding of regulations such as the Social Security Act, 42 CFR, Compliance Program Guidance, Transmittals, Program Manuals and other guidance. For Medicaid, the auditor will need to be familiar with the State specific regulatory guidance provided on their websites, manuals and transmittals. Finally, with the commercial and managed care payers the auditor must follow any contractual guidance or reimbursement guidance issued by the payer. Audits and auditors follow policies and protocols in general. The following is an example of a payer and their guidance for auditing. This is from the Tameside Hospital s audit manual for clinical outcomes but the formatting can be similar for the reimbursement audit / auditor. For example, RAC, ZPIC, MAC contractors/auditors working for CMS must comply with the Compliance Program Guidance below. CMS Compliance Program Guidance for Medicare Fee- For- Service Contractors Written Polices and Procedures. Standards of Conduct The Contractor should have written standards of conduct that clearly state the Contractor s commitment to comply with all applicable statutory, regulatory and Medicare program requirements. The standards of conduct should be written in an easy to read format and distributed to all employees. All employees should be required to certify that they have read, understand, and agree to comply with the standards. The standards of conduct may be set forth in a separate Medicare- specific stand- alone document or as a supplement to a corporate code of conduct. When a healthcare entity into a Corporate Integrity Agreement (CIA) with the Office of Inspector General (OIG) of the United States Department of Health and Human Services (HHS) to promote compliance with the statutes, regulations, and written directives of Medicare, Medicaid, and all other Federal health care programs (as defined in 42 U.S.C. 1320a- 7b(f)) (Federal health care program requirements), a written CIA is developed and adhered to. This document is publicly posted in the OIG website viewed here. Medical auditors must follow established Code of Conduct in their medical audit 20 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

21 work. In one section of the CIA agreement, the rules in the Code of Conduct are clearly outlined. See example below. Read more All employees in the healthcare institution under CIA must comply with the requirements stated in the CIA. For example, employees working for this hospital must adhere to this statement. Within 90 days after the Effective Date, each Covered Person shall certify, in writing or electronically, that he or she has received, read, understood, and shall abide by SJMC's Code of Conduct. New Covered Persons shall receive the Code of Conduct and shall complete the required certification within 30 days after becoming a Covered Person or within 90 days after the Effective Date, whichever is later. SJMC shall periodically review the Code of Conduct to determine if revisions are appropriate and shall make any necessary revisions based on such review. Any revised Code of Conduct shall be distributed within 30 days after any revisions are finalized. Each Covered Person shall certify, in writing or electronically, that he or she has received, read, understood, and shall abide by the revised Code of Conduct within 30 days after the distribution of the revised Code of Conduct. Read more Audits and auditors follow policies and protocols in general. The following is an example of a manual on coding audit from the U.S. Navy. (Coding and Audit Requirements) 21 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

22 As noted above, the hospitals should have a policy statement that sets forth the requirements for the auditor. The quality of the audit is in the planning. This facility provides clearly defined scope, provides definitions and details the duties of the stakeholders. The governance, reporting of results and the on going monitoring for effectiveness complete the feedback loop. While this is an audit template from a UK facility the auditing techniques remain similar worldwide. While these policies and procedures apply to hospital and payer based auditors we must also take into account private auditors that may work from home. These auditors must also follow all Federal, State and commercial payer regulations as well as follow all HIPAA guidelines. Auditors that work from home are not to print patient data, as there is not the appropriate method of destruction available within the home office situation. While legal destruction services can be obtained it will be important for the home auditor to ensure they meet all HIPAA guidelines. 22 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

23 RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here AHIA Auditing and Monitoring Framework è Click here CMS Compliance Program Guidance For Medicare Fee- For- Service Contractors è Click here OIG Recommended Compliance Resources è Click here Cross Reference from the CMAS BOK Domain Compliance and Special Investigations 04 Medical Audit Environment 23 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

24 1.3 ESTABLISH & MONITOR APPROPRIATE PATIENT ACCESS AND CONFIDENTIAL POLICIES Patient privacy is paramount in an audit. As an auditor you are working with the most private information, the disease process, of an individual. Within the US, the Health Insurance Portability and Privacy Act (HIPAA) provide the patient with a reasonable expectation of privacy. We will discuss HIPAA in detail later in this document. However, the law ensures that the facility, provider and/or auditor must follow specific guidelines to maintain the patient s privacy. Failure to do so can result in significant fines and penalties. In addition to HIPAA, most hospitals, physicians offices, payers and other bodies maintain internal policies and procedures regarding privacy. In some cases, the patient themselves must provide written authorization to review the claim or allow the auditor to review their medical record. Therefore, the Privacy Officer is in charge of ensuring the security of patient records for the facility. As medical records move onto more of an electronic platform, the privacy officer ensures that policies regarding access to records are created. These policies ensure the most appropriate level of access within the organization and ensure that only caregivers treating the patient have access to the record. Levels of access are usually restricted by the individual s electronic sign- on. Audits of those accessing patient records can also be audited by the electronic sign- on and password of the person accessing the record. Violators may be detected with appropriate disciplinary action rendered. The audit workpapers must be saved according to IRS regulations and/or other State, Local or Federal requirements. Once all requirements have been met then all documents should be destroyed completely, such as by shredding. Auditors should insist that the shredding company provide a certification that the documents were shredded to protect privacy. Other methods of protecting patient data are through encryption of data in spreadsheet, audit findings and s. All s should contain a statement at the bottom notifying the recipient that the document may contain patient private data. Finally, in order to establish the patient privacy component, the hospital auditor must fully understand all aspects of patient access within the healthcare system. Each of these xpoints represents a potential patient type for services. For example, Ambulatory Surgery Outpatient surgery type, ED Outpatient Services, Labour and Delivery Outpatient / Inpatient and so on. Additionally, the auditor will need to have a working knowledge of all the financial classes and payer types in order to perform audit selection. For example, the audit is of financial class commercial, with payer of Blue Cross for patients in an outpatient status registered to location ED. This will give you a group selected specifically of ED subclasses for Blue Cross. By understanding the patient access system the hospital auditor will be able to create a universe population that then can be randomized for audit. In the May 2011 OIG report: Nationwide Rollup Review of the Centers for Medicare & Medicaid Services Health Insurance Portability and Accountability Act of 1996 Oversight, OIG reported the vulnerability of protected health information. 24 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

25 Our review found that the Centers for Medicare & Medicaid Services' (CMS) oversight and enforcement actions were not sufficient to ensure that covered entities, such as hospitals, effectively implemented the Health Insurance Portability and Accountability Act of 1996 Security Rule. As a result, CMS had limited assurance that controls were in place and operating as intended to protect electronic protected health information (ephi), thereby leaving ephi vulnerable to attack and compromise. Both the Social Security Act and the Security Rule require a covered entity, defined as a health plan, health care clearinghouse, or health care provider that transmits any health information in electronic form, to (1) ensure the confidentiality, integrity, and availability of the information; (2) protect against any reasonably anticipated threats or risks to the security or integrity of the information; and (3) protect against unauthorized uses or disclosures of the information. Read more RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here Developing Your Records Retention Schedule: It s Bigger than Just Health Records è click here Federal civil rights laws and the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule è click here Medical Record Administration and Healthcare Documentation è click here Nationwide Rollup Review of the Centers for Medicare & Medicaid Services Health Insurance Portability and Accountability Act of 1996 Oversight è Click here OIG Recommended Compliance Resources è Click here Cross Reference from the CMAS BOK Domain 04 Medical Audit Environment: Sarbanes Oxley 04: HIPAA 25 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

26 1.4 ESTABLISH AND PARTICIPATE IN ENFORCING EXPECTATIONS AND SYSTEMS OF ACCOUNTABILITY Auditors may be called upon to perform many different types of audits. Most common of which are the following types: (Not an inclusive listing) Compliance Audits o Fraud and Abuse Audits HIPAA Security Audits Billing Audits / Charge Capture Audits Independence audits Software / Information Systems Audits Each of these will utilize a special skill that the auditor possesses. For example, compliance audits will review the entire charge capture / billing process including reviewing the remittance advice to ensure that the facility / provider / supplier is in compliance with all Federal, State, Local and commercial payers. An example of a compliance audit would be the type set forth in the Office of Inspector General (OIG) yearly workplan. Another type of audit could be a risk area such as wound care or other identified RAC identified issue. Each facility / provider / supplier generally has a number of compliance policies. The auditor will be responsible for ensuring that personnel or practices comply with these policies. Another type of compliance audit would be to ensure that practices within the facility / provider remains at arm s length and do not violate any regulations such as Stark. The auditor will need to ensure that all parties remain independent and that there are no conflicts of interest. Alternatively, the auditor may be called upon to audit compliance with HIPAA. In the age of electronic health records (EHR) access but are restricted to those care givers actually taking care of the patient or ancillary staff, including billers, in such a way to protect the patient. The auditor may be called upon to audit the access to patient records in order to ensure compliance with HIPAA or to identify a violation of HIPAA or hospital patient privacy policies. These are just a few examples of the requirements of the auditor. The audit report should be disclosed to management in such as way as the information can be used to correct any inappropriate behaviour on the part of personnel. Many facilities, as suggested by the OIG, include compliance as a part of the manager s annual appraisal. Therefore, findings (negative or adverse) have data to provide management to allow them to make appropriate on- going decisions. The auditor is instrumental in ensuring compliance and privacy matters are effective, as stated in the OIG Hospital Compliance Guidance. This document is reviewed in detail later in the body of this manual. CMS Compliance Program Guidance for Medicare Fee- For- Service Contractors 26 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

27 RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here CMS Compliance Guidance for FFS Contractors è Click here Medicare Program Integrity Manual Chapter 3 - Verifying Potential Errors and Taking Corrective Actions è Click here Medicare Program Integrity Manual Chapter 4 - Benefit Integrity è Click here OIG Recommended Compliance Resources è Click here OIG Work Plan Cross Reference: BOK 04: Medical Audit Environment 27 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

28 1.5 APPLY PRINCIPLES OF OBJECTIVITY IN PERFORMANCE OF MEDICAL AUDIT ACTIVITY MSN Encarta online dictionary defines objectivity as the following Ability to view things objectively: the ability to perceive or describe something without being influenced by personal emotions or prejudices, Accuracy: the fact or quality of being accurate, unbiased, and independent of individual perceptions. 17 The auditor must always be objective in their approach. The auditor may only use source documentation or authority. For example, taking a billing audit for Medicare objectively would require the auditor to utilise only CMS guidance, statutes, and published information. The auditor cannot use verbal information or non- CMS guidance in the review. Only objective information can be utilised and the approach must be complete. For example both underpayments and overpayment must be identified and cannot be focused on just overpayments or vice versa. Once the claim(s) have been completed then the report must contain all positive as well as adverse findings that are material to the audit. All conclusions must be documented based on objective criteria that are referenced throughout the body of the audit. In order for the auditor to be objective, especially those who are self employed or working for an audit firm, the audit must be free independent. There must be independence between the auditor and the firm being audited. In other words, there cannot be compensation tied to audit findings/ outcomes. The auditor must be clear of any area where there is a conflict of interest. In Yellow Book (US Government Audit Manual) the following is stated regarding the requirement for independence. Failure to heed this statement will lead to improper ethical behaviour. Misusing the position of an auditor for personal gain violates an auditor s fundamental responsibilities. An auditor s credibility can be damaged by actions that could be perceived by an objective third party with knowledge of the relevant information as improperly benefiting an auditor s personal financial interests or those of an immediate or close family member; a general partner; an organization for which the auditor serves as an officer, director, trustee, or employee; or an organization with which the auditor is negotiating concerning future employment. (See paragraphs 3.07 through 3.09 for further discussion of personal impairments to independence.) 18 When auditing it is important for the auditor must realize when auditing a hospital or provider record that it is primarily there in order to promote quality care for the patient. The record is not designed to p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

29 provide a reimbursement log for the claim. Therefore, the auditor must take into account all aspects of the record in order to objectively come to any conclusion. Partial views will not lead to an objective outcome. RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here IIA: How does internal auditing maintain its independence and objectivity? è Click here OIG Guidance on IRO independence and Objectivity The Yellow Book Chapter 3: General Standards Independence, Integrity, and Objectivity American Institute of CPAs è Click here OIG Recommended Compliance Resources è Click here Cross Reference: BOK 04: Medical Audit Environment 29 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

30 1.6 DEVELOP AND MONITOR EFFECTIVENESS OF INTERNAL CONTROL POLICIES Wikipedia defines internal control as the following. As you will note these concepts are integral to successful auditing. In accounting and auditing, internal control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. [1] It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organization's payments to third parties are for valid services rendered.) Internal control procedures reduce process variation, leading to more predictable outcomes. Internal control is a key element of the Foreign Corrupt Practices Act (FCPA) of 1977 and the Sarbanes Oxley Act of 2002, which required improvements in internal control in United States public corporations. Internal controls within business entities are also referred to as operational controls. 19 The State of New York Standards for Internal Control defines internal control shown below. Read more here Copyright 2012 William L. Malm, ND, CMAS & AAMAS

31 Every facility, payer and auditor must have and prescribe to the concept of internal controls. In healthcare, physicians and nurses follow very strict control points to ensure patient safety and quality. Part of the internal control is having feedback points to ensure continued success with the care plan. Similarly, the auditor will have control points. In some cases, these are from a legal standpoint like Sarbanes- Oxley (SOX;) in other cases they are from internal control policies within the audit firm, payor or independent auditor. Other types of internal controls exist for evaluating the auditor skills and performance. One of these controls comes in the form of education. The auditor must undergo orientation and competency testing to the position to provide measurable benchmarks and milestones. These milestones must have measurable outcomes and avoid subjective evaluation points. The auditor must be evaluated frequently during their orientation and then at a minimum yearly. Other internal controls could be the Code of Conduct. This outlines the minimum acceptable behaviour for employees. Failure to meet the minimum will result in some sort of disciplinary action. Auditors and other employees have a mechanism to report concerns regarding non- compliant behaviour through hotlines which are managed by independent investigators in the compliance department. All of these are examples of necessary internal controls that the auditor may be exposed to. The auditor should familiarise themselves with these internal control policy and procedures to ensure accurate processes and outcomes are achieved. CMS Compliance Program Guidance for Medicare Fee- For- Service Contractors under Audit and Monitoring states 31 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

32 RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here California Dept. of Health: Internal Control è Click here GAO: Internal Control Management and Evaluation Tool è Click here OIG Compliance Program Guidance for Third- Party Medical Billing Companies è Click here OMB Circular A Management's Responsibility for Internal Control Click here Sample Policy on Internal Control è Click here Standards for Internal Control in New York State Government. Click here State of Washington: Chapter 20 - Internal Control and Auditing è Click here The Yellow Book Chapter 3: General Standards Understanding Internal Control AICPA. Click here Cross Reference: BOK 04: Medical Audit Environment 32 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

33 1.7 APPLY PRINCIPLES OF INDEPENDENCE IN PERFORMANCE OF MEDICAL AUDIT ACTIVITY Objectivity was discussed previously and will be pervasive throughout this document. The concept of objectivity and independence are two key elements to providing a non- biased accurate report to the interested parties. Documentation of the review process (audit map), the sampling process, the review and the findings must be performed totally objectively. Conclusions must be referenced with source authority citations or payer guidelines. If you are a payer auditor then your audits of beneficiary claims should clearly document the payer guidelines you are using to arrive at the conclusions. Like a physician / nurse document their actions and impressions in the medical record; an auditor must document their process and conclusions. One key element in the documentation is the use of supporting documentation. Any finding or decision that is made by the auditor during the audit then the reason for the decision or finding must be documented. When auditing claims or services in which Federal or State payers are involved then source authority guidance must be used. For example for Medicare only references from the Social Security Act, 42 Code of Federal Regulations (42 CFR), CMS transmittals and guidance should be cited. For Medicaid claims only State issued transmittals, law and guidance should be used. The use of proprietary information should be avoided and used only as a secondary source. Failure to do so can lead to incorrect decisions. One way to ensure that the auditor is current and providing appropriate documentation is through continuing education. Every auditor must be constantly immersed in his or her area of expertise. With the increase knowledge based articles and web- based learning, continuing education is available to most auditors. Yearly seminars, conference are a requirement of on- going education. Most auditors will work independently. Therefore, they must excel at accurate, clear and respectful communications. Audit reports must be clear and accurately portray the material nature of the findings in such a way that the recipient of the report can make appropriate management decisions. CMS Compliance Program Guidance for Medicare Fee- For- Service Contractors states: 33 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

34 The RAC Scope of Work clearly requires that RAC auditors demonstrate a level of independence in the performance of their audit work by requiring the bolded statement below. Staff Performing Complex Coverage/Coding Reviews Whenever performing complex coverage or coding reviews (i.e., reviews involving the medical record), the Recovery Auditor shall ensure that coverage/medical necessity determinations are made by RNs or therapists and that coding determinations are made by certified coders. The Recovery Auditor shall ensure that no nurse, therapist, or coder reviews claims from a provider who was their employer within the previous 12 months. Recovery Auditors shall maintain and provide documentation upon the provider s request the credentials of the individuals making the medical review determinations. This only includes a reviewer s credentials. Names and personal information are not required to be shared. RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Final Rule: Revision of the Commission's Auditor Independence Requirements è Click here IIA: How does internal auditing maintain its independence and objectivity? è Click here OIG Guidance on IRO independence and Objectivity OIG Issues Revised Guidance on CIA IRO Independence and Objectivity è Click here OIG Recommended Compliance Resources è Click here RAC Scope of Work è Click here 34 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

35 1.8 OVERVIEW OF GENERALLY ACCEPTED AUDITING STANDARDS (GAAS) Note: Additional references can be found in Core Domain AICPA Generally Accepted Accounting Standards (GAAS) is defined as a set of standards set by the American Institute of Certified Public Accountants (AICPA). These standards define the auditor s professional qualities and judgment in the performance of the audit and in the actual report. There are ten (10) standards, which cover three areas of accounting. These three areas cover. 1) General Standards a) The auditor must have adequate technical training and proficiency to perform the audit b) The auditor must maintain independence in mental attitude in all matters relating to the audit c) The auditor must exercise due professional care in the performance of the audit and the preparation of the report. 2) Standards of Field Work a) The auditor must adequately plan the work and must properly supervise any assistants b) The auditor must obtain a sufficient understanding of the entity and its environment including its internal control to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures. c) The auditor must obtain sufficient appropriate audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit. 3) Standards of Reporting a) The auditor must state in the auditor s report whether the financial statements are presented in accordance with generally accepted accounting principles b) The auditor must identify in the auditor s report those circumstances in which such principles have not been consistently observed in the current period in relation to the preceding period. c) When the auditor determines that informative disclosures are not reasonably adequate, the auditor must so state in the auditor s report. d) The auditor must either express an opinion regarding the financial statements, taken as a whole, or state that in an opinion cannot be expressed, in the auditor s report. When the auditor cannot express an overall opinion, the auditor should state the reasons therefore in the auditor s report. In all cases where an auditor s name is associated with financial statements, the auditor should clearly indicate the character of the auditor s work, if any, and the degree of responsibility the auditor is taking, in the auditor s report. 20 Further information can be found through the AICPA at: PDF 20 American Institute of Certified Public Accounts, AU Copyright 2012 William L. Malm, ND, CMAS & AAMAS

36 RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: Visit the AAMAS On Demand Regulatory Updates put link here AICPA The Yellow Book Chapter 3: General Standards OIG Recommended Compliance Resources è Click here Cross Reference: BOK 04: AICPA Standards 36 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

37 1.9 OVERVIEW OF HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY (HIPAA) Note: Additional HIPAA Information can be located in Core Domain HIPAA is the 1996 Health Insurance Portability and Accountability Act defined within 45 CFR The rule can be found in a condensed format at: HHS states, the HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes. The law establishes standards and requirements for electronic transmission of health care information as well as requiring organisations covered entities exchanging health care information to follow national guidelines. These rules have been detailed as federal transaction and code set rules. These rules are: Requiring use of standard electronic transactions and data for certain administrative functions Standardizing the medical codes that providers use to report services to insurers Creating specific identification number for employers (Standard Unique Employer Identifier (EIN) and for providers (National Provider Identifier (NPI). Covered entities could be a health plan, clearinghouse or a provider and these entities must follow these regulations when dealing with a healthcare transaction. HIPAA affects Anyone using health care or health insurance Health insurers Doctors Hospitals Employers providing health insurance Life insurers Public health Agencies Information systems vendors Health service organisations Billing agencies 21 There are five titles to the HIPAA regulations. Highmark, Inc., a CMS contractor, details these as: 21 HIPAA Overview, Highmark, Inc. 2011; 37 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

38 1. Title I Health care access, portability and renewability, requires employers and health plans to allow a new employee s medical insurance coverage to remain continuous without regard to pre- existing conditions. 2. Title II has three components, which define new requirements for privacy and security of individually identifiable patient information. a. Preventing health care fraud and abuse b. Administrative simplification i. Known as Subtitle F reduces the administrative component of health care costs through the implementation of electronic data interchange (EDI) standards primarily by utilizing ASC X12 N transaction formats c. Medical liability reform. 3. Title III Tax- related health provisions which standardizes the amount you can save per person in a pre- tax medical savings account 4. Title IV Application and enforcement of group health plan requirements. Broadened information on insurance reform provisions and provides detailed explanations. 5. Title V Revenue offsets has regulations on how employees can deduct company- owned life insurance premiums for income tax purposes. From an auditor standpoint this regulation is paramount. Patient identifying data must be kept confidential and all rules applying to HIPAA must be followed. Additionally, it will be important to continue to follow the HIPAA 5010 transaction set updates and implementation. This will allow for the progression to ICD- 10. It is essential that the auditor understands and be fluent in this regulation to ensure that the audit remains compliant. Other sources of information on HIPAA can be found at: assn.org/ama1/pub/upload/mm/399/hipaa timeline.pdf 38 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

39 RESOURCE GUIDE AND CROSS REFERENCE Resource Guide: AHA- HIPAA AMA fact Sheet on HIPAA CMS HIPAA General Information HHS Privacy Website HIMSS - HIPAA HIPAA and ICD- 10 Implementation HIPAA.ORG Journal of AHIMA - May 2009 OIG HIPAA Audit Report è click here OIG Recommended Compliance Resources è Click here Cross Reference: BOK 04: HIPAA 39 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

40 CORE DOMAIN 2A MEDICAL AUDIT PROCESS AND METHODOLOGY 2A: MEDICAL AUDIT INVESTIGATE AND VERIFY CHARGES AGAINST THE MEDICAL RECORD The definition of investigate is: to examine, study, or inquire into systematically; search or examine into the particulars of; examine in detail. The definition of verify is: to prove the truth of, as by evidence or testimony; confirm; substantiate. So conducting an audit is to examine that the services provided are appropriate and documented in such a way that it supports the charges being billed. By reviewing the charges against the medical records, you are confirming the correctness or the truth of the hospital bill. Verification of charges will include the investigation of whether or not: Services were delivered by the institution in compliance with the Physician s plan of treatment (in appropriate situations, professional staff may provide supplies or follow procedures that are in accordance with established institutional policies, procedures include items that are specifically documented in a record but are referenced in medical or clinical policies. All such policies should be reviewed, approved, and documented as required by the Joint Commission Accreditation of Healthcare Organizations or other accreditation agencies. Policies should be available for review to the auditor.) Services are documented in health or other appropriate records as having been rendered to the patient Charges are reported on the bill accurately The health record documents clinical data on diagnoses, treatments and outcomes. It was not designed to be a billing document. A patient health record generally documents pertinent information related to care. The health record may not back up each individual charge on the patient bill. Other signed documentation for services provided to the patient may exist within the provider s ancillary departments in the form of department treatment logs, daily charges records, individual service/order tickets, and other documents. Auditors may have to review a number of other documents to determine valid charges. Auditors must recognize that these sources of information are accepted as reasonable evidence that the services ordered by the physician were actually provided to the patient. Providers must ensure that proper policies and procedures exist to specify what documentation and authorization must be in the health record and in the ancillary records and/or logs. These procedures document that services have been properly ordered for and delivered to patients. When sources other than the health record are providing 40 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

41 such documentation, the provider should make those sources available to the auditor. (National Health Care Billing guidelines). 22 2A- 1 INVESTIGATE & VERIFY CHARGES AGAINST MEDICAL RECORDS INPATIENT Review of medical records for inpatient would include the admission summary sheet, discharge summary, progress notes, orders, labs, radiology, procedure and OR notes, nurse s notes and medication record. 1. Prospective clinical audits allow for accurate real time accrual of data, which reflects, current rather than historical practice. This audit is being done while the patient is still in house and therefore has the advantage of immediate access and more immediate results and opportunity for education. 2. Retrospective audits are post service and can be of most use when historical data is needed. 3. DRG audits determine the appropriateness of DRG assignment 4. Medical Necessity reviews the appropriateness of treatment, including level of care, for example, was ICU indicated based on the medical record or could the patient have been moved to med/surg or a lower level of care and therefore a lower room charge. 5. Line by line audits focus on duplicate charges, bundling/unbundling, drug and supply charges, 6. Full chart reviews is an extensive review of the medical record to verify that the medical record supports each billed item. 2A- 2 INVESTIGATE & VERIFY CHARGES AGAINST MEDICAL RECORDS OUTPATIENT HOSPITAL Similar to inpatient status reviews, the following audits can be appropriate for the outpatient setting. In this setting the focus for codes would be on CPT s and HCPCS, along with the diagnosis code. 1. Prospective clinical audits allow for accurate real time accrual of data, which reflects, current rather than historical practice. This audit is being done while the patient is still in house and therefore has the advantage of immediate access and more immediate results and opportunity for education. 2. Retrospective audits are post service and can be of most use when historical data is needed. 3. Medical Necessity reviews the appropriateness of treatment, including level of care, for example, was 16 hours of observation supported by the documentation or could discharge have occurred sooner; OR did this person meet the criteria to be admitted to the hospital and wasn t. 4. Line by line audits focus on duplicate charges, bundling/unbundling, drug and supply charges, CCI edits 22 This section provided by Patricia Berryessa RN 41 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

42 5. Full chart reviews is an extensive review of the medical record to verify that the medical record supports each billed item. 2A- 3 INVESTIGATE & VERIFY CHARGES AGAINST MEDICAL RECORDS PHYSICIAN The chart notes that a physician keeps should be organized, legible and signed. There should be a history and physical and a medication list available. Audits can focus on the: Medical necessity of the treatment documented Compliance with CPT guidelines, bundling/unbundling, drug and supply charges, UC & R (usual, customary and reasonable) Updated super bill (i.e.. not last year s CPT codes) and fee schedule review 2A- 4 INVESTIGATE & VERIFY CHARGES AGAINST MEDICAL RECORDS AMBULATORY CENTERS As with inpatient, the following audits can be appropriate for the outpatient setting. In this setting the focus for codes would be on CPTS and HCPCS, along with the diagnosis code. 1. Prospective clinical audits allow for accurate real time accrual of data which reflects current rather than historical practice. This audit is being done while the patient is still in house and therefore has the advantage of immediate access and more immediate results and opportunity for education. 2. Retrospective audits are post service and can be of most use when historical data is needed. 3. Medical Necessity reviews the appropriateness of treatment, for example, prior to a knee arthroscopy, had the patient exhausted conservative treatment option? 4. Line by line audits focus on duplicate charges, bundling/unbundling, drug and supply charges, and CCI edits. 5. Full chart reviews is an extensive review of the medical record to verify that the medical record supports each billed item. 2A- 5 INVESTIGATE & VERIFY CHARGES AGAINST MEDICAL RECORDS SNF/LTC/REHAB Similar to other types of audits, the SNF/LTC/Rehab audit will consist of a matching of services documented to the claim. The difference is that the services are represented more by revenue codes and RUG scores. Services are also differentiated by the level of services provided and the beneficiary s coverage or provider contract. The review will compare the claim as submitted by the provider / supplier (SNF, LTC, Rehab) against the patient medical record and the contract. In this arena, one will review by revenue codes as services roll on the claim. Based on severity and intensity of service the services result in a RUG (Resource 42 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

43 Utilization Group) score. The auditor will need review the medical record to determine if the RUG score is consistent with the documentation. This type of auditing will require an expert in the SNF consolidated billing requirements. SNF /LTC/Rehab billings have been determined to have a high amount of overpayments and therefore a target per the OIG. In recent years, the Office of Inspector General (OIG) has identified a number of problems with SNF billing for Medicare Part A payments. Notably, an OIG report found that 26 percent of claims submitted by SNFs were not supported by the medical record, representing over $500 million in potential overpayments. Further, the Medicare Payment Advisory Commission has raised concerns about SNFs improperly billing for therapy to obtain additional Medicare payments. Medicare pays SNFs under a prospective payment system. Under this system, SNFs classify each beneficiary into a group based on his or her care and resource needs. These groups are called resource utilization groups (RUGs), and each RUG has a different Medicare per diem payment rate. Medicare classifies RUGs into eight distinct categories. Two of the categories are for beneficiaries who need therapy. The remaining six categories are for beneficiaries who require very little or no therapy. Medicare payment rates are generally higher for therapy RUGs than for non- therapy RUGs. In addition, Medicare generally pays more for higher levels of therapy. The SNF categorizes the beneficiary into one of five therapy levels, based primarily on the number of minutes of therapy provided. The beneficiaries who require the highest level of therapy are categorized into ultra high therapy RUGs, which generally have the highest per diem rates. RUGs are further divided by the amount of assistance a beneficiary needs with certain activities of daily living (ADL), such as eating. If a beneficiary needs high levels of assistance, he or she is categorized into a RUG with high ADL scores, whereas a beneficiary who needs less assistance is categorized into a RUG with low or medium ADL scores. Medicare pays higher rates for RUGs with high ADL scores than for RUGs with lower ADL scores. 23 Therefore, as stated earlier the comparison of the RUG scores to the medical necessity and the documentation in the medical record would be essential to ensure that the claim is representative of the services rendered. CORE DOMAIN 2B: AUDIT PROCESS, WORKFLOW AND AUDIT FINDINGS 2B- 1 PLAN & DISCUSS PRE- AUDIT PROCESS The audit process requires that planning be performed. Selection of the audit universe, the required auditor expertise, the stated concern or objective and what the deliverable should be. This process 23 Summary- SNF- Billing- Report pdf 43 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

44 defines the overall audit process. According to the National Health Care Billing Audit Guidelines (1 May 2009), the initial step is defining the audit and selection of the auditor. This is found in Section III. - Qualifications of Auditors and Audit Coordinators. Qualifications: All persons performing billing audits as well as persons functioning as provider audit coordinators should have appropriate knowledge, experience, and/or expertise in a number of areas of health care including but not limited to: Format and content of the health record as well as other forms of medical/clinical documentation Generally accepted auditing standards and practices as they may apply to billing audits Coding, including applicable ICD- CM, CPT, HCPCS, and medical terminology Applicable billing claims forms, including the UB- 04, and the CMS 1500; plus charging and billing procedures All state and federal regulations concerning the use, disclosure, and confidentiality of all patient records, including the HIPAA Specific critical care units, specialty areas, and/or ancillary units involved in a particular audit 24 Duties of an Audit Coordinator: If the audit is being conducted within a facility the audit should have an audit coordinator to plan and implement all aspects of the audit. Duties of an audit coordinator include, but are not limited to, the following areas: Scheduling an audit Advising other provider personnel/departments of a pending audit Ensuring that an informed consent for the release of health information has been obtained, if applicable Verifying that the auditor is an authorized representative of the payer/audit agency Gathering the necessary documents for the audit Coordinating auditor requests for information, space in which to conduct an audit, and access to records and provider personnel, as necessary Orienting auditors to internal hospital audit procedures, record documentation conventions, and billing practices 24 National Health Care Billing Audit Guidelines; 1 May Copyright 2012 William L. Malm, ND, CMAS & AAMAS

45 Acting as a liaison between the auditor and other hospital personnel to provide department interviews when requested Conducting an exit interview with the auditor to answer questions and review audit findings Reviewing the auditor s final written report and following up on any charges still in dispute arranging for payment adjustments or bill refunds. 25 Once the audit specifications, qualifications of the auditor and scheduling are performed then the audit can begin. Scheduling is the sole responsibility of the audit team and the payer should one be involved. If this is a payer audit they should be encouraged to work with the provider / supplier to ensure that the provider/supplier has staff, documents and resources available to assist with the audit. Nationally, it is customary to provide a 30- day notification of the audit by a payer to allow the provider/supplier time to gather the documents. Be aware that the medical record is not created for the purpose of auditing or reimbursement but a living document providing essential elements to quality healthcare. As such, there may be some scheduling issues that could occur if the record in question is currently being used to treat the patient. Scheduling of the Audit: For hospital or provider clients performing internal reviews the auditor should request the medical records, ancillary testing results and any other documents required including the pre- bill chargemaster printout (itemized claim) and the UB- 04 if already submitted. The auditor should arrange a time to meet with the appropriate management to provide an exit interview. Should the audit be between a payers and the facility or provider the National Healthcare Billing Guidelines provides guidance in the following statements. In order to have a fair, efficient, and effective audit process, provider and payer auditors should adhere to the following practices: All parties should agree to recognize, record and disclose any identified unsupported or unbilled charges discovered by the audit parties. The scheduling of an audit should not preclude late billing. An exit conference and a written report should be part of each audit. If either party waives the exit conference, the auditor should note that action in the written report. The specific content of the final report should be restricted to those parties involved in the audit. The parties involved in the audit should agree to set and adhere to a timeframe for the resolution of any discrepancies, questions, or errors that surface during and as a result of the audit. 25 National Health Care Billing Audit Guidelines; 1 May Copyright 2012 William L. Malm, ND, CMAS & AAMAS

46 If the provider does not contest the preliminary audit findings within 60 days of the audit, these findings shall be considered final. Once an agreement has been reached as to the audit findings and the documentation finalized, the audit process is considered final and closed. All personnel involved should maintain a professional courteous manner and make reasonable efforts to resolve all misunderstandings amicably. At times, the audit may identify on- going problems with either the billing or documentation process. If chronic issues cannot be resolved through the audit process, management of the provider or payer organization should be contacted to facilitate corrective action. 26 While the particulars may be altered by type of audit the basic to pre- planning remain the same. Appoint qualified auditors who remain independent and portray professional ethics in the performance of their roles. The actual audit cannot result in any form of financial remuneration that could be considered improper. 2B- 2 LINE BY LINE BILL AUDIT Conducting a line- by- line audit is the core of auditing processes. In order to perform the audit pre- planning must be achieved. For instance is this a singular claim or a series of claims. What is the universe of claims being reviewed? Will randomization of the claim universe be required? Who will be the final recipient of the report? All of these questions must be answered and solidified into the audit plan prior to beginning the audit. Once the pre- planning phase is completed you can begin the line- by- line review of the claim. You will require certain tools in order to perform this audit. These tools can be of a manual nature (books, articles) or software. In most cases you will require an audit database in which you will record your results. Below is an example of the database in which the findings should be recorded. A key is below: Reason Code Description of Reason - Account Totals Totals 1 Charge not supported in documentation 0 2 Diagnosis on UB does not match HIM diagnosis 0 3 Duplicate charge 0 4 Equipment 0 26 National Healthcare Billing Audit Guidelines; 1 May Copyright 2012 William L. Malm, ND, CMAS & AAMAS

47 5 HCPCS/CPT and/or Rev Code is incorrect 0 6 Medical necessity requirements not met 0 7 No Physician Order 0 8 Not a separately billable supply 0 9 Test/Procedure results not documented 0 10 Time charges do not match 0 11 Wrong date of service 0 12 Non- Covered Service 0 13 Lost Charge 0 A sample database is offered as an example of a type of recording mechanism. It can also be utilized as a preliminary report. The line- by- line audit can begin once the following data has been assembled: 1. Complete Medical Record a. Orders b. Physician / Nursing Documentation c. Lab / Radiology results d. Operative reports e. Charge slips f. Any other documentation 47 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

48 2. CPT / HCPCS coding manuals or software 3. Computer or manual database for recording 4. Copies of the pre- bill / itemized claim 5. Copy of the UB- 04 (generally only with retrospective audits) 6. Copies of remittance advise (only if retrospective audit) Step One: To begin the validation audit the patient s demographic information must be reviewed and tested against source documents. Eligibility will need to be reviewed and tested for accuracy. Once the primary review is performed the auditor can actually move to review each of the services rendered to ensure they were charged correctly and supported within the medical record. Compare the orders for services against the medical record. Ensure that there is an order for the service represented on the claim. Concurrently the order should be reviewed to see if medical necessity was established through the diagnosis codes. If Medicare and failure of medical necessity occurred was an ABN obtained. Once the order has been compared to the service rendered and documentation supports the test then no error has occurred. If however, an order was not found, an incomplete order was found or medical necessity requirements were not met then no further review of this line need occur. At this point the line would be considered an overcharge and potentially an overpayment if reimbursed. Step Two: If medical necessity is completed then move on to the coding of the service, test, procedure, pharmaceutical or supply. Compare the medical record documentation to the CPT / HCPCS code for the procedure if outpatient or to the chargemaster line if an inpatient service. Note that the lines will roll up to a single revenue code on the UB- 04 for inpatient services. In either case ensure that the service provided was documented in the medical record and the appropriate code is present if an outpatient or the chargemaster line is correct if inpatient. For example the documentation in the medical record reflects that 6 mg of adenosine IV was administered by IV injection. The line being reviewed has J0150 and a unit of 1. The HCPCS code is supported by the documentation. Therefore the revenue code must be reviewed for the line to complete step 2. In this case the revenue code was 0636, which was correct. Within the database a null version will be entered as overpayment / underpayment for the line. Step Three: After all lines have been reconciled against the itemized bill / UB- 04 and the medical record then all overpayments / underpayments must be reconciled. A final tally of total liability will need to be achieved. Reporting of the reasons for all adjustments will need to be created in order to convey the findings to the appropriate individual(s) or regulatory bodies. 48 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

49 Prior to completion of this step all ICD- 9- CM diagnosis codes must be validated against the medical record. On a CMS physician s submission the diagnosis code must be assigned to the actual line item however, for facility billing this is not applicable and must be validated by the overall documentation in the record. For inpatient claims, once the lines have been reconciled and diagnosis confirmed with the medical record the claim will need to go through a grouper again to determine if the actual DRG / MS- DRG assignment was accurate. Step Four: Depending upon the actual results a final report will need to be prepared and presented to the ultimate client. A presentation of overpayments / underpayments will need to be provided and a total dollar impact should be provided in both gross charges and net reimbursement impacts. 2B- 3 VALIDATE ELIGIBILITY / BENEFITS In order to gain reimbursement for services rendered a payer/supplier the patient insurance must be validated. In other words, the provider/supplier will need to make sure that the patient is eligible to receive benefits from that payer. The eligibility validation occurs at two separate times. Initial Verification of Insurability: This is generally performed by the office staff or admitting /registration if performed in a facility. The process begins with obtaining demographic information and insurance information. A minimum requirement includes name, date of birth, social security number, address (including city, state, zip) and employer. In some cases validation of this information is made through a visual inspection of the data compared to a government issued identification card such as a driver s license or passport. Once the demographics and insurance group and plan are identified the registrar or front office will contact the payer to determine eligibility. In smaller operations such as single physician offices this may be done by phone or payer website. In larger suppliers/providers such as ambulatory surgery centres or hospitals this is done through an electronic verification process. The electronic verification can occur through the payer website for commercial payers and Medicaid or through the common working file for Medicare. Since the front office / registration staff would need to access many different systems larger provider/suppliers utilize a centralized system for verification. These are usually proprietary and are purchased software or contractual in nature. For example, Craneware Insights provides Insight Eligibility verification software. A product such as Insight Eligibility would allow the registrar to access the system through the web and by providing essential demographic information eligibility is confirmed. 49 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

50 From a Medicaid standpoint, eligibility can be checked through the proprietary vendor as stated above or through a state system. In this case validation is performed over a designated Medicaid eligibility system. No matter how this is performed eligibility is an essential first step in receiving reimbursement. Commercial payers frequently have eligibility on- line. One such example is Anthem Blue Cross / Blue Shield (Ohio). The auditor will need to test and validate during the audit the eligibility of the patient to receive benefits under the specific payer. This will be an initial step in any chart audit performed. This may need to be performed for several payers if the patient has both a primary and secondary insurance. Failure to determine eligibility is a frequent cause of significant provider liability and should be a routine audit performed internally for hospitals. Pre- Authorization: According to the Free Dictionary, pre- authorization is the requirement by an HMO that a costly surgery, specialist referral or non emergency health care services be approved by the insurer before it is allowed. 27 Pre- authorization is a necessary step prior to an elective procedure or inpatient admission. The front office staff or admitting /registration staff will need to contact the individual payer. Pre- authorization is not a concept known to nor applies to traditional Medicare. However, commercial, managed care plans, some aspects of Medicaid and Medicaid HMO s will require this pre- authorization. For procedures, the physician will provide the ICD- 9- CM diagnosis code(s) as well as the anticipated procedure (CPT code(s)). This along with the demographic information is provided to a pre- authorization call centre that will validate eligibility and provide authorization for the procedure. While authorization is not a guarantee of reimbursement it is an essential requirement of the payer to be able to seek reimbursement. Without pre- authorization many payers will deny coverage. Audit Requirements: As part of any chart audit, the auditor will need to determine that the beneficiary had valid coverage. In order to perform this function they will need to follow the same eligibility steps as performed by the original registrar. The auditor must re- validate any original eligibility and not make an assumption that it is accurate. According to Craneware Insights, inaccurate eligibility is one of the top reasons for denial. Failure to perform an independent eligibility will impact the overall reliability of the audit findings. 2B- 4 APPLY THIRD PARTY PAYMENT RULES 27 dictionary.thefreedictionary.com/preauthorization 50 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

51 There are several overall concepts for third party payments. The following is taken from an overview article for third party payment by Mr. Cameron Easey. Third- party insurance is a term that is referred to when the processing of payments for insurance and other duties are handled by a third- party administrator or TPA. A model law developed for third- party administrators was drafted by the National Association of Insurance Commissioners (NAIC) in A guideline was developed Shorty thereafter, which replaced the model law. This guideline is available for states that want to develop their own laws for third- party administrators. Purpose of a TPA A third- party administrator is typically hired by a company to administer its health insurance program. This includes collecting premium payments and issuing reimbursements. When an employer uses a third- party administrator, the TPA needs to provide a written notice to all covered individuals or employees. This notice needs to explain who the TPA is, his relationship to the employer or payer as well as the policyholder Collection of Funds A third- party administrator who collects funds must provide an explanation for why the collection is necessary. She must also list any item and amount separately from any premium that is collected. A third- party administrator may not make any additional charges for any service that has been paid for by a payer or employer. Payer Responsibilities A payer is an employer or organization that hires a third- party administrator to administer its group health insurance plan. The payer as well as the insurer or the group health insurance plan is still responsible for determining applicable benefits and premium rates that are going to be charged for coverage. A payer who hires a third- party administrator is required to make sure his health insurance program is administered competently. Master Service Agreements A master service agreement is an agreement in which an employer enters with an insurance carrier and a third- party administrator. This agreement details the payment of claims that are made for insurance coverage. An insurer and third- party administrator need to keep copies of all master service agreements that they have agreed to. The agreement needs to be made available to a state's department of insurance for inspection upon request. Delivery of Materials A third- party administrator is required to send information, such as policy information, an explanation of benefits, booklets or termination notices, to covered individuals. Information that 51 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

52 is sent will also include any COBRA continuation coverage options if necessary. This information needs to be sent to covered individuals within a specified amount of time after being notified by the payer or employer 28 A full document on the Registration and Regulation of Third Party Administrators by NAIC can be found at: Many states insurance commissions regulate the third party payment rules. One example is taken from the State of Ohio regulations. The auditor will need to be familiar with these rules and how they play into the audit plan Third- party payers processing claims for payment for health care services. (A) Except as provided in sections , , , and of the Revised Code, a third- party payer shall process a claim for payment for health care services rendered by a provider to a beneficiary in accordance with this section. (B)(1) Unless division (B) (2) or (3) of this section applies, when a third- party payer receives from a provider or beneficiary a claim on the standard claim form prescribed in rules adopted by the superintendent of insurance under section of the Revised Code, the third- party payer shall pay or deny the claim not later than thirty days after receipt of the claim. When a third- party payer denies a claim, the third- party payer shall notify the provider and the beneficiary. The notice shall state, with specificity, why the third- party payer denied the claim. (2)(a) Unless division (B)(3) of this section applies, when a provider or beneficiary has used the standard claim form, but the third- party payer determines that reasonable supporting documentation is needed to establish the third- party payer s responsibility to make payment, the third- party payer shall pay or deny the claim not later than forty- five days after receipt of the claim. Supporting documentation includes the verification of employer and beneficiary coverage under a benefits contract, confirmation of premium payment, medical information regarding the beneficiary and the services provided, information on the responsibility of another third- party payer to make payment or confirmation of the amount of payment by another third- party payer, and information that is needed to correct material deficiencies in the claim related to a diagnosis or treatment or the provider s identification. Not later than thirty days after receipt of the claim, the third- party payer shall notify all relevant external sources that the supporting documentation is needed. All such notices shall state, with specificity, the supporting documentation needed. If the notice was not provided in writing, the provider, beneficiary, or third- party payer may request the third- party payer to provide the 28 thirdparty- health- insurance.html 52 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

53 notice in writing, and the third- party payer shall then provide the notice in writing. If any of the supporting documentation is under the control of the beneficiary, the beneficiary shall provide the supporting documentation to the third- party payer. The number of days that elapse between the third- party payer s last request for supporting documentation within the thirty- day period and the third- party payer s receipt of all of the supporting documentation that was requested shall not be counted for purposes of determining the third- party payer s compliance with the time period of not more than forty- five days for payment or denial of a claim. Except as provided in division (B) (2) (b) of this section, if the third- party payer requests additional supporting documentation after receiving the initially requested documentation, the number of days that elapse between making the request and receiving the additional supporting documentation shall be counted for purposes of determining the third- party payer s compliance with the time period of not more than forty- five days. (b) If a third- party payer determines, after receiving initially requested documentation, that it needs additional supporting documentation pertaining to a beneficiary s pre- existing condition, which condition was unknown to the third- party payer and about which it was reasonable for the third- party payer to have no knowledge at the time of its initial request for documentation, and the third- party payer subsequently requests this additional supporting documentation, the number of days that elapse between making the request and receiving the additional supporting documentation shall not be counted for purposes of determining the third- party payer s compliance with the time period of not more than forty- five days. (c) When a third- party payer denies a claim, the third- party payer shall notify the provider and the beneficiary. The notice shall state, with specificity, why the third- party payer denied the claim. (d) If a third- party payer determines that supporting documentation related to medical information is routinely necessary to process a claim for payment of a particular health care service, the third- party payer shall establish a description of the supporting documentation that is routinely necessary and make the description available to providers in a readily accessible format. Third- party payers and providers shall, in connection with a claim, use the most current CPT code in effect, as published by the American medical association, the most current ICD- 9 code in effect, as published by the United States department of health and human services, the most current CDT code in effect, as published by the American dental association, or the most current HCPCS code in effect, as published by the United States health care financing administration. (3) When a provider or beneficiary submits a claim by using the standard claim form prescribed in the superintendent s rules, but the information provided in the claim is materially deficient, 53 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

54 the third- party payer shall notify the provider or beneficiary not later than fifteen days after receipt of the claim. The notice shall state, with specificity, the information needed to correct all material deficiencies. Once the material deficiencies are corrected, the third- party payer shall proceed in accordance with division (B) (1) or (2) of this section. It is not a violation of the notification time period of not more than fifteen days if a third- party payer fails to notify a provider or beneficiary of material deficiencies in the claim related to a diagnosis or treatment or the provider s identification. A third- party payer may request the information necessary to correct these deficiencies after the end of the notification time period. Requests for such information shall be made as requests for supporting documentation under division (B) (2) of this section, and payment or denial of the claim is subject to the time periods specified in that division. (C) For purposes of this section, if a dispute exists between a provider and a third- party payer as to the day a claim form was received by the third- party payer, both of the following apply: (1) If the provider or a person acting on behalf of the provider submits a claim directly to a third- party payer by mail and retains a record of the day the claim was mailed, there exists a rebuttable presumption that the claim was received by the third- party payer on the fifth business day after the day the claim was mailed, unless it can be proven otherwise. (2) If the provider or a person acting on behalf of the provider submits a claim directly to a third- party payer electronically, there exists a rebuttable presumption that the claim was received by the third- party payer twenty- four hours after the claim was submitted, unless it can be proven otherwise. (D) Nothing in this section requires a third- party payer to provide more than one notice to an employer whose premium for coverage of employees under a benefits contract has not been received by the third- party payer. (E) Compliance with the provisions of division (B) (3) of this section shall be determined separately from compliance with the provisions of divisions (B) (1) and (2) of this section. (F) A third party payer shall transmit electronically any payment with respect to claims that the third party payer receives electronically and pays to a contracted provider under this section and under sections , , and of the Revised Code. A provider shall not refuse to accept a payment made under this section or sections , , and of the Revised Code on the basis that the payment was transmitted electronically. 54 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

55 Amended by 128th General Assembly File No. 9, HB 1, , eff. 10/16/ As noted in the Ohio regulations, which are similar to other states administrative code, the regulations define the length of time for payment to the provider/supplier, the method and time frames for requesting additional information, how to manage pre- existing condition, how the beneficiary will be notified of a denial and other aspects of the third party administrator. The auditor will need to have a copy of the regulations on payment rules by the third party administrator. In most cases, these are available through the State s insurance commission. 2B- 5 REVIEW AND AUDIT OF A UB- 04 The UB- 04, also known as the Form CMS- 1450, is the uniform institutional provider hardcopy claim form suitable for use in billing multiple third party payers. Unique to Medicare is that the Administrative Simplification Compliance Act (ASCA) prohibits payment of services or supplies for initial claims that a provider did not bill electronically. The UB- 04 is the only hardcopy claim form that the Centers for Medicare & Medicaid Services (CMS) accepts from institutional providers (e.g., hospitals, Skilled Nursing Facilities, Home Health Agencies, etc.) which meet the ASCA exceptions or which have been granted a waiver. 30 The National Uniform Billing Committee (NUBC) is responsible for the design and printing of the UB- 04 form. The NUBC is a voluntary, multidisciplinary committee that develops data elements for claims and claim- related transactions, and is composed of all major national provider and payer organizations (including Medicare). The 837 Institutional electronic claim formats is the electronic version of the form and is in use by providers who submit claims electronically. Effective June 5, 2000, CMS extended the claim size to 450 lines. For the Form CMS- 1450, this simply means that the FI or A/B MAC accepts claims of up to 9 pages. Visit Chapter 25 of the Medicare Claims Processing Manual, Internet- Only Manual Publication (IOM Pub) at to learn more about the UB- 04. Additional information is available to subscribers of the Official UB- 04 Data Specifications Manual. Visit the NUBC website at to subscribe. 31 The UB- 04 has specific fields that portray the clinical episode of care on a hardcopy claim. A UB- 04 is presented in future pages for your review. What is essential to understand is that there are key fields that must be completed. The following layout describes the data specifications for the UB Copyright 2012 William L. Malm, ND, CMAS & AAMAS

56 Additional information can be found in the following transmittal. UNDERSTANDING FIELD LOCATORS FL Requirement Description Line Type Size 1 Required by Medicare Billing Provider Name 1 AN 25 Required by Medicare Billing Provider Street Address 2 AN 25 Required by Medicare Billing Provider City, State, ZIP 3 AN 25 Required by Medicare Billing Provider Telephone, Fax, Country Code 4 AN 25 2 May be required by another payer when applicable / not required by Medicare Billing Provider s Designated Pay- to Name 1 AN 25 May be required by another payer when applicable / not required by Medicare Billing Provider s Designated Pay- to Address 2 AN 25 May be required by another payer when applicable / not required by Medicare Billing Provider s Designated Pay- to City, State 3 AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

57 FL Requirement Description Line Type Size 3a Required by Medicare Patient Control Number 1 AN 24 3b May be required by another payer when applicable / not required by Medicare Medical/Health Record Number 2 AN 24 4 Required by Medicare Type of Bill (TOB) 1 AN 4 5 Required by Medicare Federal Tax Number 1 AN 4 Required by Medicare Federal Tax Number 2 AN 10 6 Required by Medicare Statement Covers Period - From/Through 1 N/N 6/6 7 Field not used Unlabeled 1 AN 7 Field not used Unlabeled 2 AN 8 8a Required by Medicare Patient Name/ID 1 AN 19 8b Required by Medicare Patient Name 2 AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

58 FL Requirement Description Line Type Size 9a Required by Medicare Patient Address - Street 1 AN 40 9b Required by Medicare Patient Address - City 2 AN 30 9c Required by Medicare Patient Address - State 2 AN 2 9d Required by Medicare Patient Address - ZIP 2 AN 9 9e May be required by another payer when applicable / not required by Medicare Patient Address - Country Code 2 AN 3 10 Required by Medicare Patient Birthdates 1 N 8 11 Required by Medicare Patient Sex 1 AN 1 12 Required for Types of Bill 011X, 012X, 018X, 021X, 022X, 032X, 033X, 041X, 081X, or 082X Admission/Start of Care Date 1 N 6 13 May be required by another payer when applicable / not required by Medicare Admission Hour 1 AN 2 14 Required for Types of Bill 011X, 012X, 018X, 021X, and 041X Priority (Type) of Admission or Visit 1 AN 1 58 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

59 FL Requirement Description Line Type Size 15 Required by Medicare Point of Origin for Admission or Visit 1 AN 1 16 May be required by another payer when applicable / not required by Medicare Discharge Hour 1 AN 2 17 Required for Types of Bill 011X, 012X, 013X, 014X, 018X, 021X, 022X, 023X, 032X, 033X, 034X, 041X, 071X, 073X, 074X, 075X, 076X, 081X, 082X, or 085X Patient Discharge Status 1 AN Required if applicable Condition Codes AN 2 29 May be required by another payer when applicable / not required by Medicare Accident State AN 2 30 Field not used Unlabeled 1 AN 12 Field not used Unlabeled 2 AN Required if applicable Occurrence Code/Date a AN/N 2/6 Required if applicable Occurrence Code/Date b AN/N 2/ Required if applicable Occurrence Span Code/From/Through a AN/N/N 2/6/6 59 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

60 FL Requirement Description Line Type Size Required if applicable Occurrence Span Code/From/Through b AN/N/N 2/6/6 37 Field not used Unlabeled a AN 8 Field not used Unlabeled b AN 8 38 May be required by another payer when applicable / not required by Medicare Responsible Party Name/Address 1 AN 40 May be required by another payer when applicable / not required by Medicare Responsible Party Name/Address 2 AN 40 May be required by another payer when applicable / not required by Medicare Responsible Party Name/Address 3 AN 40 May be required by another payer when applicable / not required by Medicare Responsible Party Name/Address 4 AN 40 May be required by another payer when applicable / not required by Medicare Responsible Party Name/Address 5 AN Required if applicable Value Code a- d AN 2 Required if applicable Value Code Amount a- d N 9 60 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

61 FL Requirement Description Line Type Size 42 Required by Medicare Revenue Codes 1-23 N May be required by another payer when applicable / not required by Medicare Required if applicable Revenue Code Description/Investigational Device Exemption (IDE) Number/Medicaid Drug Rebate Healthcare Common Procedure Coding System (HCPCS)/Accommodation Rates/Health Insurance Prospective Payment System (HIPPS) Rate Codes AN AN Required if applicable Service Dates 1-23 N 6 46 Required if applicable Service Units 1-23 N 7 47 Required by Medicare Total Charges 1-23 N 9 48 Required if applicable Non- Covered Charges 1-23 N 9 49 Field not used Unlabeled 1-23 AN 2 Page _ of _ Creation Date _ 23 N/N 3/3 50 Required by Medicare Payer Identification - Primary A AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

62 FL Requirement Description Line Type Size Required by Medicare Payer Identification - Secondary B AN 23 Required by Medicare Payer Identification - Tertiary C AN Required by Medicare Health Plan ID A AN 15 Required if applicable Health Plan ID B AN 15 Required if applicable Health Plan ID C AN Required by Medicare Release of Information - Primary A AN 1 Required by Medicare Release of Information - Secondary B AN 1 Required by Medicare Release of Information - Tertiary C AN 1 53 May be required by another payer when applicable / not required by Medicare Assignment of Benefits - Primary A AN 1 May be required by another payer when applicable / not required by Medicare Assignment of Benefits - Secondary B AN 1 62 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

63 FL Requirement Description Line Type Size May be required by another payer when applicable / not required by Medicare Assignment of Benefits - Tertiary C AN 1 54 Required if applicable Prior Payments - Primary A N 10 Required if applicable Prior Payments - Secondary B N 10 Required if applicable Prior Payments - Tertiary C N May be required by another payer when applicable / not required by Medicare Estimated Amount Due - Primary A N 10 May be required by another payer when applicable / not required by Medicare Estimated Amount Due - Secondary B N 10 May be required by another payer when applicable / not required by Medicare Estimated Amount Due - Tertiary C N Required by Medicare National Provider Identifier (NPI) - Billing Provider 1 AN Required if applicable Other Provider ID A AN 15 Required if applicable Other Provider ID B AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

64 FL Requirement Description Line Type Size Required if applicable Other Provider ID C AN Required by Medicare Insured s Name - Primary A AN 25 Required by Medicare Insured s Name - Secondary B AN 25 Required by Medicare Insured s Name - Tertiary C AN Required if applicable Patient s Relationship - Primary A AN 2 Required if applicable Patient s Relationship - Secondary B AN 2 Required if applicable Patient s Relationship - Tertiary C AN 2 60 Required by Medicare Insured s Unique ID - Primary A AN 20 Required by Medicare Insured s Unique ID - Secondary B AN 20 Required by Medicare Insured s Unique ID - Tertiary C AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

65 FL Requirement Description Line Type Size 61 Required if applicable Insurance Group Name - Primary A AN 14 Required if applicable Insurance Group Name - Secondary B AN 14 Required if applicable Insurance Group Name - Tertiary C AN Required if applicable Insurance Group No. - Primary A AN 17 Required if applicable Insurance Group No. - Secondary B AN 17 Required if applicable Insurance Group No. - Tertiary C AN Required if applicable Treatment Authorization Code - Primary A AN 30 Required if applicable Treatment Authorization Code - Secondary B AN 30 Required if applicable Treatment Authorization Code - Tertiary C AN Required if applicable Document Control Number (DCN) A AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

66 FL Requirement Description Line Type Size Required if applicable Document Control Number (DCN) B AN 26 Required if applicable Document Control Number (DCN) C AN Required if applicable Employer Name (of the insured) - Primary A AN 25 Required if applicable Employer Name (of the insured) - Secondary B AN 25 Required if applicable Employer Name (of the insured) - Tertiary C AN 25 Diagnosis and Procedure Code Qualifier 66 Required by Medicare (International Classification of Diseases [ICD] Version Indicator) 1 AN 1 67 Required for Types of Bill 011X, 012X, 013X, 014X, and 021X Principal Diagnosis Code and Present on Admission (POA) Indicator 1 AN 8 67A- Q Required if applicable Other Diagnosis and POA Indicator A- Q AN 8 68 Field not used Unlabeled 1 AN 8 Field not used Unlabeled 2 AN 9 66 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

67 FL Requirement Description Line Type Size 69 Required for Types of Bill 011X, 012X, 021X, and 022X Admitting Diagnosis Code 1 AN 7 70a Required if applicable Patient Reason for Visit Code 1 AN 7 70b Required if applicable Patient Reason for Visit Code 1 AN 7 70c Required if applicable Patient Reason for Visit Code 1 AN 7 71 May be required by another payer when applicable / not required by Medicare Prospective Payment System (PPS) Code 1 AN 3 72a May be required by another payer when applicable / not required by Medicare External Cause of Injury Code and POA Indicator 1 AN 8 72b May be required by another payer when applicable / not required by Medicare External Cause of Injury Code and POA Indicator 1 AN 8 72c May be required by another payer when applicable / not required by Medicare External Cause of Injury Code and POA Indicator 1 AN 8 73 Field not used Unlabeled 1 AN 9 74 Required if applicable Principal Procedure Code/Date 1 N/N 7/6 67 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

68 FL Requirement Description Line Type Size 74a Required if applicable Other Procedure Code/Date 1 N/N 7/6 74b Required if applicable Other Procedure Code/Date 1 N/N 7/6 74c Required if applicable Other Procedure Code/Date 2 N/N 7/6 74d Required if applicable Other Procedure Code/Date 2 N/N 7/6 74e Required if applicable Other Procedure Code/Date 2 N/N 7/6 75 Field not used Unlabeled 1 AN 3 Field not used Unlabeled 2 AN 4 Field not used Unlabeled 3 AN 4 Field not used Unlabeled 4 AN 4 76 Required if applicable Attending Provider - NPI/QUAL/ID 1 AN 11/2/9 68 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

69 FL Requirement Description Line Type Size Required if applicable Attending Provider - Last/First 2 AN 16/12 77 Required if applicable Operating Physician - NPI/QUAL/ID 1 AN 11/2/9 Required if applicable Operating Physician - Last/First 2 AN 16/12 78 Required if applicable Other Provider - QUAL/NPI/QUAL/ID 1 AN 2/11/2/9 Required if applicable Other Provider - Last/First 2 AN 16/12 79 Required if applicable Other Provider - QUAL/NPI/QUAL/ID 1 AN 2/11/2/9 Required if applicable Other Provider - Last/First 2 AN 16/12 80 Required if applicable Remarks 1 AN 21 Required if applicable Remarks 2 AN 26 Required if applicable Remarks 3 AN Copyright 2012 William L. Malm, ND, CMAS & AAMAS

70 FL Requirement Description Line Type Size Required if applicable Remarks 4 AN Required if applicable Code- Code - QUAL/CODE/VALUE a AN/AN/A N 2/10/12 Required if applicable Code- Code - QUAL/CODE/VALUE b AN/AN/A N 2/10/12 Required if applicable Code- Code - QUAL/CODE/VALUE c AN/AN/A N 2/10/12 Required if applicable Code- Code - QUAL/CODE/VALUE d AN/AN/A N 2/10/12 For outpatient services, there are a few field locators, which are key to assuring accurate claims submission. These are illuminated above with green shading. Each of these lines must be audited against the physician order and medical record documentation. Each line on the claim represents a separate service. The National Uniform Billing Committee has ownership and copyright of all information regarding the Revenue Codes and UB04. We recommend that every auditor subscribe to the UB04 Specifications Manual as a required tool for auditing. All information can be found at We will go into further depth at this time. FL 4 Type of Bill (TOB). The following are type of bill (TOB) codes common to facilities. Others for hospice, home health, ESRD etc... can be found within Chapter 25, of the Medicare Claims Processing Manual or in the NUBC UB- 04 Specifications Manual. o 011X Hospital Inpatient (Part A) o 012X Hospital Inpatient (Part B) o 013X Hospital Outpatient o 014X Hospital Laboratory Services Provided to Non- patients o 018X Hospital Swing Bed o 021X Skilled Nursing Facility (SNF) Inpatient 70 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

71 o 022X Skilled Nursing Facility (SNF) Inpatient Part B o 023X Skilled Nursing Facility Outpatient o 083X Hospital Outpatient Ambulatory Surgical Centre (ASC) o 085X Critical Access Hospital (CAH) FL Occurrence Codes and Dates: These are codes associated with a specific date that defines an event as it relates to the claim to ensure accurate claim processing. Occurrence codes and occurrence span codes are mutually exclusive. Due to the voluminous nature of the codes we will not list them all here. We recommend for the complete listing, as recommended by CMS, you consult the NUBC UB- 04 Specifications Manual. o An example provided within the CMS Claims Processing Manual is as follows: An example of Occurrence Code use: A Medicare beneficiary was confined in hospital from January 1, 2005 to January 10, 2005, however, his Medicare Part A benefits were exhausted as of January 8, 2005, and he was not entitled to Part B benefits. Therefore, Form Locator 31 should contain code A3 and the date In this case the occurrence code of A3 represents Benefits Exhausted Payer A and the corresponds to the date in which the Part A benefits were exhausted. FL Value Codes: Per NUBC, the definition of these field locators is a code structure to relate amounts or values to identify data elements necessary to process the claim as qualified by the payer. 33 In other words, this field is utilized whenever value information applies. FL 42 - Revenue Code: Revenue codes are discussed in depth in other portions of this manual. The National Uniform Billing Committee (NUBC) copyrights revenue Codes and the UB04 Specifications Manual. These four digit codes describe accommodation and ancillary services. o For outpatient services each test, procedure, supply or pharmaceutical will be represented on a separate single line with the most appropriate revenue code o For inpatient services like services within the same revenue code will be rolled up on the claim to a single line representing the revenue code. o The revenue code is represented in descending order, moving down the claim by date of service, for outpatient claims and in descending order for all dates of service for inpatient claims. FL 43 Revenue Code description, per National Uniform Billing Committee (NUBC) definition of the revenue code FL 44 HCPCS/Accommodation Rate/HIPPS Rate Code o HCPCS code is for outpatient reimbursement systems o Accommodation Rate Code is for inpatient reimbursement systems o HIPPS Code (Health Insurance Prospective Payment System) is used to represent patient characteristics or case- mix used by many prospective payment systems UB- 04 Specifications Manual; FL Copyright 2012 William L. Malm, ND, CMAS & AAMAS

72 FL 45 Service Date: used to represent the date that the outpatient service was rendered FL 46 Units of Service: represents the units of procedure, test, service, supply or pharmaceutical. Can also represent number of accommodation days. FL 47 Total Charges: This represents the total charges for both covered and non- covered services. FL 48 Non Covered Charges: Portrays the non- covered services as it relates to the revenue code on the claim. Medical necessity for the procedure, test, service, supply or medication is a mandatory requirement for submitting charges to Federal, State, Local, Commercial or Managed Care payer. As a result the diagnosis (ICD- 9- CM) and/or symptoms become essential to accurate claim submission. These fields are also illuminated in green above and are FL 67, 69-70(c) on the UB- 04. FL 67 Principal Diagnosis: This is the ICD- 9- CM code for the condition established after study to be chiefly responsible for the admission of the patient. This is the driving diagnosis for inpatient claims (11x TOB) FL 67 (a- q) Secondary Diagnosis: FL67 Present on Admission (POA): This is found as the eighth digit for FL 67, 67(a- q) and FL 72. As of 1/1/11, The Deficit Reduction Act of 2005 requires the addition of the POA indicator on all inpatient claims. Present on Admission (POA) is defined as being present at the time the inpatient order was written. Any condition that occurred prior to admission, whether at home, in outpatient status, ED or observation, and is present at time the inpatient order was written is considered to be Present on Admission (POA). 34 The POA indicator is added per coding instructions to the principal diagnosis, secondary diagnosis and external cause of injury codes. o POA Indicators are: Y Yes N No U No information present in the record W Clinically Undetermined Blank Field Exempt from reporting FL 69 Admitting Diagnosis: The ICD- 9- CM code for the diagnosis at the time of admission FL 70 (a- c) Patient s Reason for Visit: This is a key field as it provides information relative to medical necessity for a visit that might otherwise fail on the discharge diagnosis alone. This is required for any unscheduled visit defined by NUBC as: TOB 13x or 85x with a 1, 2 or 5 in FL 14 and a revenue code of 45x, 516, 526 or 762 appearing on the claim. For scheduled visits, the completion of FL 70 is up to the submitter as to whether or not it is necessary. o An example of when this information might provide the medical necessity for a visit is for a patient with cardiac history who arrives at the emergency department with a 34 NUBC UB- 04 Specifications Manual; FL Copyright 2012 William L. Malm, ND, CMAS & AAMAS

73 complaint of chest pain radiating down the left arm. In the ED, an EKG, laboratory tests and an evaluation are performed, and the findings indicate that the patient suffers from gastric reflux ( heartburn ). The patient is then discharged to home. The diagnosis of gastric reflux may not support the visit for reimbursement; however, at the time the patient presented for treatment he/she reasonably assumed that it might be a heart attack. The use of the reason for the visit field locator provides the additional information needed to support medical necessity and improve the odds for securing appropriate reimbursement. It is important to note that some commercial / managed care payers still have difficulty processing claims using these fields or ignore them altogether. The auditor will need to follow up with the payer to determine the appropriateness of including this field on the UB- 04 for the particular payer. It is important to note that some commercial / managed care payers still have difficulty processing claims using these fields or ignore them altogether. The auditor will need to follow up with the payer to determine the appropriateness of including this field on the UB- 04 for the particular payer. FL 72 - The External Cause of Injury: The code should be present on the claim when an injury is the reason for presentation to the facility or provider. This is a known area of coding error as many coders forget to code and/or add the external cause of injury to the claim. This external cause of injury is found in FL 72 (a- c). In these fields, the ICD- 9- CM diagnosis code describing the external cause of injuries, poisoning or adverse effect must be represented. On the UB- 04 this is required when an injury, poisoning or adverse effect is the primary reason for seeking medical attention. These codes are represented by E800 E998 from ICD- 9- CM. Examples of these codes would be for injuries resulting from an auto accident, overdose, adverse effect of medications, etc... FL 74 & 74 (a- e) Principal Procedure: These are generally not utilized for Medicare outpatient claims but are used for commercial /managed care and many Medicaid claims. This FL identifies all procedures (principal and other procedures) and the dates on which they were performed. The principal procedure is always placed in FL 74 with additional, subsequent or other procedures in 74 (a- e). Procedures to be reported include all those that are related to the principal diagnosis. FL Attending and Operating, Physician (s) Name & Identifier: The attending physician is the physician who has the overall responsibility for the care and treatment of the patient for which this claim is being submitted. Alternatively, the operating physician is the physician who has primary responsibility for the operative procedure on the claim. o These are essential for Medicare claims and are generally required for most other payers as well. For Medicare, the attending and operating physician(s) name and National Provider Identifier (NPI) will be matched to their PECOS profile. If the attending or operating physician(s) is not within PECOS, for that specialty, a rejection will occur. For example, Dr. Smith is an Attending and also the Operating physician. In PECOS he is listed with a specialty of cardiology. On the claim; however, there is a 73 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

74 hearing evaluation. This would reject, as the hearing evaluation would not be considered within the specialty of cardiology. Therefore, Attending /Operating physician names and NPIs must match the medical record and be within their scope of practice. In order to complete an audit you must have a hardcopy of the UB- 04 and detailed (itemized claim)for facility reviews. While most facilities submit their claims electronically following the 837- transaction set, for auditing purposes it makes sense to use the hardcopy. If multiple claims are being reviewed a database of key field locators can be created for use to note the differences. We will cover the auditing portion in other sections within this document. On the following page there is a replica of the UB- 04 for your review. Additionally, we recommend that each auditor have copies of authoritative source data. CMS Claims Processing Manual, Chapter 25 Completing and Processing the CMS Data Set, which can be found at: This document is free of charge and updated per CMS on an as needed basis. Codes used for Medicare claims are available from Medicare contractors (i.e Carrier / MAC.) Codes are also available from NUBC ( and through the NUBC Specifications Manual. National Uniform Billing Committee (NUBC) UB- 04 Specifications Manual. This manual is a subscription service and is an on- line reference tool for all aspects of the UB- 04. This can be obtained through NUBC at: 74 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

75 75 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

76 2B- 6 ASSIGN & VALIDATE ICD- 9- CM CODES The International Classification of Diseases, Ninth Revision, Clinical Modification (ICD- 9- CM) is based on the World Health Organization's Ninth Revision, International Classification of Diseases (ICD- 9). ICD- 9- CM is the official system of assigning codes to diagnoses and procedures associated with hospital utilization in the United States. The ICD- 9 is also used to code and classify mortality data from death certificates. The ICD- 9- CM consists of: a tabular list containing a numerical list of the disease code numbers in tabular form; an alphabetical index to the disease entries; and a classification system for surgical, diagnostic, and therapeutic procedures (alphabetic index and tabular list). The National Center for Health Statistics (NCHS) and the Centers for Medicare and Medicaid Services are the U.S. governmental agencies responsible for overseeing all changes and modifications to the ICD- 9- CM 35 The Centers for Medicare and Medicaid Services (CMS) and the National Center for Health Statistics (NCHS), two departments within the U.S. Federal Government s Department of Health and Human Services (DHHS) provide the following guidelines for coding and reporting using the International Classification of Diseases, 9th Revision, Clinical Modification (ICD- 9- CM). These guidelines should be used as a companion document to the official version of the ICD- 9- CM as published by the U.S. Government Printing Office (GPO). These guidelines have been approved by the four organizations that make up the Cooperating Parties for the ICD- 9- CM: the American Hospital Association (AHA), the American Health Information Management Association (AHIMA), CMS, and NCHS. These guidelines are included on the official government version of the ICD- 9- CM, and in Coding Clinic for ICD- 9- CM published by the AHA. 36 The Coding Clinic for ICD- 9- CM may be purchased in either hardcopy or CD- ROM from the American Hospital Association at: From an audit standpoint the official version of ICD- 9 / ICD- 9- CM and the most recent version of coding clinics should be in the auditor s toolkit. Both of these documents are considered to be source authority which is a fundamental benchmark for auditing and managing denials. The auditor s yearly budget should include funding for these two essential documents. It is also important to note that Copyright 2012 William L. Malm, ND, CMAS & AAMAS

77 when auditing these documents cover specific time periods. Therefore, the ICD- 9 / Coding Clinics must reflect the same time period as the medical record being reviewed. ICD- 9 GUIDELINES These guidelines are a set of rules that have been developed to accompany and complement the official conventions and instructions provided within the ICD- 9- CM itself. The instructions and conventions of the classification take precedence over guidelines. These guidelines are based on the coding and sequencing instructions in Volumes I, II and III of ICD- 9- CM, but provide additional instruction. Adherence to these guidelines when assigning ICD- 9- CM diagnosis and procedure codes is required under the Health Insurance Portability and Accountability Act (HIPAA). The diagnosis codes (Volumes 1-2) have been adopted under HIPAA for all healthcare settings. Volume 3 procedure codes have been adopted for inpatient procedures reported by hospitals. A joint effort between the healthcare provider and the coder is essential to achieve complete and accurate documentation, code assignment, and reporting of diagnoses and procedures. These guidelines have been developed to assist both the healthcare provider and the coder in identifying those diagnoses and procedures that are to be reported. The importance of consistent, complete documentation in the medical record cannot be overemphasized. Without such documentation accurate coding cannot be achieved. The entire record should be reviewed to determine the specific reason for the encounter and the conditions treated. 37 The following coding guidelines are taken directly from ICD- 9- CM Official Guidelines for Coding and Reporting (Effective 10/01/2010) and can be found at: General Coding Guidelines 1. Use of Both Alphabetic Index and Tabular List Use both the Alphabetic Index and the Tabular List when locating and assigning a code. Reliance on only the Alphabetic Index or the Tabular List leads to errors in code assignments and less specificity in code selection. 2. Locate each term in the Alphabetic Index Locate each term in the Alphabetic Index and verify the code selected in the Tabular List. Read and be guided by instructional notations that appear in both the Alphabetic Index and the Tabular List. 3. Level of Detail in Coding Diagnosis and procedure codes are to be used at their highest number of digits available. ICD- 9- CM diagnosis codes are composed of codes with 3, 4, or 5 digits. Codes with three digits are included in ICD- 9- CM as the heading of a category of codes that may be further subdivided by the use of fourth and/or fifth digits, which provide greater detail Copyright 2012 William L. Malm, ND, CMAS & AAMAS

78 A three- digit code is to be used only if it is not further subdivided. Where fourth- digit subcategories and/or fifth- digit sub classifications are provided, they must be assigned. A code is invalid if it has not been coded to the full number of digits required for that code. For example, acute myocardial infarction, code 410, has fourth digits that describe the location of the infarction (e.g., 410.2, of inferolateral wall), and fifth digits that identify the episode of care. It would be incorrect to report a code in category 410 without a fourth and fifth digit. ICD- 9- CM Official Guidelines for Coding and Reporting Effective October 1, 2010 Page 10 of 105 ICD- 9- CM Volume 3 procedure codes are composed of codes with either 3 or 4 digits. Codes with two digits are included in ICD- 9- CM as the heading of a category of codes that may be further subdivided by the use of third and/or fourth digits, which provide greater detail. 4. Code or codes from through V91.99 The appropriate code or codes from through V91.99 must be used to identify diagnoses, symptoms, conditions, problems, complaints, or other reason(s) for the encounter/visit. 5. Selection of codes through The selection of codes through will frequently be used to describe the reason for the admission/encounter. These codes are from the section of ICD- 9- CM for the classification of diseases and injuries (e.g., infectious and parasitic diseases; neoplasm s; symptoms, signs, and ill- defined conditions, etc.). 6. Signs and symptoms Codes that describe symptoms and signs, as opposed to diagnoses, are acceptable for reporting purposes when a related definitive diagnosis has not been established (confirmed) by the provider. Chapter 16 of ICD- 9- CM, Symptoms, Signs, and Ill- defined conditions (codes ) contain many, but not all codes for symptoms. 7. Conditions that are an integral part of a disease process Signs and symptoms that are associated routinely with a disease process should not be assigned as additional codes, unless otherwise instructed by the classification. 8. Conditions that are not an integral part of a disease process Additional signs and symptoms that may not be associated routinely with a disease process should be coded when present. 9. Multiple coding for a single condition In addition to the etiology/manifestation convention that requires two codes to fully describe a single condition that affects multiple body systems, there are other single conditions that also require more than one code. Use additional code notes are found in the tabular at codes that are not part of an etiology/manifestation pair where a secondary code is useful to fully describe a condition. The sequencing rule is the same as the etiology/manifestation pair - use additional code, indicates that a secondary code should be added. For example, for infections that are not included in chapter 1, a secondary code from category 041, Bacterial infection in conditions classified elsewhere and of unspecified site, may be required to identify the bacterial organism causing the infection. A use additional code note will normally be found at ICD- 9- CM Official Guidelines for Coding and Reporting Effective 78 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

79 October 1, 2010 Page 11 of 105 the infectious disease code, indicating a need for the organism code to be added as a secondary code. Code first notes are also under certain codes that are not specifically manifestation codes but may be due to an underlying cause. When a code first note is present and an underlying condition is present the underlying condition should be sequenced first. Code, if applicable, any causal condition first, notes indicate that this code may be assigned as a principal diagnosis when the causal condition is unknown or not applicable. If a causal condition is known, then the code for that condition should be sequenced as the principal or first- listed diagnosis. Multiple codes may be needed for late effects, complication codes, and obstetric codes to more fully describe a condition. See the specific guidelines for these conditions for further instruction. 10. Acute and Chronic Conditions If the same condition is described as both acute (subacute) and chronic, and separate subentries exist in the Alphabetic Index at the same indentation level, code both and sequence the acute (subacute) code first. 11. Combination Code A combination code is a single code used to classify: Two diagnoses, or A diagnosis with an associated secondary process (manifestation) A diagnosis with an associated complication Combination codes are identified by referring to subterm entries in the Alphabetic Index and by reading the inclusion and exclusion notes in the Tabular List. Assign only the combination code when that code fully identifies the diagnostic conditions involved or when the Alphabetic Index so directs. Multiple coding should not be used when the classification provides a combination code that clearly identifies all of the elements documented in the diagnosis. When the combination code lacks necessary specificity in describing the manifestation or complication, an additional code should be used as a secondary code. 12. Late Effects A late effect is the residual effect (condition produced) after the acute phase of an illness or injury has terminated. There is no time limit on when a late effect code can be used. The residual may be apparent early, such as in cerebrovascular accident cases, or it may occur months or years later, such as that due to a previous injury. Coding of late effects generally requires two ICD- 9- CM Official Guidelines for Coding and Reporting Effective October 1, 2010 Page 12 of 105 codes sequenced in the following order: The condition or nature of the late effect is sequenced first. The late effect code is sequenced second. An exception to the above guidelines are those instances where the code for late effect is followed by a manifestation code identified in the Tabular List and title, or the late effect code has been expanded (at the fourth and fifth- digit levels) to include the manifestation(s). The code for the acute phase of an illness or injury that led to the late effect is never used with a code for the late effect. 79 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

80 13. Impending or Threatened Condition Code any condition described at the time of discharge as impending or threatened as follows: If it did occur, code as confirmed diagnosis. If it did not occur, reference the Alphabetic Index to determine if the condition has a subentry term for impending or threatened and also reference main term entries for Impending and for Threatened. If the subterms are listed, assign the given code. If the subterms are not listed, code the existing underlying condition(s) and not the condition described as impending or threatened. 14. Reporting Same Diagnosis Code More than Once Each unique ICD- 9- CM diagnosis code may be reported only once for an encounter. This applies to bilateral conditions or two different conditions classified to the same ICD- 9- CM diagnosis code. 15. Admissions/Encounters for Rehabilitation When the purpose for the admission/encounter is rehabilitation, sequence the appropriate V code from category V57, Care involving use of rehabilitation procedures, as the principal/first- listed diagnosis. The code for the condition for which the service is being performed should be reported as an additional diagnosis. Only one code from category V57 is required. Code V57.89, Other specified rehabilitation procedures, should be assigned if more than one type of rehabilitation is performed during a single encounter. A procedure code should be reported to identify each type of rehabilitation therapy actually performed. 16. Documentation for BMI and Pressure Ulcer Stages For the Body Mass Index (BMI) and pressure ulcer stage codes, code assignment may be based on medical record documentation from clinicians who are not the patient s provider (i.e., physician or other qualified healthcare practitioner legally accountable for establishing the patient s diagnosis), since this information is typically documented by other clinicians involved in the care of the patient (e.g., a dietitian often documents the BMI and nurses often documents the pressure ulcer stages). However, the associated diagnosis (such ICD- 9- CM Official Guidelines for Coding and Reporting Effective October 1, 2010 Page 13 of 105 as overweight, obesity, or pressure ulcer) must be documented by the patient s provider. If there is conflicting medical record documentation, either from the same clinician or different clinicians, the patient s attending provider should be queried for clarification. The BMI and pressure ulcer stage codes should only be reported as secondary diagnoses. As with all other secondary diagnosis codes, the BMI and pressure ulcer stage codes should only be assigned when they meet the definition of a reportable additional diagnosis (see Section III, Reporting Additional Diagnoses). 17. Syndromes 80 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

81 Follow the Alphabetic Index guidance when coding syndromes. In the absence of index guidance, assign codes for the documented manifestations of the syndrome. 38 In addition to these guidelines each chapter within the official ICD- 9 guidelines offer additional specific instructions. The auditor should have the ICD- 9- CM with them during the evaluation of the medical record for reference. The auditor can only work from actual documentation within the record as provided by the provider. 2B- 7 ASSIGN & VALIDATE MS- DRG CODE There are many types of diagnosis related groups (DRGs). These provide patient classification types based on the resources utilized. The DRG concept began in the 1980 s as an integral aspect of creating a prospective payment system and move away from the cost based system. Under the Inpatient Prospective Payment System for Medicare and other payer inpatient rules the DRG methodology is a single payment no matter the patient services cost. Under the DRG/ MS- DRG methodology the hospital or facility assumes the risk to ensure that cost remains below the reimbursement. Medicare moved from the DRG concept to Medicare Severity Adjusted DRG in The complete discussion of this is included within the 2008 Inpatient Prospective Payment System Final Rule. A discussion of this is found in the Federal Register, Vol 72, beginning on page ( bin/pdfgate.cgi?waisdocid=jkkdne/4/2/0&waisaction=retrieve) In this document Medicare defines the MS- DRG as The MS DRGs represent a comprehensive approach to applying a severity of illness stratification for Medicare patients throughout the DRGs. 39 To achieve this CMS took the following steps: 1. Consolidation of Existing CMS DRGs into Base MS DRGs; 2. Categorization of Diagnoses a. CMS decided to establish three different levels of CC severity into which we would subdivide the diagnosis codes. The three levels are MCC, CC, and non- CC. b. Diagnosis codes classified as MCCs reflect the highest level of severity. The next level of severity includes diagnosis codes classified as CCs. The lowest level is for non- CCs. Non- CCs are diagnosis codes that do not significantly affect severity of illness and resource use. c. Therefore, secondary diagnoses that are non- CCs do not affect the DRG assignment under either the CMS DRGs or the MS DRGs 40 Medicare implemented the IPPS utilizing MS- DRG beginning with the final rule in Federal Register, Vol. 72, p bin/pdfgate.cgi?waisdocid=jkkdne/4/2/0&waisaction=retrieve 81 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

82 Medicare is not the only payor to utilize DRGs. Due to multiple different payer types and requirements from the initial DRG concept there are now many variations. Medicare DRG (CMS- DRG & MS- DRG) Refined DRGs (R- DRG) All Patient DRGs (AP- DRG) Severity DRGs (S- DRG) All Patient, Severity- Adjusted DRGs (APS- DRG) All Patient Refined DRGs (APR- DRG) International- Refined DRGs (IR- DRG) 41 For example Medicare subscribes to the MS- DRG while New York Medicaid is utilizing APR- DRG. The auditor will need to understand the payer they are evaluating and use the DRG methodology required by that payer. The Medicare Severity - Diagnosis Related Groups (MS- DRGs) are payment groups designed for the Medicare population. Patients who have similar clinical characteristics and similar costs are assigned to a MS- DRG. The MS- DRG will be linked to a fixed payment amount based on the average cost of patients in the group. Patients can be assigned to a MS- DRG based on their diagnosis, surgical procedures, age, and other information. Hospitals provide this information on their bills and Medicare uses this information to decide how much the hospitals should be paid. There may be some groups of MS- DRGs that are based on complications or comorbidities (CCs) or major complications or comorbidities (MCCs). Complications are new problems that are the result of a procedure, treatment, or illness. The term comorbidities mean that two or more diseases are present at the same time. 42 Medicare Severity Diagnosis Related Groups (MS- DRG) was implemented in October 2007 to replace the standard DRG in place at that time. Some of the significant changes were made in Grouper version 25. : Version 25, the CMS DRG system resequenced the groups, so that for instance "Ungroupable" is no longer 470 but is now 999. To differentiate it, the newly resequenced DRG are now known as MS- DRG. Before the introduction of version 25, many CMS DRG classifications were "paired" to reflect the presence of complications or comorbidities (CCs). A significant refinement of version 25 was to replace this pairing, in many instances, with a trifurcated design that created a tiered system of the absence of CCs, the presence of CCs, and a higher level of presence of Major CCs. As a result 41 related_group 42 Glossary - MSDRG 82 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

83 of this change, the historical list of diagnoses that qualified for membership on the CC list was substantially redefined and replaced with a new standard CC list and a new Major CC list. Another planning refinement was not to number the DRGs in strict numerical sequence as compared with the prior versions. In the past, newly created DRG classifications would be added to the end of the list. In version 25, there are gaps within the numbering system that will allow modifications over time, and also allow for new MS- DRGs in the same body system to be located more closely together in the numerical sequence 43 CALCULATING THE MS- DRG In order to calculate the MS- DRG reimbursement there are two factors, the operating payment and the capital payment. Operating Payment o Payment = Base rate x Wage index x MS- DRG weight + Add- on payments Base rate: Standardized payment amount divided into labor/non- labor components (separate payment for capital costs) Wage index: Accounts for geographic variation in hospitals labor costs (applied only to labor portion of the base rate) MS- DRG weight: Reflects a patient s relative costliness Add- ons: Includes teaching hospitals/ indirect graduate medical education (IME), hospitals treating a disproportionate share of low- income patients (DSH), costly cases 44 CALCULATING MS- DRG STEP 1: The first step in determining the MS- DRG is to take the Major Diagnostic Category (MDC) into account. According to Wikipedia an MDC is formed by dividing all possible principal diagnoses (taken from ICD- 9- CM) in to a total of 25 diagnosis areas. The diagnoses in each MDC correspond to a single organ system or etiology and, in general, are associated with a particular medical specialty. MDC 1 to MDC 23 are grouped according to principal diagnoses. Patients are assigned to MDC 24 (Multiple Significant Trauma) with at least two significant trauma diagnosis codes (either as principal or secondary s) from different body site categories. Patients assigned to MDC 25 (HIV Infections) must have a principal diagnosis of an HIV Infection or a principal diagnosis of a significant HIV related condition and a secondary diagnosis of an HIV Infection related_group 44 Steinwald.slides_ pdf 83 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

84 MDC 0, unlike the others, can be reached from a number of diagnosis/procedure situations. It is reached due to certain procedures, all of which are transplant- related. This is due to the expense involved for the transplants so designated and because these transplants can be needed for a number of reasons that do not all come from one diagnosis domain. DRGs which reach MDC 0 are assigned to the MDC for the principal diagnosis instead of to the MDC associated with the designated DRG. 45 The 25 MDCs are as follow: MDC Description 0 Pre- MDC 1 Nervous System 2 Eye 3 Ear, Nose, Mouth And Throat 4 Respiratory System 5 Circulatory System 6 Digestive System 7 Hepatobiliary System And Pancreas 8 Musculoskeletal System And Connective Tissue 9 Skin, Subcutaneous Tissue And Breast 10 Endocrine, Nutritional And Metabolic System 11 Kidney And Urinary Tract 12 Male Reproductive System 13 Female Reproductive System 14 Pregnancy, Childbirth And Puerperium 15 Newborn And Other Neonates (Perinatal Period) 16 Blood and Blood Forming Organs and Immunological Disorders 17 Myeloproliferative DDs (Poorly Differentiated Neoplasms) 18 Infectious and Parasitic DDs 19 Mental Diseases and Disorders 20 Alcohol/Drug Use or Induced Mental Disorders 21 Injuries, Poison And Toxic Effect of Drugs 22 Burns 23 Factors Influencing Health Status 24 Multiple Significant Trauma 25 Human Immunodeficiency Virus Infection Copyright 2012 William L. Malm, ND, CMAS & AAMAS

85 CALCULATING MS- DRG STEP 2: The second step is very easy to determine. The MDC in combination with surgical procedure divides the categories into two and then further divides into either surgical type (OR type) or the principal diagnosis in determining the final MS- DRG SURGICAL TYPE YES MDC GROUPING SURGICAL PROCEDURE NO PRINCIPAL DIAGNOSIS Additional factors in determining the final reimbursement are the complications. Within MS- DRGs there are three levels of complications, which are based upon the secondary diagnosis codes. 1. MCC Major Complication/Comorbidity, which reflect the highest level of severity; 2. CC Complication/Comorbidity, which is the next level of severity; and 3. Non- CC Non- Complication/Comorbidity, which do not significantly affect severity of illness and resource use. 46 The use of complications is one of the new key elements to the MS- DRG. Complications are integral to the determination of the severity adjustment. The complete overview of MS- DRGs is provided in a Medlearn product published by CMS. This can be found at: We recommend that you review this material prior to auditing. Auditing inpatient services is quite complex and depends entirely upon documentation, the sequencing of procedure and/or diagnosis codes (ICD- 9- CM) and determination of complications in order to arrive at the correct DRG (Non- Medicare) or MS- DRG (Medicare) Copyright 2012 William L. Malm, ND, CMAS & AAMAS

86 Since the creation of the RACs, auditing inpatient records has become a very important part of the auditor s role. As a result the auditor may also have to act as an educator to providers and/or the facility. The requirements for documentation and auditing these records increase daily. Therefore the auditor may require exposure to additional on- going education. A current library of resource materials to include coding manuals, up- to- date grouper information and on- going education will be essential to maintaining the high standards required for inpatient auditing. Recovery Audit Contractors (RACs) are reviewing more inpatient claims than outpatient / physician claims at this time. The majority of the reviews by the MAC, RAC and others are for DRG validation however; medical necessity claims are quickly catching up. Therefore, the auditor must be as prepared as the RACs are to evaluate and defend inpatient claims. Documentation is a key issue in the successful appeal of a denial. Documentation Improvement Specialists are growing in numbers as auditing becomes more complex. For further information on this growing group of professionals we recommend contacting the Association of Clinical Documentation Improvement Specialists at: Auditors can also become certified inpatient coders, which improve the overall quality of the audit. Becoming a certified coder or documentation improvement specialist or CMAS can greatly improve the overall quality of the audit process. For further information we recommend: Inpatient Coding: o AHIMA - Documentation Improvement Specialist: o ACDIS - Certified Auditor o AAMAS - cmas.html 2B- 8 ASSIGN & VALIDATE EVALUATION AND MANAGEMENT CODES INTRODUCTION TO EVALUATION AND MANAGEMENT Evaluation and Management Codes (E & M) are used on both the CMS form and the UB- 04 but may be determined by separate criteria. For professionals such as physicians, nurse practitioners, physician s assistants etc the codes are driven by all guidance provided within the CPT codebook (American Medical Association). That section has a specific introduction and provides for the overall use of the code. In addition to those instructions, when submitting the claim to Medicare there are two guidelines utilized to determine what level of service was achieve. The provider has the choice of which of these two guidelines to choose but may not intermix their criteria or use both to determine the level. In other words, once the criteria are chosen they should stick with only that criterion. These will be discussed further in this section but are known as the 1995 and 1997 E & M guidelines. When auditing, 86 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

87 the auditor should ask for written confirmation as to which guideline was utilized by the professional in their selection of the codes. If you are a facility (hospital) then the CPT codebook provides specifics on the intent of the code only. From that point CMS has provided eleven (11) points, which should be placed into a policy to ensure accurate code selection. When auditing a facility the auditor should ask for a copy of the policy for the facility outlining their methodology. ASSIGNMENT OF NON- FACILITY (PROFESIONAL) EVALUATION AND MANAGEMENT (E&M) CODES Medicare is divergent in the methods of assigning evaluation and management service procedure codes when it comes to professionals versus facilities. The facility E & M will be discussed in detail within the Assign and Validate APC Codes section of the manuals. In this section we will focus on professional services evaluation and management codes. These codes begin with 99, xxx and are found within the first section of the CPT codebook (AMA). These codes have specific instructions on when to apply them and to assign them and provide coding guidelines. Above and beyond that which is presented within CPT, there are two different methods as defined by CMS. These are known as the 1995 and 1997 standards. Since 1997, there have been proposals to change these guidelines and update them however; despite multiple attempts this has never been accomplished GUIDELINES: On the CMS website there is a complete description and downloadable pdf describing both methods as well as an over view of the evaluation and management concepts. These are: Evaluation and Management Services Guide: ICN pdf 1995 Guidelines for Evaluation and Management: There are significant differences between the 1995 standards and the 1997 standards. One significant difference is the 1995 standard tend to be more subjective in approach. Let s review the 1995 guidelines. This publication provides definitions and documentation guidelines for the three key components of E/M services and for visits which consist predominately of counselling or coordination of care. The three key components- - history, examination, and medical decision making- - appear in the descriptor s for office and other outpatient services, hospital observation services, hospital 87 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

88 inpatient services, consultations, emergency department services, nursing facility services, domiciliary care services, and home services The descriptors for the levels of E/M services recognize seven components, which are used in defining the levels of E/M services. These components are: history; examination; medical decision making; counselling; coordination of care; nature of presenting problem; and time. The first three of these components (i.e., history, examination and medical decision making) are the key components in selecting the level of E/M services. An exception to this rule is the case of visits which consist predominantly of counselling or coordination of care. For these services, time is the key or controlling factor to qualify for a particular level of E/M service. History The levels of E/M services are based on four types of examination that are defined as follows: Problem Focused - - a limited examination of the affected body area or organ system. Expanded Problem Focused - - a limited examination of the affected body area or organ system and other symptomatic or related organ system(s). Detailed - - an extended examination of the affected body area(s) and other symptomatic or related organ system(s). Comprehensive - - a general multi- system examination or complete examination of a single organ system Each type of history includes some or all of the following elements: Chief complaint (CC); History of present illness (HPI); Review of systems (ROS); and Past, family and/or social history (PFSH) The chart below shows the progression of the elements required for each type of history. To qualify for a given type of history, all three elements in the table must be met. (A chief complaint is indicated at all levels.) 88 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

89 Type of History History of Present Illness (HPI) Review of Systems (ROS) Past, Family and/or Social History (PFSH) Type of History Prob. Focused Brief N/A N/A Problem Focused Expanded Prob Focused Brief Problem Pertinent N/A Expanded Problem Focused Detailed Extended Extended Pertinent Detailed Comprehensive Extended Complete Complete Comprehensive Documentation Guidelines (DG) The CC, ROS and PFSH may be listed as separate elements of history, or they may be included in the description of the history of the present illness Examination For purposes of examination, the following body areas are recognized: Head, including the face Neck Chest, including breasts and axillae Abdomen Genitalia, groin, buttocks Back, including spine Each extremity For purposes of examination, the following organ systems are recognized: Constitutional (e.g., vital signs, general appearance) Eyes Ears, nose, mouth and throat Cardiovascular Respiratory Gastrointestinal Genitourinary Musculoskeletal Skin Neurologic Psychiatric Hematologic/lymphatic/immunologic Medical Decision Making The levels of E/M services recognize four types of medical decision- making: straight- forward, low complexity, moderate complexity, and high complexity 89 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

90 Medical decision- making refers to the complexity of establishing a diagnosis and/or selecting a management option as measured by: the number of possible diagnoses and/or the number of management options that must be considered; the amount and/or complexity of medical records, diagnostic tests, and/or other information that must be obtained, reviewed and analysed; and the risk of significant complications, morbidity and/or mortality, as well as comorbidities, associated with the patient's presenting problem(s), the diagnostic procedure(s) and/or the possible management options EVALUATION & MANAGEMENT GUIDELINES The other method designed for professional services is the 1997 method. This method is less subjective and involves bulleted items. Like the 1995 standards the 1997 standards are based on seven criteria. These are: history; examination; medical decision making; counselling; coordination of care; nature of presenting problem; and time. The first three of these components (i.e., history, examination and medical decision making) are the key components in selecting the level of E/M services. In the case of visits, which consist predominantly of counselling or coordination of care, time is the key or controlling factor to qualify for a particular level of E/M service. Because the level of E/M service is dependent on two or three key components, performance and documentation of one component (e.g., examination) at the highest level does not necessarily mean that the encounter in its entirety qualifies for the highest level of E/M service. These Documentation Guidelines for E/M services reflect the needs of the typical adult population. 48 The key difference between the 1995 and 1997 is in the Review of Systems (ROS) and the Examination portion of the guidelines. This is different as the 1997 standards set forth the number of body systems that must be reviewed to reach each of the levels Copyright 2012 William L. Malm, ND, CMAS & AAMAS

91 A ROS is an inventory of body systems obtained through a series of questions seeking to identify signs and/or symptoms which the patient may be experiencing or has experienced. For purposes of ROS, the following systems are recognized: Constitutional symptoms (e.g., fever, weight loss) Eyes Ears, Nose, Mouth, Throat Cardiovascular Respiratory Gastrointestinal Genitourinary Musculoskeletal Integumentary (skin and/or breast) Neurological Psychiatric Endocrine Hematologic/Lymphatic Allergic/Immunologic A problem pertinent ROS inquires about the system directly related to the problem(s) identified in the HPI. Below are the documentation guidelines (DG) DG: The patient's positive responses and pertinent negatives for the system related to the problem should be documented. An extended ROS inquires about the system directly related to the problem(s) identified in the HPI and a limited number of additional systems. DG: The patient's positive responses and pertinent negatives for two to nine systems should be documented. A complete ROS inquires about the system(s) directly related to the problem(s) identified in the HPI plus all additional body systems. DG: At least ten organ systems must be reviewed. Those systems with positive or pertinent negative responses must be individually documented. For the remaining systems, a notation indicating all other systems are negative is permissible. In the absence of such a notation, at least ten systems must be individually documented. 49 As you can see within this section specific guidelines as to the number of systems reviewed and documented are present. However, in the 1995 standards there are no such specifications making this one area of difference between the two standards. Similar standards with specific numbers of criteria are present within the Past Medical, Family and Social History sections. The other area of diversity is within the examination portion of the guidelines Copyright 2012 William L. Malm, ND, CMAS & AAMAS

92 These types of examinations have been defined for general multi- system and the following single organ systems: Cardiovascular Ears, Nose, Mouth and Throat Eyes Genitourinary (Female) Genitourinary (Male) Hematologic/Lymphatic/Immunologic Musculoskeletal Neurological Psychiatric Respiratory Skin To qualify for a given level of multi- system examination, the following content and documentation requirements should be met: Problem Focused Examination- should include performance and documentation of one to five elements identified by a bullet ( ) in one or more organ system(s) or body area(s). Expanded Problem Focused Examination- should include performance and documentation of at least six elements identified by a bullet ( ) in one or more organ system(s) or body area(s). Detailed Examination- - should include at least six organ systems or body areas. For each system/area selected, performance and documentation of at least two elements identified by a bullet ( ) is expected. Alternatively, a detailed examination may include performance and documentation of at least twelve elements identified by a bullet ( ) in two or more organ systems or body areas. Comprehensive Examination- - should include at least nine organ systems or body areas. For each system/area selected, all elements of the examination identified by a bullet ( ) should be performed, unless specific directions limit the content of the examination. For each area/system, documentation of at least two elements identified by a bullet is expected. 50 In addition to the multisystem requirements there are requirements for the single body systems which dictate how many bulleted items within each organ system must be documented. As you can see the 1997 is much more stringent with fixed parameters. We recommend that you review the entire 1997 standard, which can be found at: Auditing for the 95 or 97 guidelines is the mainstay of most professional auditors. Trailblazer Medicare has published through Scribid a fantastic electronic audit template, which leads the auditor and ensures Copyright 2012 William L. Malm, ND, CMAS & AAMAS

93 consistent application and conclusions. It also provides for an element of independence and objectivity as an outside third party contractor creates this tool. This tool can be found at: Medicare- Audit- Tool medtools.com/aqua_medicare_coding_worksheet.html In order to access these tools you will be required to create an account. Palmetto GBA has published a very clear interactive checklist for both new and established patients that can be used for auditing physician / physician extender E & M s. This interactive template is easy to use and very clear. Please consult: Other audit templates can be found at: Additionally, many specialty organisations such as ACOG, ACEP and others may have their own templates either free to their members or at a small charge. UNDERSTANDING VISIT LEVELS FOR FACILITIES (FACILITY E & M) Status indicator V designates the visit codes, also known as Evaluation & Management codes. These codes have special instructions on how to code these procedures. Visit codes follow the intent of CPT however, for facility billing, require each facility to create their own guidelines for assignment based on resource consumption. Facilities do not utilize the 1995 or 1997 standards previously addressed. Facility coding requirements are discussed in the 2011 OPPS final rule in the Federal Register, Vol.75, No. 226, November 24, 2010, p Since April 7, 2000, we have instructed hospitals to report facility resources for clinic and emergency department hospital outpatient visits using the CPT E/M codes and to develop internal hospital guidelines for reporting the appropriate visit level. Because a national set of hospital specific codes and guidelines do not currently exist, we have advised hospitals that each hospital s internal guidelines that determine the levels of clinic and emergency department visits to be reported should follow the intent of the CPT code descriptors, in that the guidelines should be designed to reasonably relate the intensity of hospital resources to the different levels of effort represented by the codes. Because the facility is supposed to create the visit code guidelines according to resources, Medicare provided eleven (11) points that must be followed in the 2008 OPPS Final Rule. These are: In addition, we note our expectation that hospitals internal guidelines would comport with the principles listed below. 93 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

94 1. The coding guidelines should follow the intent of the CPT code descriptor in that the guidelines should be designed to reasonably relate the intensity of hospital resources to the different levels of effort represented by the code (65 FR 18451). 2. The coding guidelines should be based on hospital facility resources. The guidelines should not be based on physician resources (67 FR 66792). 3. The coding guidelines should be clear to facilitate accurate payments and be usable for compliance purposes and audits (67 FR 66792). 4. The coding guidelines should meet the HIPAA requirements (67 FR 66792). 5. The coding guidelines should only require documentation that is clinically necessary for patient care (67 FR 66792). 6. The coding guidelines should not facilitate upcoding or gaming (67 FR 66792). 7. The coding guidelines should be written or recorded, well documented, and provide the basis for selection of a specific code. 8. The coding guidelines should be applied consistently across patients in the clinic or emergency department to which they apply. 9. The coding guidelines should not change with great frequency. 10. The coding guidelines should be readily available for fiscal intermediary (or, if applicable, MAC) review. 11. The coding guidelines should result in coding decisions that could be verified by other hospital staff, as well as outside sources. Throughout the U.S. there are many different types of guidelines, as developed by the individual facility. In most cases, hospitals are trending toward the development of matrix types of guidelines based on points. Of all the systems reviewed by the government, Medicare finds this system requires the least additional documentation, is harder to game and represents a valid approach toward the determination of the evaluation and management (E & M) for facilities. Under the point system, every non- separately billable (no CPT code) item that is performed by nursing / ancillary services is reviewed and placed into a matrix. By adding up the points a level of service is achieved. This is only one of the many systems that have been created. For further discussion of the CMS standpoint on each of the models out there we recommend: Federal Register, Vol. 71, No 226, 11/24/2006, Rules and Regulations beginning on page A sample of this type of charge captures and audit tool has been created for illustration purposes only. 94 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

95 95 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

96 2B- 9 APPLY OFFICIAL CODING RULES Coding rules are divided into several categories. In the United States these consist of ICD- 9- CM / ICD- 10 diagnosis and procedural coding. Generally these are relegated to inpatient claims and when appropriately applied and sequenced result in a DRG type methodology when grouped. Alternatively, the U.S. differs from any other country in the use of AMA copyrighted CPT (Common Procedural Coding) and HCPCS Level II codes to represent procedures and supplies in the outpatient setting. Suppliers such as physicians and non- physician practitioners utilize CPT / HCPCS coding for both inpatient and outpatient coding procedures. ICD- 9 CODING RULES The International Classification of Diseases (version 9 and 10) are managed by the Centers for Disease Control and Prevention (CDC) within the U.S. The International Classification Of Diseases, Clinical Modification, currently in its ninth revision (ICD- 9- CM), is used to describe and report the illnesses, conditions, and injuries of patients who require medical services. There are specific guidelines to be followed which are published on their website at: Selection of the version required can be done by reviewing items on the left side of the webpage. For each version of ICD there are specific guidelines on their use. The auditor must follow these guidelines in order to ensure that appropriate and accurate coding results. The complete guidelines can be found at: 96 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

97 When using ICD- 9- CM, ICD- 10, the auditor must use the guidelines as specified by the payer. Most payers within the U.S. are on ICD- 9- CM with a migration toward ICD- 10. While other countries such as Australia, Germany and U.K. have been on ICD- 10 for many years. Additionally, commercial, managed care and Medicaid utilize either ICD- 9- CM of potentially ICD- 10 for diagnosis and procedure coding. 97 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

98 Medicare does not utilize ICD- 9- CM procedural coding for outpatient services but instead uses CPT/HCPCS Level II coding for procedures. However, Medicare and all other payers do use ICD- 9- CM procedural coding for inpatient services. The auditor must understand the payer requirements for reporting procedures. ICD- 10 CODING OVERVIEW ICD- 10 is very similar in coding conventions to ICD- 9 but much more expansive and consists of a nomenclature not previously seen in the U.S. ICD- 10 has been used in many other countries for years and now being adapted from the World Health Organisation (WHO) to U.S. standards in ICD- 10- CM. CMS training documents provide some overview of the extent of the changes. For example there are 14,025 ICD- 9- CM codes which translate into approximately 68,000 ICD- CM codes and are much more specific than ICD- 9- CM. In terms of procedure codes there are 3,824 ICD- 9- PCS codes that will translate to over 72,500 ICD- 10- PCS codes. As auditors knowledge of these codes will be essential as you move forward in your area of expertise. No matter if you are an external, independent or internal auditor ICD- 10 will be a required knowledge item. According to the CMS fact sheet ICD- 10: ICD- 10- CM/PCS (International Classification of Diseases, 10th Edition, Clinical Modification/Procedure Coding System) consists of two parts: ICD- 10- CM for diagnosis coding ICD- 10- PCS for inpatient procedure coding ICD- 10- CM is for use in all U.S. health care settings. Diagnosis coding under ICD- 10- CM uses 3 to 7 digits instead of the 3 to 5 digits used with ICD- 9- CM, but the format of the code sets is similar. ICD- 10- PCS is for use in U.S. inpatient hospital settings only. ICD- 10- PCS uses 7 alphanumeric digits instead of the 3 or 4 numeric digits used under ICD- 9- CM procedure coding. Coding under ICD- 10- PCS is much more specific and substantially different from ICD- 9- CM procedure coding. 51 Coding conventions for ICD- 9 and ICD- 10 remain the same that the code assigned must be assigned to the highest specificity possible. The following is an excerpt from the ICD- 10 coding guidelines ICD- 10- CM diagnosis codes are composed of codes with 3, 4, 5, 6 or 7 characters. Codes with three characters are included in ICD- 10- CM as the heading of a category of codes that may be further subdivided by the use of fourth and/or fifth characters and/or sixth characters, which provide greater detail. A three- character code is to be used only if it is not further subdivided. A code is invalid if it has not been coded to the full number of characters required for that code, including the 7th character, if Copyright 2012 William L. Malm, ND, CMAS & AAMAS

99 applicable. 52 An example of an ICD- 10 code is as follows: CD- 10 Code Structure: Characters 1-3 Category Characters 4-6 Etiology, anatomic site, severity, or other clinical detail Characters 7 Extension This is detailed in the example below from the ICD- 10- CM 2012 GEM table at While the U.S. is adapting and modifying the ICD- 10 version created by the World Health Organisation, the training offered by WHO is still very valuable. A full module training system can be found at: RESOURCE GUIDE AND CROSS REFERENCE Resource Guide HIPAA and ICD- 10 Implementation ledgerecap- ICD- 10- Summer2010.pdf Cross Reference: BOK 02: Assign / Validate ICD- 9- CM Codes Copyright 2012 William L. Malm, ND, CMAS & AAMAS

100 OUTPATIENT PROCEDURAL CODING: CPT & HCPCS LEVEL II Current Procedural Terminology (CPT) is a set of codes, descriptions, guidelines intended to describe procedures and services performed by physicians and other healthcare providers. Each procedure or service is identified with a five- digit code. 53 CPT coding guidelines state the following. Select the name of the procedure or service that accurately identifies the service performed. Do not select a CPT code that merely approximates the service provided. If no such specific code exists, then report the service using the appropriate unlisted procedure or service code.... Any service or procedure should be adequately documented in the medical record... Instructions typically included as parenthetical notes, which selected codes indicate that a code should not be reported with another code or codes. These instructions are intended to prevent errors of significant probability and are not all inclusive. 54 Located within the introduction and the section notes within CPT are the coding guidelines for CPT. Per Medicare, when assigning codes for procedures performed on Medicare beneficiaries the coder/ auditor should follow the intent of CPT. HCPCS Level II codes are the sole domain of the U.S. Government. However, coding guidance is provided by AHIMA. OTHER FORMS OF CODING GUIDANCE Beyond ICD, CPT, HCPCS coding regulatory bodies and payers provide their own additional coding guidance. Examples of this include Correct Coding Initiatives (CCI), Transmittals and coding guidance. 53 AMA CPT 2011, American Medical Association, p.x. Introduction 54 AMA CPT 2011, American Medical Association, p.x Introduction 100 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

101 NCCI: The CMS developed the National Correct Coding Initiative (NCCI) to promote national correct coding methodologies and to control improper coding leading to inappropriate payment in Part B claims. The CMS developed its coding policies based on coding conventions defined in the American Medical Association's CPT manual, national and local policies and edits, coding guidelines developed by national societies, analysis of standard medical and surgical practices, and a review of current coding practices. The CMS annually updates the National Correct Coding Initiative Coding Policy Manual for Medicare Services (Coding Policy Manual). Carriers and FIs should utilize the Coding Policy Manual as a general reference tool that explains the rationale for NCCI edits. Carriers implemented NCCI edits within their claim processing systems for dates of service on or after January 1, A subset of NCCI edits is incorporated into the outpatient code editor (OCE) for OPPS and therapy providers (Skilled nursing facilities (SNFs), comprehensive outpatient rehabilitation facilities (CORFs), outpatient physical therapy and speech- language pathology providers (OPTs), and home health agencies (HHAs) billing under TOBs 22X, 23X, 75X, 74X, 34X). The purpose of the NCCI edits is to prevent improper payment when incorrect code combinations are reported. The NCCI contains two tables of edits. The Column One/Column Two Correct Coding Edits table and the Mutually Exclusive Edits table include code pairs that should not be reported together for a number of reasons explained in the Coding Policy Manual. 55 It is important to see an important change in the way NCCI has functioned since As of April 1, 2012 the following instructions apply to CMS NCCI for Medicare. Since 1996 the Medicare NCCI procedure to procedure edits have been assigned to either the Column One/Column Two Correct Coding edit file or the Mutually Exclusive edit file based on the criterion for each edit. The Mutually Exclusive edit file included edits where two procedures could not be performed at the same patient encounter because the two procedures were mutually exclusive based on anatomic, temporal, or gender considerations. All other edits were assigned to the Column One/Column Two Correct Coding edit file. There are important upcoming changes to these files described below. In order to simplify the use of NCCI edit files, CMS will consolidate the two edit files into the Column One/Column Two Correct Coding edit file. Separate consolidations will occur for the two practitioner NCCI edit files and the two NCCI edit files used for OCE. This change will occur for practitioner NCCI edits in NCCI version 18.1 scheduled for April 1, After these changes occur, it will only be necessary to search the Column One/Column Two Correct Coding edit file Copyright 2012 William L. Malm, ND, CMAS & AAMAS

102 for active or previously deleted edits. Effective April 1, 2012, CMS will no longer publish a Mutually Exclusive edit file on its website for either practitioner or outpatient hospital services since all active and deleted edits will appear in the single Column One/Column Two Correct Coding edit file on each website. The edits previously contained in the Mutually Exclusive edit file are NOT being deleted but are being moved to the Column One/Column Two Correct Coding edit file. Practitioner NCCI - In NCCI version 18.1 for practitioners scheduled for April 1, 2012, all edits in the Mutually Exclusive edit file will be moved to the Column One/Column Two Correct Coding edit file with the same implementation and, if relevant, deletion date as the edits have in the mutually exclusive edit file. These edits are not being deleted from NCCI but are being moved to the Column One/Column Two Correct Coding edit file. The net result will be that the NCCI version 18.1 Column One/Column Two Correct Coding edit file will contain all active NCCI edits and deleted NCCI edits that previously were contained in the Mutually Exclusive and Column One/Column Two Correct Coding edit files. The CMS website will have a single Column One/Column Two Correct Coding edit file for practitioner NCCI. Outpatient NCCI used in OCE - Effective April 1, 2012 the change will be implemented on the CMS website where a single Column One/Column Two Correct Coding edit file will appear which will contain all active NCCI edits and deleted NCCI edits that previously were contained in the OPPS Mutually Exclusive and Column One/Column Two Correct Coding edit files. These edits are not being deleted from the OCE NCCI files but are being moved to the Column One/Column Two Correct Coding edit file. 56 Medicaid also utilizes NCCI in the correct coding initiative for that programme. Further information can be found at: Transmittals Medicare: Occasionally, Medicare, the OIG, and/or Medicaid provide additional guidance through the format of a transmittal on a particular coding issue. An example of this is Transmittal A covering the coding guidance for modifier 25 and Copyright 2012 William L. Malm, ND, CMAS & AAMAS

103 Medicare Administrative Contractor Coding Guidance: In addition to source guidance such as CPT, ICD- 9, HCPCS and transmittals, the MACs can provide additional coding guidance. This occurs when there is an area of confusion or noted continued errors. Sometimes this is published as an alert other times it is provided in an Ask the Contractor teleconference. The auditor should review these documents if performing Medicare audits within a specific region. Commercial / Managed Care Payer Guidance: 103 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

104 Individual payers also provide coding guidance. Generally, they tend to follow the guidelines as published by ICD- 9- CM, ICD- 10 and/or CPT/HCPCS however occasionally they provide additional guidance. If a payer auditor is conducting a client audit then this guidance must be followed per the contract with the client. If the contract is silent then Medicare regulations apply. One example is the Anthem Blue Cross Coding Compliance Program. Further information can be found at: wi Summary: In summation, there are different coding guidelines and different regulatory bodies specifying the guidelines. These are based on the type of payer (Federal, State, Commercial Payer) and patient status (inpatient or outpatient). The auditor must review and utilize the correct coding guidance. In some cases, especially the inpatient status proprietary software such as Milliman or Interqual, 3M grouper include the AHA coding clinics documentation. 3M encoders include CPT / HCPCS coding information. No matter what audit is being performed the coding guidance for the type of patient and payer must be strictly adhered to. 2B- 10 ASSIGN AND VALIDATE REVENUE CODES Revenue codes are the sole creation of the National Uniform Billing Committee and are copyrighted by NUBC... Revenue codes act as if they are cost centres within an imaginary hospital and allow insurance companies (including Medicaid and Medicare) and hospitals to more readily account for their costs. Additionally, CMS utilizes these codes, through a crosswalk to determine costs applied to the hospital s cost report. A revenue code is a four (4)- digit code usually utilizing a preceding zero. On most hard copy UB- 04 s the revenue code appears as a three- digit code, as the leading zero is not represented. It is important to note that for professional billing, (CMS 1500 form) the revenue code concept does not apply. While there are many proprietary revenue code manuals in the market place today there is only one source manual: The Revenue Code Specifications Manual by the National Uniform Billing Committee (NUBC). This manual is part of a yearly subscription to NUBC and can be found at When assigning revenue codes it is important to know your payer and the contracts that are in force. Many payers differ in the revenue code assignment, which they prefer, for the same service. Let s examine clinic billing as one example. Medicare requires revenue codes in the range of 051x when billing for clinic services. Additionally, Medicare states that the facility should utilize the revenue code that most represents the cost centre in which the expense occurred. Therefore, CPT codes within the range of through would be assigned the most specific revenue code for the area (in which the expense was incurred). In this case, if 104 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

105 the service was performed within an outpatient clinic then revenue code 0510 would be more appropriate than 0361 (minor surgery) or 0761 (treatment room) as the expense incurred was within a clinic department. While Medicare may want revenue code 0510 for this range of procedures a commercial payer such as Blue Cross may not reimburse for any procedure within this revenue code range. Therefore, they may require surgical procedures done in a clinic to be revenue code 0361 or 0761 or not reimburse at all. The revenue code concept is very payer dependent and it is essential that the facility auditor or practice auditor review the contract with each payer and note any specific revenue code assignments. In other areas such as general radiology there is a specific range of revenue codes such as 032x and in some cases specific CPT codes have a specific revenue code such as chest x- ray, which requires There are some specific HCPCS codes that are also linked to specific revenue codes for Medicare but potentially not for other payers. A good example of this is the J HCPCS codes for which Medicare requires revenue code 0636 (Drugs of Detail) as a general rule. It may be prudent to create a matrix that demonstrates the payor and the required revenue code per CPT. Below is a very brief example of a matrix performed, for a client, of a patient who had a Chest X- ray, Basic Metabolic Panel, EKG and a simple laceration repair performed within the general medicine outpatient department of a hospital. Note, that in some cases the revenue codes are the same however, in others the revenue code differs. A mapping of this concept on a broader spectrum would be recommended. CPT BC/BS Aetna Medicare Medicaid Revenue codes are copyrighted by National Uniform Billing Committee and the UB04 Specifications Manual containing the codes may be purchased from NUBC at Copyright 2012 William L. Malm, ND, CMAS & AAMAS

106 2B- 11 AUDIT BILLING / CLAIMS SYSTEMS FOR ACCURACY & TIMELINESS The actual billing system contains many modules that must interface in an integrated system and with human interventions. As a result there can be errors that originate from the mapping of the systems (see Core Domain on the Charge Description Master), timeliness of charge entry, automatic default dates within the system assigning the incorrect date. Because of the multiple facts involved in charging and ensuring clean claim submission internal audits are a necessity. Timeliness: Accurate billing for services relies upon timely charge capture. Late charges are a frequent occurrence within facilities and provider offices. Late charges generally represent a failure in the charge capture process and every late charge represents an opportunity for charge capture improvement. Most systems however, have a default charge date within the software. If the personnel entering the charges do not adjust the date the late charge may represent a date that is incorrect thereby failing on the claim. The worst- case scenario is that it passes the claim edits and misrepresents the charge date. Timeliness is something that should undergo a focused audit if there is evidence of significant volume or dollars that are resulting from late charges. Systems Interactions and Integration: Every facility has a number of inter- related computer systems that work in harmony to take charges to the claim. In order to understand this core domain we will diagram the process. Failure at any one of the above- diagrammed actions can result in inaccurate charges. Therefore, the audit must include testing at each of the above sites. One particular site of concern that can lead to a pattern of behaviour is between the ordering module and the chargemaster. Because charges utilizing the chargemaster for coding never have a human review they should be considered risk areas. Inaccurate CPT / HCPCS codes within the CDM can lead to a pattern of inaccurate billing. As long as the 106 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

107 CPT / HCPCS code is still a valid code no scrubber will catch this error. Therefore, the auditor will need to do a line- by- line audit testing each step. 1. Step 1 ensure that there is a valid order, signed, dated and having all required medical necessity present for the service ordered 2. Step 2 review the medical record and determine if all documentation is present that the test / services ordered was in fact rendered. a. Lab report b. Radiology report c. Nursing notes d. Physician documentation e. Rehabilitation Notes f. Operative Reports 3. Step 3 What or Who Assigned the CPT / HCPCS Procedure Code? a. HIM look for the pencil codes on the face sheet i. Look at encoder results or abstraction notes b. Charge Description Master (CDM) i. Review the description for the charge item ii. Review the revenue code iii. Review the HCPCS / CPT code iv. Review the mapping between the ordering system and the CDM v. Review any modifiers (CPT / HCPCS) vi. Review units of service 4. Step 4 review the Scrubber results were there errors a. If there were errors who corrected them and how was the correction made in the payer system and the hospital / physician office system or only in the payer system 5. Step 5 Claim a. Are all CPT / HCPCS / Revenue codes accurate b. Are the orders and documentation supportive of all charges c. Are the dates of service correct d. Are modifiers applied accurately e. Did the medical necessity pass the NCD/LCD or payer medical necessity requirements f. If pre- authorization was required was it obtained 6. Step 6 Feedback a. While not on the above diagram the feedback loop is essential. b. If there was an error noted was it documented as to the cause? c. Have the appropriate personnel been informed of the error? d. If the error resulted in an overpayment was the credit balance resolved or the overpayment repaid to the insurance company or MAC / Medicaid. e. If there was an error was it a singular incident or was the finding part of a larger issue 107 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

108 f. Were proper notifications of audit findings made i.e. compliance department, legal services. In summary, the auditor will need to test the system and ensure that charges are entered punctually. Errors or inconsistencies noted will need to be addressed in the audit report, exit interview or appropriate internal staff. 2B- 12 CONDUCT FOCUSED AND TARGET AUDITS A targeted or focused review is an audit isolating one or two circumscribed issues and testing /examining data to arrive at a conclusion. A targeted audit can be created for any concern or randomly. For example, we know that the RACs review specific known issues. Reviewing Region C Connolly Consulting we find an approved issue for the drug named Adenosine. Using this example we can use the data provided by Connolly to perform an internal audit of patients receiving adenosine. Connolly Consulting provides the following: 57 A hospital auditor could perform an internal audit of this issue by taking the following steps: 1. Isolate all patients receiving Adenosine (J0150) on a claim or pre- bill chargemaster charge Copyright 2012 William L. Malm, ND, CMAS & AAMAS

109 2. Randomize the total universe by taking the current month (for example December) and choose every Nth record. (For December then chooses every 12 th record, for February chooses every 2 nd record, for June choose every 6 th record etc...) 3. Evaluate the record by looking at the order, the medication administration record, nursing notes and make sure that Adenosine was ordered and given 4. Evaluate the claim to ensure the units of service are correct (one unit =6mg delivered) By using the above example any auditor can conduct a targeted or focused audit. OIG TARGETED AUDITS The Office of Inspector General creates targeted audits on suspected or known issues. Frequently these audits are direct extensions of their yearly work plan. For example, Neulasta was targeted prior to becoming an approved issue for the RACs by the OIG. Therefore, a payer auditor, hospital and/or physician auditor could conduct a similar audit internally based on the overview approach of the OIG. Targeted audits by the OIG do predict forthcoming MAC and/or RAC audits as many of their findings result in these issues being approved for RAC audits. INDIAN HEALTH TARGETED AUDITS 109 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

110 While individual auditors can create an audit for a client- defined issue so can payers. One example is the Indian Health audits of diabetes. This medical condition is a true health risk for Native Americans and Indian Health audits to see progress toward efficient management. The following is an example of a payer specific target audit. 110 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

111 111 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

112 As noted in this audit there is two methods to collect data, manual and electronic. These intake assessment forms collect data targeted at diabetes. As noted in the overview, this will allow facilities to identify areas of improvement and implement strategies to work towards the goal of providing all diabetes patients with the highest quality of care. The following page demonstrates the manual assessment form. The electronic form for collecting medical record data is very similar all focused on providing relevant data to assist in improving diabetes care management within a facility Copyright 2012 William L. Malm, ND, CMAS & AAMAS

113 113 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

114 In summary, targeted or focused audits can be created for clinical reasons, claim management, medical necessity or any other identified issue. Payers frequently perform what is known as a high dollar audit. These are focused on claims that involve high dollar care. The audits can be performed by the payer, the facility or an independent auditor. The result is to ensure that the payer has reimbursed accurately and has not overpaid for services rendered. MACs and the OIG also perform high dollar claims reviews. Finally, Medicare has a concept called Focused Medical Review. Many times Medicare and/or its contractor (MAC, FI, and Carrier) will note a pattern of behaviour that indicates a potential billing concern by the provider. When the provider is placed on Focused Medical Review no reimbursement is provided until the contractor reviews the patient medical record. This can result in significant dollars being suspended for the provider until they are released from this type of focused audit. An example of this type of audit is the pre- payment review of gonioscopy in ophthalmology. 2B- 13 WRITE AUDIT REPORT USING STANDARD FORMAT Audit reports portray the objective, approach, tools, findings and recommendations. While each auditor may have a slightly separate template most audit reports remain consistent within the healthcare industry and throughout other industries as well. The GAO G Government Auditing Standards (Yellow Book) provides the following guidance for audit reports. The sections are taken directly below (section Report Contents: 8.08: Auditors should prepare audit reports that contain i) the objectives, scope, and methodology of the audit; ii) the audit results, including findings, conclusions, and recommendations, as appropriate; iii) a statement about the auditors compliance with GAGAS; iv) a summary of the views of responsible officials; and v) if applicable, the nature of any confidential or sensitive information omitted. Objectives, Scope and Methodology: 8.09: Auditors should include in the report a description of the audit objectives and the scope and methodology used for addressing the audit objectives. Report users need this information to understand the purpose of the audit, the nature and extent of the audit work performed the context and perspective regarding what is reported, and any significant limitations in audit objectives, scope, or methodology. 8.10: Audit objectives for performance audits may vary widely. Auditors should communicate audit objectives in the audit report in a clear, specific, neutral, and unbiased manner that includes relevant assumptions, including why the audit organization undertook the assignment and the 114 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

115 underlying purpose of the audit and resulting report. When audit objectives are limited and broader objectives can be inferred by users, stating in the audit report that certain issues were outside the scope of the audit can avoid potential misunderstanding. 8.11: Auditors should describe the scope of the work performed and any limitations, including issues that would be relevant to likely users, so that they could reasonably interpret the findings, conclusions, and recommendations in the report without being misled. Auditors should also report any significant constraints imposed on the audit approach by information limitations or scope impairments, including denials of access to certain records or individuals. 8.12: In describing the work conducted to address the audit objectives and support the reported findings and conclusions, auditors should, as applicable, explain the relationship between the population and the items tested; identify organizations, geographic locations, and the period covered; report the kinds and sources of evidence; and explain any significant limitations or uncertainties based on the auditors overall assessment of the sufficiency and appropriateness of the evidence in the aggregate In reporting audit methodology, auditors should explain how the completed audit work supports the audit objectives, including the evidence gathering and analysis techniques, in sufficient detail to allow knowledgeable users of their reports to understand how the auditors addressed the audit objectives. When the auditors used extensive or multiple sources of information, the auditors may include a description of the procedures performed as part of their assessment of the sufficiency and appropriateness of information used as audit evidence. Auditors should identify significant assumptions made in conducting the audit; describe comparative techniques applied; describe the criteria used; and, when sampling significantly supports the auditors findings, conclusions, or recommendations, describe the sample design and state why the design was chosen, including whether the results can be projected to the intended population. Report Findings: 8.14 In the audit report, auditors should present sufficient, appropriate evidence to support the findings and conclusions in relation to the audit objectives. Clearly developed findings, as discussed in paragraphs 7.72 through 7.76, assist management or oversight officials of the audited entity in understanding the need for taking corrective action. If auditors are able to sufficiently develop the elements of a finding, they should provide recommendations for corrective action if they are significant within the context of the audit objectives. However, the extent to which the elements for a finding are developed depends on the audit objectives. Thus, a finding or set of findings is complete to the extent that the auditors address the audit objectives Auditors should describe in their report limitations or uncertainties with the reliability or validity of evidence if (1) the evidence is significant to the findings and conclusions within the context of the audit objectives and (2) such disclosure is necessary to avoid misleading the report users about the findings and conclusions. As discussed in chapter 7, even though the auditors may 115 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

116 have some uncertainty about the sufficiency or appropriateness of some of the evidence, they may nonetheless determine that in total there is sufficient, appropriate evidence given the findings and conclusions. Auditors should describe the limitations or uncertainties regarding evidence in conjunction with the findings and conclusions, in addition to describing those limitations or uncertainties as part of the objectives, scope, and methodology. Additionally, this description provides report users with a clear understanding regarding how much responsibility the auditors are taking for the information Auditors should place their findings in perspective by describing the nature and extent of the issues being reported and the extent of the work performed that resulted in the finding. To give the reader a basis for judging the prevalence and consequences of these findings, auditors should, as applicable, relate the instances identified to the population or the number of cases examined and quantify the results in terms of dollar value, or other measures, as appropriate. If the results cannot be projected, auditors should limit their conclusions appropriately Auditors may provide selective background information to establish the context for the overall message and to help the reader understand the findings and significance of the issues discussed. When reporting on the results of their work, auditors should disclose significant facts relevant to the objectives of their work and known to them which, if not disclosed, could mislead knowledgeable users, misrepresent the results, or conceal significant improper or illegal practices Auditors should report deficiencies in internal control that are significant within the context of the objectives of the audit, all instances of fraud, illegal acts unless they are inconsequential within the context of the audit objectives, significant violations of provisions of contracts or grant agreements, and significant abuse that have occurred or are likely to have occurred. Deficiencies in Internal Control: 8.19 Auditors should include in the audit report (1) the scope of their work on internal control and (2) any deficiencies in internal control that are significant within the context of the audit objectives and based upon the audit work performed. When auditors detect deficiencies in internal control that are not significant to the objectives of the audit, they may include those deficiencies in the report or communicate those deficiencies in writing to officials of the audited entity unless the deficiencies are inconsequential considering both qualitative and quantitative factors. Auditors should refer to that written communication in the audit report, if the written communication is separate from the audit report. Determining whether or how to communicate to officials of the audited entity deficiencies that are inconsequential within the context of the audit objectives is a matter of professional judgment. Auditors should document such communications In a performance audit, auditors may conclude that identified deficiencies in internal control that are significant within the context of the audit objectives are the cause of deficient performance of the program or operations being audited. In reporting this type of finding, the internal control deficiency would be described as the cause. 116 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

117 Fraud, Violations of Contract or Abuse: 8.21 When auditors conclude, based on sufficient, appropriate evidence, that fraud, illegal acts, significant violations of provisions of contracts or grant agreements, or significant abuse either has occurred or is likely to have occurred, they should report the matter as a finding When auditors detect violations of provisions of contracts or grant agreements, or abuse that are not significant, they should communicate those findings in writing to officials of the audited entity unless the findings are inconsequential within the context of the audit objectives, considering both qualitative and quantitative factors. Determining whether or how to communicate to officials of the audited entity fraud, illegal acts, and violations of provisions of contracts or grant agreements, or abuse that is inconsequential is a matter of the auditors professional judgment. Auditors should document such communications When fraud, illegal acts, violations of provisions of contracts or grant agreements, or abuse either have occurred or are likely to have occurred, auditors may consult with authorities or legal counsel about whether publicly reporting such information would compromise investigative or legal proceedings. Auditors may limit their public reporting to matters that would not compromise those proceedings, and for example, report only on information that is already a part of the public record. Conclusions: 8.27 Auditors should report conclusions, as applicable, based on the audit objectives and the audit findings. Report conclusions are logical inferences about the program based on the auditors findings, not merely a summary of the findings. The strength of the auditors conclusions depends on the sufficiency and appropriateness of the evidence supporting the findings and the soundness of the logic used to formulate the conclusions. Conclusions are stronger if they lead to the auditors recommendations and convince the knowledgeable user of the report that action is necessary. Recommendations: 8.28 Auditors should recommend actions to correct problems identified during the audit and to improve programs and operations when the potential for improvement in programs, operations, and performance is substantiated by the reported findings and conclusions. Auditors should make recommendations that flow logically from the findings and conclusions, are directed at resolving the cause of identified problems, and clearly state the actions recommended Effective recommendations encourage improvements in the conduct of government programs and operations. Recommendations are effective when they are addressed to parties that have the 117 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

118 authority to act and when the recommended actions are specific, practical, cost effective, and measurable. 59 The above statements were taken verbatim from Yellow Book at: While the above citation is specific to U.S. Government audits the contents remain similar across auditors. NHS Shetland has published their clinical audit manual. They bring up further concerns, which focus on the audience, what is trying to be portrayed and conclusions. They divide the audit report into: 1. Background 2. Aims and Objectives 3. Standards 4. Methodology 5. Results a) Charts, flow sheets 6. Conclusions The audit report can be found at: Finally, an audit template that can be customised. Many of these can be downloaded off the Internet and customised to your particular need. reports/audit- report- template.html. In summation there are crucial components that should be presented within the audit report. In order to ensure consistency in all audits performed, the institution, payer, provider or 3 rd party audit firm should design and utilize a template to fairly and accurately provide the end user with a dynamic document that provides the end user with information to correct / improve processes. 2B- 14 DEVELOP PRE- AUDIT PROCEDURES AND TOOLS Mr. Brian Payne, in his article within ACCA magazine, stated the importance of audit planning. Students of auditing often overlook the importance of 'planning' as part of the audit process Initial audit planning takes place before the detailed audit work begins, and in planning for a specific audit assignment an auditor must adopt a strategy with regard to the nature, timing and extent of the audit work to be carried out. The objectives of the plan are to ensure that: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

119 appropriate attention is devoted to the different areas of the audit; potential problems are identified; audit review is facilitated. 60 The University of West Virginia, on their website, provides a very clear definition and purpose to the audit planning function. Planning In the planning phase the Internal Auditor establishes clear- cut audit objectives to avoid aimless investigations into insignificant areas. In addition, the Internal Auditor prepares estimates of the resources necessary to achieve the objectives and determines the audit techniques to be used. West Virginia University Internal Audit utilizes three steps to complete this phase of the audit project: Entrance Conference, Preliminary Survey, and an Audit Planning Memorandum. Entrance Conference Representatives of the WVU Internal Audit Office meet with client management before the audit fieldwork begins to discuss the audit objectives, approximate duration of the audit, workspace requirements for the audit team, and the audit report process. Client management is asked to designate a primary contact person from their staff to assist the audit team and to answer questions that might arise. Client management is also encouraged to use this opportunity to identify special concerns that should be included in the audit planning and to inform the auditors about any special time constraints that must be observed during the audit. It is the goal of the WVU Internal Audit Office to minimize the amount of disruption to on- going departmental activities as a result of the audit process. However, some disruption will occur and it is best to plan for it during this phase of the audit. Representatives from client management attending this meeting usually include the Dean or Director, Chairperson or Department Heads, and Business Managers. Preliminary Survey This is a general information- gathering process used by the Internal Auditor to obtain an overview of the client s operations, practices, and policies. The information gathered in this step is generally from discussions with departmental personnel, and reviews of reports and files maintained in the department. The survey process can take from several days to several weeks depending on the audit objectives, availability of records and the Internal Auditor prior understands of the department s operations. The Internal Auditor uses this information to refine the audit objectives and the audit procedures required to accomplish them. This step is very important because it determines the direction that the audit fieldwork will take. Planning Memorandum The planning memorandum presents the Internal Auditor s understanding of the function(s) to be audited, the objectives of the project, the audit procedures Copyright 2012 William L. Malm, ND, CMAS & AAMAS

120 to be used to accomplish the objectives, a budget of resources needed, any special aspects to be considered, the period to be audited, and departmental audit contacts. This document is shared with the client and serves as a formal understanding between the client and the WVU Internal Audit Office as to the scope and objectives of the examination. In some special purpose audits this phase of the audit process is excluded. 61 All references, audit manuals designate the planning process as an opportunity to select the reason for the audit, ensure that the correct skill set is present in the auditor, communicate with the parties being audited and submitting a data request letter that will request the necessary documents to be audited. All auditors should pay special attention to this phase of the audit. Failure to have concise and thoughtful planning can lead to additional resource consumption, delays in performing the audit or incomplete / incorrect documentation. For healthcare audits, at a minimum, the following must be addressed 1. Objective / Deliverable 2. Scope of the Audit 3. Communication with clients as to data requirements (usually through a document request letter) 4. Timing 5. Required resources 6. Specifics on when field testing will begin 7. Expected completion of the audit. 2B- 15 USE STATISTICALLY GENERATED AUDIT SAMPLES Statistical samples are frequently required for specific types of audits. For example, for voluntary self- disclosures a statistically valid sample will be required to calculate the repayment to Medicare. The OIG uses a statistical method known as RAT- Stats. This is a free program that can be downloaded from: RAT- STATS is the primary statistical audit tool used by the Office of Audit Services. Developed by the Regional Advanced Techniques Staff (RATS) in San Francisco, it has been used by the Office of Inspector General since the early 1970s. AuditNet.org provides other discussions on the requirement for statistical sampling and methods to do so. Auditnet.org recommends the Arkins Handbook of Sampling for Auditing and Accounting. Auditnet.org published a document How to Use Statistical Sampling. In this Internet manuscript they provide a number of reasons why statistical sampling can be required and crucial to a defendable outcome. Some of the benefits of statistical sampling are stated to be: The sample is objective and defensible Copyright 2012 William L. Malm, ND, CMAS & AAMAS

121 Provides a method of knowing in advance the universe and the maximum sample size Provides an estimate of risk that the sample may not represent the entire population due to sampling variations. Can be more accurate than 100% review of all items in a large sample Saves time and money Objective review of the test results is possible 62 Without a statistician readily available the determination of the statistical can be difficult. However, there are a number of statistical sampling software packages available to the end user. One free template can be found at: Within this template you determine the statistical accuracy and total universe and define the sample size for you. An example is within the screen view below. 63 Other references regarding the sampling can be found at: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

122 2B- 16 POST AUDIT CONFERENCE AND DISCUSSION According to the Texas Workforce Audit Manual (on- line) the post audit conference should address specific topics. During the post audit conference the Auditor must explain to the employer or the employer's designated representative not only the audit results, but also any other changes, which must be made to comply with state reporting requirements. 64 In terms of a hospital or provider audit conference the same methodology will apply. However, the discussion points will be regarding audit results as they pertain to medical necessity, documentation, payer guidelines, NCD / LCD findings, overpayments and underpayments identified. If the post audit conference were being held between a payer and a facility the discussion would involve payer audit findings, variations from payer guidelines creating overpayments or underpayments by the payer. Again, similar to the hospital audit conference the payer auditor may discuss failures in documentation, procedural coding errors resulting in payment variance and potentially utilization concerns based on practice patterns. The post audit conference and discussion is essential as it allows all parties to explore the findings and to accept or reject some of the findings or request additional information. At the University of Oklahoma their internal audit group published the following in their manual. All audits with concerns and recommendations are required to have a Post- Audit Review. The post- audit review process is intended to ensure that management has addressed all recommendations included in the Audit Report. The Post- Audit Review takes place soon after the agreed implementation deadline to which management has committed in the management response. During the review, Internal Audit tests the effective implementation of each audit recommendation. If recommendations have not been satisfactorily addressed, a second Post- Audit Review is scheduled. This process continues with successive Reviews until either the recommendation has been implemented or the circumstances giving rise to the concern have changed. The results of each Post- Audit Review are summarized in a memorandum that is sent to every member of the Board of Regents and to the President, appropriate vice president, dean, and unit head. 65 From multiple sources the purpose of this meeting should be defined prior to the meeting. The goal should be to discuss findings and review concerns planning for corrective action(s) as necessary html 122 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

123 2B- 17 CONDUCT EXIT INTERVIEW According to the University of Oklahoma Audit Standards, An exit conference is held to discuss the results of the completed audit and any concerns that have arisen...the exit conference provides an opportunity to resolve any question the audit client may have about the concerns raised and to address any other issues before the Audit Report is finalized. 66 New Hampshire Blue Cross/Blue Shield provides this definition of the exit interview and its purpose. An exit interview will be offered to the hospital during which written preliminary audit findings will be presented. The preliminary report will list charges for unsupported services, underbilled services, late billing, as well as charges for which further clarification or supporting documentation is required. At the completion of the exit interview a written audit finalization form will be generated and signed by Anthem, or its designee, and the hospital representative agreeing to the audit findings. The hospital may exercise its option to conduct further research into any charges in question and to present supporting documentation within 30 calendar days of the completion of the audit. All audit findings will stand if the hospital fails to provide supporting documentation or to communicate agreement with the audit findings within this 30 day timeframe. 67 For hospital auditors, the same principles apply when performing internal audits. The hospital auditor should conduct an exit interview with interested parties. For example, a focused audit is performed within interventional radiology. Once the examination of the claims and supporting documentation have been evaluated and findings are ready for presentation the auditor should have an exit interview with the Director of the department, appropriate clinical (physicians, nurses) personnel and finance to ensure that the findings are fully addressed. Similarly, if the auditor were retained to evaluate inpatient records for medical necessity and report the findings to the Chief Medical Officer the exit interview would be an essential component. In this exit interview the auditor would present findings, discuss practice pattern concerns, and recommend corrective action. The exit interview is the auditor s opportunity to affect change in the process but providing accurate findings and effective correction action steps. 2B- 18 REVIEW / AUDIT ACCURACY OF CMS 1500 The CMS form is the standard claim form used by a non- institutional provider or supplier to bill Medicare carriers and durable medical equipment regional carriers (DMERCs) when a provider qualifies html Copyright 2012 William L. Malm, ND, CMAS & AAMAS

124 for a waiver from the Administrative Simplification Compliance Act (ASCA) requirement for electronic submission of claims. It is also used for billing of some Medicaid State Agencies. Please contact your Medicaid State Agency for more details. The National Uniform Claim Committee (NUCC) is responsible for the design and maintenance of the CMS form. CMS does not supply the form to providers for claim submission 68 The National Uniform Claim Committee offers resources on their website at: The auditor must follow the NUCC instructions for completion when auditing the claim. Like the UB- 04 the CMS form has specific fields that in total paint a picture to the payer of the medical necessity as well as the actual services rendered. The full instructions manuals can be obtained at: CMS also provides a fact sheet, which can be obtained at: _fact_sheet.pdf. Ultimate instruction for completion is the Medicare Claims Processing Manual, chapter 26. ( CMS provides the following information on the 1500 form. Within this chapter there are specific guided instructions relating to each field. While these are generally the same as commercial payers there may be a few minor differences. Therefore, when submitting a 1500 form to Medicare follows all instructions within the Medicare Claims Processing Manual, Chapter 26. The Form CMS answers the needs of many health insurers. It is the basic form prescribed by CMS for the Medicare and Medicaid programs for claims from physicians and suppliers. It has also been adopted by the TRICARE Program and has received the approval of the American Medical Association (AMA) Council on Medical Services. Many payers use the 1500 form. These are Medicare, Medicaid, Commercial, Managed Care payers, DME and medical suppliers. This form is never used for hospital technical billing as the UB- 04 was designed for that purpose. On the AAMAS website there is an interactive 1500 form that is provided by NHIC. This is a very useful tool when auditing as each field provides instructions when the field is hovered over with the mouse. This tool can be found at: The following pages were taken directly from the Blue Cross / Blue Shield of Minnesota instructions for completing the CMS form. The complete instruction manual can be found at: t71a_ pdf Copyright 2012 William L. Malm, ND, CMAS & AAMAS

125 125 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

126 126 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

127 127 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

128 128 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

129 When auditing the 1500 form each field must be reviewed based on source data. Eligibility can frequently be an issue to the demographic section of the 1500 must be compared to source data such as driver s licenses, client utility bills or other document supporting the demographics. Other essential lines that need to be audited are the lines for the referring physician and the operating physician. Finally, the diagnosis code must be present and supported with medical record documentation. We will review the line by line audit more in other areas of this document. 2B- 19 ASSIGN & VALIDATE CPT CODES OVERVIEW OF CPT CODING CPT (codes) is short for Current Procedural Terminology and is the sole domain of the American Medical Association (AMA). Please note that CPT codes are copyrighted. Before we begin discussing CPT we need to review a few coding basics. There are two types of codes used in billing. The diagnosis codes (ICD- 9 / ICD- 10), which provide the reason for the test, service, or procedure. It is the diagnosis code which as provided by the physician provides the medical necessity... The CPT and/or HCPCS Level II codes describe the actual service or what was done. The diagram below illustrates the levels of procedural coding used in reimbursement today. As you will note CPT is the foundation. The higher level codes exist to replace a CPT code and generally provide more specificity. The HCPCS II codes, (which are maintained and distributed by CMS), are primarily used to more fully describe products, drugs, supplies, etc. For example, Medicare OPPS uses the HCPCS II codes of G0431 and G0434 to describe drug screens. Corresponding CPT codes, for drug screens, are and The CPT codes have a slightly different description from that of the HCPCS description, which impacts the way in which this same service is billed for Medicare versus other payers. LEVEL III HCPCS CODES LEVEL II HCPCS CODES (ALPHA- NUMERIC) CPT LEVEL I HCPCS CODES (NUMERIC) 129 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

130 CPT is a five digit numeric code that represents procedures performed within body systems or techniques. The book is organized into sections and each section has coding guidelines which provide the overall requirements for coding within that section. These guidelines are mandatory and must be followed when selecting the CPT code to best represent the procedure. Additionally, at the beginning of the book is an Introduction which provides instructions for the use of the CPT codebook, format of terminology, guidelines, discussions of add- on codes and modifiers and other essential information. As an auditor that section of your book should be reviewed and important concepts identified to ensure appropriate code selection. The most important guideline in selecting a code is included within this introduction to the codebook. Select the name of the procedure or service that accurately identifies the service performed. Do not select a CPT code that merely approximates the service provided. If no such specific code exists, then report the service using the appropriate unlisted procedure or service code. 69 CPT SECTIONS The surgical section is organized by body system and is generally considered to be all codes through 6999X. The following list represents the code sections: Anaesthesia Integumentary System Musculoskeletal System Respiratory System Cardiovascular System Hemic and Lymphatic/Mediastinum and Diaphragm Systems Digestive System Urinary System Male Genital System Reproductive System Female Genital System/Maternity Care and Delivery Endocrine System Nervous System Eye and Ocular Adnexa Auditory System Outside the Surgery system we find the remainder of the codes dedicated to ancillary services, management services and medical procedures. These sections are as follow: 69 CPT 2011 Professional Edition, American Medical Association, p. x. 130 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

131 Radiology Pathology and Laboratory Medicine Evaluation & Management Finally there are two additional sections known as Category II and Category III codes. These are for new procedures / technology and reporting of quality issues. Only the Category III codes may be used by a facility as the Category II is reserved for physicians / practitioners. The Category II codes are for performance measurement that will allow for the decrease in record abstraction. They all have four numbers followed by the letter F (ex. 0545F) Category III codes are a set of temporary codes for emerging technology, procedures or services. These all end with the letter T. (Ex: 0030T). Both category II and category III codes are less common than the standard CPT range of UNDERSTANDING CPT Whether you use software or proprietary documentation we always recommend that the CPT codebook be part of your toolkit and placed into your yearly budget for purchase. At this point we will examine how to read the codebook, as published by the AMA. The complete description on how to read the codebook is found within the introduction to the book. We recommend you read this section in its entirety and ensure your complete understanding to be able to accurately assign codes. The first concept that must be mastered is the format of the terminology The codes are not printed in their entirety but some refer back to the common portion of the procedure listed in the preceding entry. The common portion of the code is found prior to the semi- colon (;) and the rest of the code is found after the common portion. An example is as illustrated in the instructions for an arthrotomy. Example: Arthrotomy, wrist joint; with biopsy with synovectomy 70 ADD- ON CODES Add- on codes are codes that are commonly performed in addition to the primary procedure. These are designated within the book but a plus sign (+) and a comprehensive list of these codes can be found within Appendix D of the CPT book. Add- on codes may never be reported by themselves and must always have the primary procedure also coded and charged. When auditing, missing add- on codes can 70 Current Procedural Terminology (CPT) 2011, American Medical Association, p.x 131 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

132 represent significant lost revenue if they are not coded in addition to the primary procedure when performed. MODIFIER CONCEPT Modifier provides the means to report or indicate that a service or procedure that has been performed has been altered by some specific circumstance but not changed in its definition or code... Modifiers may be used to indicate to the recipient of a report that A service or procedure had both a professional and technical component Service or procedure was performed by more than one physician and/or in more than one location Service or procedure was increased or reduced Only part of a service was performed An adjunctive service was performed A bilateral procedure was performed A service or procedure was provided more than once Unusual events occurred. 71 These modifiers are divided into professional service modifiers, (MD, DO, NP, PA- C, PT, OT etc...) and technical modifiers for the facility. These modifiers are listed on the inside cover of the CPT book and divided into professional and technical (hospital) modifiers. The following are some selected modifiers as an example but do not constitute an exhaustive list. We recommend that you reference the inside cover of the CPT codebook. 25 Significant, separately identifiable evaluation and management service by the same physician on the same day of the procedure or other service. 50 Bilateral procedure 59 Distinct procedural service 73 Discontinued outpatient procedure prior to anaesthesia administration (hospital only) 74 Discontinued outpatient procedure after anaesthesia administration (hospital only) 26 Professional component (Professional only) 80 Assistant surgeon (professional only) These are appended to the primary procedure code which is requiring modification. For example a procedure such as a laceration repair is performed in addition to an evaluation and management service. Therefore, the correct coding would append modifier 25 to the evaluation / management code such as Current Procedural Terminology (CPT) 2011, American Medical Association, p.x 132 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

133 TIME BASED CPT CODES Time is considered as face- to- face time with the physician or staff (hospital). A unit of time can only be achieved when the mid- point has been passed. So for example, if an hour is to be charged then there must be documentation that the face- to- face time of 31 minutes has passed. Two hours would require 91 minutes and so on and so forth. As auditors time is a significant issue in most denials or request for additional documentation. Time is frequently at the centre of audit challenges and this element of CPT must be understood and utilized as part of the audit process. ASSIGNMENT OF CPT CODES As will be discussed in other areas of this manual, the assignment of CPT codes can be performed in one of two fashions. These are known as soft coding and hardcoding methods. Soft coding is when the coding professional reviews the medical record and chooses the code based on the documentation and medical necessity with the individual patient record. This method is time consuming and requires human intervention throughout the selection process. This method is generally employed where there is variability, within the procedures, such that two people may perform it differently or the approach is different. A good example is a hernia repair. There are many different CPT codes depending on the actual procedure. CPT is for an initial repair, incisional or ventral hernia: reducible whereas, CPT code is for the same repair, but describes the hernia as incarcerated or strangulated. CPT code is for a hernia repair that is recurrent, (versus initial ), but reducible. Only the medical record will be able to define these differences and, therefore, most surgical records will only employ the soft coding assignment of the CPT code. The range of codes within the codebook that lend themselves to soft coding are: o Surgery 99, xxx Evaluation / Management, Consultations, Visits Hardcoding is a method whereby the charge description master (CDM) places the procedure code (CPT / HCPCS) on the claim, in an automated fashion, based upon the chargemaster line, (description of service/item), selected on the front end. In this case, there is no review of the medical record and the hardcoding assumes that all documentation is present to support the procedure code at the time the item is charged. This method, as will be discussed further under the CDM section, is truly reserved for procedures that never vary in approach and are identical no matter where it is performed. An example of hardcoding is for an EKG- 12 lead tracing, (CPT 93005). No matter where in the facility, office or agency this is performed the same methodology and outcome is achieved which is a printout of the rhythm of the heart 12 leads. Another example is for a chest x- ray, 1 view; no matter who performs the procedure or where it is performed the result is always a 1v chest. CPT codebook sections lending themselves to hardcoding are: o 70,xxx Radiology 133 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

134 o o 80,xxx Laboratory 90,xxx Medicine 2B- 20 ASSIGN AND VALIDATE APC CODES APC s originated from the Balanced Budget Act of 1997 and became effective April 1, Ambulatory Payment Classification (APC) refers to the method in which hospital charges, not physicians, are reimbursed under the Medicare Outpatient Prospective Payment System (OPPS). Each CPT/HCPCS code is assigned to an APC, which is a grouping of clinically homogenous procedures. To ensure that the grouping is accurate and not including tests, procedures or services outside of that grouping, OPPS has created the two- times rule. Section 1833(t)(2) of the Act provides that subject to certain exceptions, the items and services within an APC group cannot be considered comparable with respect to the use of resources if the highest median cost (or mean cost as elected by the Secretary) for an item or service in the group is more than two (2) time greater than the lowest median cost (or mean cost) for an item or service within the same group (referred to as the 2 times rule) 72 STATUS INDICATORS Each CPT and/or HCPCS code is assigned to an APC group and a status indicator designates the grouping. Each year OPPS is updated and an appendix within the final rule provides a complete listing of status indicators. This addendum is generally labelled D1. Status Indicator Item/Code/Service Services furnished to a hospital outpatient that are paid under a fee schedule or payment system other than OPPS for example: OPPS Payment Status Not paid under OPPS. Paid by fiscal intermediaries/macs under a fee schedule or payment system other than OPPS A Ambulance Services Clinical Diagnostic Laboratory Services Non- Implantable Prosthetic & Orthotic Devices EPO for ESRD Patients Physical, Occupational, and Speech Therapy Routine Dialysis Services for ESRD Patients Provided in a Certified Dialysis Unit of a Hospital Diagnostic Mammography Screening Mammography Not subject to deductible or coinsurance Not subject to deductible Status Item/Code/Service OPPS Payment Status 72 Federal Register, Vol. 75, No.226, November 24, 2010, Rules and Regulations, p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

135 Indicator B Codes that are not recognized by OPPS when submitted on an outpatient hospital Part B bill type (12x and 13x). Not paid under OPPS. May be paid by fiscal intermediaries/macs when submitted on a different bill type, for example, 75x (CORF), but not paid under OPPS. An alternate code that is recognized by OPPS when submitted on an outpatient hospital Part B bill type (12x and 13x) may be available. C Inpatient Procedures Not paid under OPPS. Admit patient. Bill as Inpatient D Discontinued Codes Not paid under OPPS or any other Medicare Payment System. Items, Codes, and Services: Not paid by Medicare when submitted on outpatient claims (any outpatient bill type.) That is not covered by any Medicare outpatient benefit based on statutory exclusion. That is not covered by any Medicare outpatient benefit for reasons other than statutory E exclusion. That are not recognized by Medicare for outpatient claims but for which an alternate code for the same item or service may be available. For which separate payment is not provided on outpatient claims. F Corneal Tissue Acquisition, Certain CRNA services and Not paid under OPPS. Paid on reasonable cost Hepatitis B Vaccines G Pass - Through Drugs and Biologicals Paid under OPPS, separate APC Payment H Pass Through Device Categories Separate cost- based pass- through payment; not subject to copayment. K Nonpass- Through Drugs and Nonimplantable Biologicals, Including Therapeutic Radiopharmaceuticals Paid under OPPS, separate APC payment L Influenza Vaccine; Pneumococcal Pneumonia Vaccine Not paid under OPPS. Paid at reasonable cost; not subject to deductible or coinsurance. M Items and Services Not Billable to the Fiscal Intermediary/MAC Not paid under OPPS Status Indicator Item/Code/Service OPPS Payment Status 135 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

136 N Items or services packaged into APC rates Paid under OPPS; payment is packaged into payment for other services. Therefore, there is no separate APC payment. P Partial Hospitalization Paid under OPPS, per diem APC payment. Status Item/Code/Service OPPS Payment Status Indicator Q1 STVX- Packaged Codes Paid under OPPS; Addendum B displays APC assignments when services are separately payable. (1) Packaged APC payment if billed on the same date of service as a HCPCS code assigned status indicator S, T, V, or X. (2) In all other circumstances, payment is made through a separate APC payment. Q2 T- Packaged Codes Paid under OPPS; Addendum B displays APC assignments when services are separately payable. (1) Packaged APC payment if billed on the same date of service as a HCPCS code assigned status indicator T. (2) In all other circumstances, payment is made through a separate APC payment. Q3 Codes that may be paid through a composite APC Paid under OPPS; Addendum B displays APC assignments when services are separately payable. Addendum M displays composite APC assignments when codes are paid through a composite APC. (1) Composite APC payment based on OPPS composite- specific payment criteria. Payment is packaged into a single payment for specific combinations of service. (2) In all other circumstances, payment is made through a separate APC payment or packaged into payment for other services. 136 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

137 Status Item/Code/Service OPPS Payment Status Indicator R Blood and Blood Products Paid under OPPS, Separate APC payment S Significant Procedure, Not discounted when multiple Paid under OPPS, Separate APC payment T Significant Procedure, Multiple Reduction Applies Paid under OPPS, Separate APC payment U Brachytherapy Services Paid under OPPS, Separate APC payment V Clinic or Emergency Department Visit Paid under OPPS, Separate APC payment X Ancillary Services Paid under OPPS, Separate APC payment Y Non- implantable Durable Medical Equipment Not paid under OPPS. All institutional providers other than home health agencies bill to DMERC. Status indicators are a crucial component of the OPPS mechanism. These are assigned to each and every CPT / HCPCS code. As an auditor it will be essential to know which procedure codes (CPT/HCPCS) are assigned and paid under OPPS and those, which are not. It will be especially important to note status indicators (SI) such as B, E and M as Medicare may not pay them. OPPS ADDENDUM S Each year, with the publication of the OPPS Final Rule, there are accompanying addenda that assist in charge capture, appropriate coding and reimbursement. Some of the more important Addenda are as follow: denda.zip Addendum A listing of APC groupings Addendum B OPPS Payment by HCPCS Code Addendum C- HCPCS Codes Payable Under the 2011 OPPS by APC Addendum D1 - Final OPPS Payment Status Indicators Addendum D2- Final OPPS Comment Indicators Addendum E - HCPCS Codes That Are Paid Only as Inpatient Procedures Addendum L Final OPPS Out- Migration Adjustment Addendum M - HCPCS Codes for Assignment to Composite APCs Two of these addendums are absolutely essential when auditing. Addendum B provides critical Medicare reimbursement for outpatient services. The reimbursement amounts shown are not adjusted for the wage index, which is specific to the facility.. Addendum E is a listing of all procedures that are considered inpatient only procedures. In other words, if the procedure is performed in an outpatient setting there will be no reimbursement from Medicare for the procedure, as it did not meet their guidelines. While all of the addenda are important the auditor should have the most current copy of addendum B and E when auditing Medicare records. These addenda change quarterly and therefore copies for the time period being audited must be maintained. 137 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

138 2B- 21 APPLY CORRECT CODING INITIATIVE RULES The National Correct Coding Initiative (NCCI) (also known as CCI) was implemented to promote national correct coding methodologies and to control improper coding leading to inappropriate payment. NCCI code pair edits are automated prepayment edits that prevent improper payment when certain codes are submitted together for Part B- covered services. In addition to code pair edits, the NCCI includes a set of edits known as Medically Unlikely Edits (MUEs). An MUE is a maximum number of Units of Service (UOS) allowable under most circumstances for a single Healthcare Common Procedure Coding System/Current Procedural Terminology (HCPCS/CPT) code billed by a provider on a date of service for a single beneficiary. 73 The NCCI is a combination of the Outpatient Code Editor (OCE) and the Medically Unlikely Edits (MUE) into one comprehensive system. There are two sets of NCCI edits, which are spaced on quarter apart. The physician NCCI edits are one version and one quarter ahead of those for the facility. This can pose difficulties for an auditor who audits both groups (professional and facility). The following guidance can be found within the document called How to Use the National Correct Coding Initiative (NCCI) Tools CODE PAIR EDITS: NCCI Edits Physicians - These code pair edits are applied to claims submitted by physicians, non- physician practitioners, and Ambulatory Surgery Centers NCCI Edits Hospital Outpatient Prospective Payment System (OPPS) This set of code pair edits is applied to the following Types of Bills (TOBs) subject to the Outpatient Code Editor (OCE): Hospitals (TOB 12x and 13x), Skilled Nursing Facilities (SNFs) (TOB 22x and 23x), Home Health Agencies (HHAs) Part B (TOB 34x), Outpatient Physical Therapy and Speech- Language Pathology Provider (OPTs) (74x), and Comprehensive Outpatient Rehabilitation Facilities (CORFs) (TOB 75x). MEDICALLY UNLIKELY EDITS (MUES): 1. Practitioner MUEs All physician and other practitioner claims are subject to these edits. 2. Durable Medical Equipment (DME) Supplier MUEs These edits are applied to claims submitted to DME MACs. (At this time, this file includes HCPCS A, B, D- H, K- V codes in addition to HCPCS codes under the DME MAC jurisdiction.) 73 To- Use- NCCI- Tools.pdf 138 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

139 3. Facility Outpatient MUEs Claims for TOB 13x, 14x, and Critical Access Hospitals (85x) are subject to these edits. 74 Every auditor needs the most current copy of the NCCI Policy Manual for Medicare. This comes in a downloadable.pdf format and can be found at: This manual describes all aspects of the Correct Coding Initiative including the background and all policies regarding correct coding for Medicare. This should be a required tool for all auditors who review or comment on Medicare claims (Professional and Facility) COLUMN 1 / COLUMN 2 EDIT: The NCCI is a derivative of medical and surgical standards of practice. Therefore, the edits are designed such that services integral to a procedure are not separately reimbursed. We reference the NCCI Policy Manual for Medicare which states: Many NCCI edits are based on the standards of medical/surgical practice. Services that are integral to another service are component parts of the more comprehensive service. When integral component services have their own HCPCS/CPT codes, NCCI edits place the comprehensive service in column one and the component service in column two. Since a component service integral to a comprehensive service is not separately reportable, the column two codes are not separately reportable with the column one code. 75 In determining the column 1 and column 2 edits one must look at the general policies for determining the component(s) of a more comprehensive procedure. There are several general principles that can be applied to the edits as follows: The component service is an accepted standard of care when performing the comprehensive service. The component is usually necessary to complete the comprehensive service The component service is not a separately distinguishable procedure when performed with the comprehensive service. 76 One example of this would be that the global surgical package would include the administration of fluids; therefore, IV administrations would be included in the procedure and not separately reimbursed. Although the Column 2 code is often a component of a more comprehensive Column 1 code, this relationship is not true for many edits. In the latter type of edit the code pair edit simply represents two codes that should not be reported together, unless an appropriate modifier is used To- Use- NCCI- Tools.pdf 75 NCCI Policy Manual for Medicare Effective , Chapter 1, p. I NCCI Policy Manual for Medicare, Effective , Chapter 1, p. I Copyright 2012 William L. Malm, ND, CMAS & AAMAS

140 As of April 2012, there is a change to the mechanism of Column 1 / Column 2 and mutually exclusive edits. The following is taken from NCCI describing these changes. In order to simplify the use of NCCI edit files, CMS will consolidate the two edit files into the Column One/Column Two Correct Coding edit file. Separate consolidations will occur for the two practitioner NCCI edit files and the two NCCI edit files used for OCE. This change will occur for practitioner NCCI edits in NCCI version 18.1 scheduled for April 1, After these changes occur, it will only be necessary to search the Column One/Column Two Correct Coding edit file for active or previously deleted edits. Effective April 1, 2012, CMS will no longer publish a Mutually Exclusive edit file on its website for either practitioner or outpatient hospital services since all active and deleted edits will appear in the single Column One/Column Two Correct Coding edit file on each website. The edits previously contained in the Mutually Exclusive edit file are NOT being deleted but are being moved to the Column One/Column Two Correct Coding edit file. Practitioner NCCI - In NCCI version 18.1 for practitioners scheduled for April 1, 2012, all edits in the Mutually Exclusive edit file will be moved to the Column One/Column Two Correct Coding edit file with the same implementation and, if relevant, deletion date as the edits have in the mutually exclusive edit file. These edits are not being deleted from NCCI but are being moved to the Column One/Column Two Correct Coding edit file. The net result will be that the NCCI version 18.1 Column One/Column Two Correct Coding edit file will contain all active NCCI edits and deleted NCCI edits that previously were contained in the Mutually Exclusive and Column One/Column Two Correct Coding edit files. The CMS website will have a single Column One/Column Two Correct Coding edit file for practitioner NCCI. Outpatient NCCI used in OCE - Effective April 1, 2012 the change will be implemented on the CMS website where a single Column One/Column Two Correct Coding edit file will appear which will contain all active NCCI edits and deleted NCCI edits that previously were contained in the OPPS Mutually Exclusive and Column One/Column Two Correct Coding edit files. These edits are not being deleted from the OCE NCCI files but are being moved to the Column One/Column Two Correct Coding edit file 78 MUTUALLY EXCLUSIVE EDITS: Many procedure codes should not be reported together because they are mutually exclusive of each other. Mutually exclusive procedures cannot reasonably be performed at the same anatomic site or same patient encounter. 79 It is important to note that while CMS publishes most MUE s other are kept confidential and not published. This is part of the fraud and abuse detection performed by CMS and solely for the Contractor s use. Like the Column 1 / Column 2 Edits these are published according to 77 To- Use- NCCI- Tools.pdf To- Use- NCCI- Tools.pdf 140 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

141 provider type (physician or hospital). These are downloadable from: UTILIZING MODIFIERS WITH NCCI Use of modifiers can override the Column 1 / Column 2 edits, when permissible; however, it is prohibited in the mutually exclusive edits. Medicare claims processing is the same for Column 1/Column 2 Edits and MEC Edits. Even though only one of the code pair tables is officially called Column 1/Column 2, both of these tables are comprised of code pairs named as Column 1 and 2. If a provider submits the two codes of an edit pair, the Column 1 code is eligible for payment and the Column 2 code is denied. However, if both codes are clinically appropriate and an appropriate NCCI- associated modifier is used, the codes in both columns are eligible for payment. Supporting documentation must be in the beneficiary s medical record. 80 To determine whether a modifier is allowed the Column 1 / Column 2 code pairs have a modifier designation. The table below was taken directly from the publication on the CMS website ( To- Use- NCCI- Tools.pdf) As of April 1, 2012 there are significant changes to NCCI. This is the new instruction for NCCI: In order to simplify the use of NCCI edit files, CMS will consolidate the two edit files into the Column One/Column Two Correct Coding edit file. Separate consolidations will occur for the two practitioners NCCI edit files and the two NCCI edit files used for OCE. This change will occur for practitioner NCCI edits in NCCI version 18.1 scheduled for April 1, After these changes occur, it will only be necessary to search the Column One/Column Two Correct Coding edit file for active or previously deleted edits. Effective April 1, 2012, CMS will no longer publish a Mutually Exclusive edit file on its website for either practitioner or outpatient hospital services since all active and deleted edits will appear in the single Column One/Column Two Correct Coding edit file on each website. The edits previously contained in the Mutually Exclusive edit file are NOT being deleted but are being moved to the Column One/Column Two Correct Coding edit file. Practitioner NCCI - In NCCI version 18.1 for practitioners scheduled for April 1, 2012, all edits in the Mutually Exclusive edit file will be moved to the Column One/Column Two Correct Coding edit file with the same implementation and, if relevant, deletion date as the edits have in the mutually exclusive edit file. These edits are not being deleted from NCCI but are being moved to the Column One/Column Two Correct Coding edit file. The net result will be that the NCCI version 18.1 Column One/Column Two Correct Coding edit file will contain all active NCCI edits and deleted NCCI edits that previously were contained in the Mutually Exclusive and Column One/Column Two Correct Coding edit files. The CMS website will have a single Column 80 To- Use- NCCI- Tools.pdf 141 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

142 One/Column Two Correct Coding edit file for practitioner NCCI. Outpatient NCCI used in OCE - Effective April 1, 2012 the change will be implemented on the CMS website where a single Column One/Column Two Correct Coding edit file will appear which will contain all active NCCI edits and deleted NCCI edits that previously were contained in the OPPS Mutually Exclusive and Column One/Column Two Correct Coding edit files. These edits are not being deleted from the OCE NCCI files but are being moved to the Column One/Column Two Correct Coding edit file. Modifiers may be appended to HCPCS/CPT codes only if the clinical circumstances justify the use of the modifier. A modifier should not be appended to a HCPCS/CPT code solely to bypass an NCCI edit if the clinical circumstances do not justify its use. If the Medicare program imposes restrictions on the use of a modifier, the modifier may only be used to bypass an NCCI edit if the Medicare restrictions are fulfilled. Modifiers that may be used under appropriate clinical circumstances to bypass an NCCI edit include: Anatomic modifiers: E1- E4, FA, F1- F9, TA, T1- T9, LT, RT, LC, LD, RC Global surgery modifiers: 25, 58, 78, 79 Other modifiers: 27, 59, An example where a modifier may be utilized is within the Medical Clinic. For example a patient is scheduled for a routine outpatient clinic visit (Coded 99214) for his continued altered mental consciousness. During the visit the physician decides to do a rectal exam of the prostate (G0102) 81 NCCI Policy Manual for Medicare, Effective , Chapter 1, p. I Copyright 2012 William L. Malm, ND, CMAS & AAMAS

143 because the patient is a75 year old male and at risk. These two services would trigger an NCCI Column 1/ Column 2 edit. Because there is a 1 stating a modifier is allowed, the coding could allow for a - 25 modifier to be placed on the Column 1 code ( ) allowing for both services to be reimbursed. The table below details this scenario. The NCCI only applies directly to Medicare. However, many commercial / private payers also subscribe to these edits. The auditor must understand the edits being utilized for each type of payor (Medicare, Medicaid and/or commercial/managed care) prior to beginning the audit. The use of an automated NCCI scrubber is certainly preferred and most hospital / physician CDM software companies include this in their software package. If, however, you do not have the luxury of such a tool, the auditor can find and download all of these edits by hospital, or by physician, at: Hospitals - Physicians - The edits are organized by type and then within each type (hospital or physician) by CPT / HCPCS code range. The screen scrape below demonstrates this from the CMS website Copyright 2012 William L. Malm, ND, CMAS & AAMAS

144 We encourage the reader to read the entire NCCI Policy Manual for Medicare as well as the other references provided below and understand all the elements of this regulation. This is core to any auditor who works with Medicare claims. REFERENCES To- Use- NCCI- Tools.pdf 2B- 22 ASSIGN & VALIDATE PHYSICIAN FEE SCHEDULE CMS stated: A fee schedule is a complete listing of fees used by Medicare to pay doctors or other providers/suppliers. This comprehensive listing of fee maximums is used to reimburse a physician and/or other providers on a fee- for- service basis. CMS develops fee schedules for physicians, ambulance services, clinical laboratory services, and durable medical equipment, prosthetics, orthotics, 144 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

145 and supplies. 83 CMS publishes the physician s fee schedule and accompanying documentation on their website at: This schedule is updated yearly through the publication of a proposed rule. The proposed rule receives the appropriate comment period and is enacted. Within this rule there are the final reimbursement amounts for the upcoming year. According to CMS the Medicare Physician Fee Schedule (MPFS) includes: 1. Physician Services 2. Therapy Services 3. Medicare PFS payment rates 4. Medicare PFS rates formula and 5. Resources Medicare Part B pays for physician services based on the PFS that covers more than 7,400 services and their payment rates. Some physician services that would be included are: Evaluation and Management, Procedures (both surgical and medical), services within the SNF, Hospice, outpatient dialysis and clinical laboratories. 84 The MPFS describes the payment rate. These are based on several components. 1. Relative Value Unit (RVU) 2. Conversion Factor (CF) 3. Geographic Practice Cost Indices (GPCI) The RVU component is divided into three separate relative value units. The Work RVU reflects the levels of time and intensity associated with furnishing the service. This accounts for approximately 50% of the total payment for the service. This RVU is examined no less than every 5 years. The last review was 2009 and changes will be reflected in the 2010 MPFS. Practice Expense RVU (PE) - reflect costs of maintaining a practice. Includes items such as rent, office supplies, equipment, and staff. Malpractice RVU reflect the remaining portion of the total payment associated with the service Copyright 2012 William L. Malm, ND, CMAS & AAMAS

146 The conversion factor adjusts the three RVUs above by a geographic practice expense. The geographic practice cost indices (GPCI) is the sum of the geographically adjusted RVU multiplied by a dollar conversion factor. 85 The Medicare PFS payment rates formula is shown below: [(Work RVU x Work GPCI) + (PE RVU x PE GPCI) + (MP RVU x MP GPCI)] x CF Palmetto GBA provides examples of the calculations: Examples: (Note: When applying the work adjustor to the work RVU, round the product to two decimal places.) Example 1: CPT code/cpt modifier , facility setting, West Virginia 2009 Facility Pricing Amount = [((Work RVU * Budget Neutrality Adjustor (1.0008)) (round product to two decimal places) * Work GPCI) + (Transitioned Facility PE RVU * PE GPCI) + (MP RVU * MP GPCI)] * Conversion Factor Work RVU (0.18) times Budget Neutrality Factor (1.0008) = 0.18 (rounded to two decimal places) Transitioned Facility PE RVU (0.06) times PE GPCI (0.827) = MP RVU (0.01) times MP GPCI (1.353) = Add results from steps 1-3: = Multiply results of step 4 times conversion factor: x = $8.77. This is the fee schedule amount. Example 2: CPT code 20550, non- facility setting, Ohio 2009 Non- Facility Pricing Amount = [((Work RVU * Budget Neutrality Adjustor (1.0008)) (round product to two decimal places) * Work GPCI) + (Transitioned Non- Facility PE RVU * PE GPCI) + (MP RVU * MP GPCI)] * Conversion Factor Work RVU (0.75) times Budget Neutrality Factor (1.0008) = 0.75 (rounded to two decimal places) Transitioned Non- Facility PE RVU (0.65) times PE GPCI (0.927) = MP RVU (0.09) times MP GPCI (1.232) = Add results from steps 1-3: = Multiply results of step 4 times conversion factor: x = $ This is the fee schedule amount Copyright 2012 William L. Malm, ND, CMAS & AAMAS

147 Example 3: CPT code 99213, non- facility setting, South Carolina 2009 Non- Facility Pricing Amount = [((Work RVU * Budget Neutrality Adjustor (1.0008)) (round product to two decimal places) * Work GPCI) + (Transitioned Non- Facility PE RVU * PE GPCI) + (MP RVU * MP GPCI)] * Conversion Factor Work RVU (0.92) times Budget Neutrality Factor (1.0008) = 0.92 (rounded to two decimal places). Transitioned Non- Facility PE RVU (0.75) times PE GPCI (0.906) = MP RVU (0.03) times MP GPCI (0.446) = Add results from steps 1-3: = Multiply results of step 4 times conversion factor: x = $ This is the fee schedule amount. To obtain carrier specific physician fee schedules or utilize the physician fee schedule look up function access: fee- schedule/overview.aspx 2B- 23 ASSIGN & VALIDATE HCPCS LEVEL II CODES HCPCS codes are short for procedure codes that are from the Healthcare Procedural Coding System. As previously stated HCPCS I codes are CPT codes. The regulation that CMS published on August 17, 2000 (45 CFR ) to implement the HIPAA requirement for standardized coding systems established the HCPCS level II codes as the standardized coding system for describing and identifying health care equipment and supplies in health care transactions that are not identified by the HCPCS level I, CPT codes. The HCPCS level II coding system was selected as the standardized coding system because of its wide acceptance among both public and private insurers. Public and private insurers were required to be in compliance with the August 2000 regulation by October 1, The HCPCS Level II Coding Process/Criteria document describes HCPCS level II coding procedures and coding criteria. 86 HCPCS LEVEL II CODE RANGES HCPCS codes are five character alpha- numeric codes that are broken into discreet categories. These categories are: A HCPCS Codes (A0000- A0999) Transportation Services Including Ambulance (A4206- A9999) Medical, Surgical and Miscellaneous Supplies and Accessories B HCPCS Codes (B4034- B9999) Enteral and Parenteral Therapy C HCPCS Codes (C1300- C9899) Outpatient Prospective Payment System Copyright 2012 William L. Malm, ND, CMAS & AAMAS

148 o o This section provides the codes that must be utilized, when submitting OPPS claims, for drugs, biologicals, devices, and some medical services. Other types of hospitals such as the Maryland Hospitals (exempt from OPPS), Critical Access and Indian Health can still use these codes, if appropriate, at their own discretion. Within the C HCPCS code range there is a number of drugs and biologicals that are eligible for pass through payments. This section should be reviewed and a frequently accessed, for a facility auditor D HCPCS Codes - Dental Codes These codes were moved to the coding procedures of the American Dental Association (ADA) E HCPCS Codes (E0100- E9999) Durable Medical Equipment o These codes may not be submitted by a hospital unless they have a DME license o These include items commonly found within a facility such as canes, crutches, walkers, wound care items. o These must be billed to the DMERC by a DME licensed vendor. In some cases this now comes under CMS DME Competitive Bidding Process and an individual E code can only come from one vendor. G HCPCS Codes (G0008- G9147) Professional Services that do not already have a CPT code to describe them. o Includes items such as vaccinations, screening services, PET Scans, Type B Emergency Departments, Drug Screens, Physician Quality Reporting, H1N1 Administration, Warfarin Testing and CMS Demonstration Projects. H HCPCS Codes (H0001 H2037) Alcohol and Drug Abuse Treatment Services J HCPCS Codes (J0120- J9999) Drugs Administered Other Than Oral Method o These drugs are generally those which cannot be Self Administered o Includes drugs such as chemotherapy and inhalation drugs o Generally linked to revenue code 0636 drugs of detail o Audit Tip: Frequent source of audit errors as the dispensing units and billing units are frequently divergent. K HCPCS Codes (K0001- K0899) Temporary DME Codes L HCPCS Codes (L0112- L9900) Orthotic & Prosthetics Procedures and Devices o These are also DME items however, by definition, should be billed by the facility (hospital) on the UB- 04 to their intermediary or MAC. o Do not require a DME license to bill o Audit Tip: These items are frequently carried in the Emergency Services Area and Physical Therapy and have been found nationally to be a source of lost revenue. Many of these items are not added to the CDM or, if present, are failing to be charged. Key loss items include: Knee Immobilizer (L1830), Philadelphia Collar (L0172), Walking Boot (L4360) and many others. o Audit Tip: Review the chargemaster to ensure that these codes are actually present in the CDM and available for charge capture in the departments that provide these items during 148 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

149 patient care. Look for charging policies and procedures that direct the staff on how to charge for these supply items. M HCPCS Codes (M0064- M0301) Medical Services (Other Services) P HCPCS Codes (P2028- P9615) Pathology and Laboratory Services o P9010 P9060 refer to blood and blood products such as fresh frozen plasma (FFP), whole blood for transfusion, leuko reduced whole blood, etc o Audit Tip: When one of the blood P codes appear on the claim then at least one, and no more than one, unit of should also be on the claim on the same date of service Q HCPCS Codes (Q0035- Q9968) these are temporary HCPCS codes for services that do not have a permanently assigned HCPCS code o This section includes items such as PAP smears (Q0091), drugs used as complete replacement for IV anti- nausea regimens, cast supplies for physicians and other professionals, high and low osmolar contrast (Q9951- Q9967) R HCPCS Codes (R0070- R0076) Diagnostic Radiology Services (transportation) S HCPCS Codes (S0012- S9999) - Temporary National Codes o Used primarily by Blue Cross / Blue Shield Association (BCBSA) o Also used by the Health Insurance Association of America (HIAA) o Utilized solely in the private sector and are not applicable to nor payable by Medicare o Can be used, depending on the state, for Medicaid o Used to report drugs, services, tests, supplies where there is no other specific code to describe the service, drug, test or supply. o Audit Tip: May never appear on a Medicare claim but should be present in the chargemaster if submitted to a private payor or Medicaid. Frequently misunderstood by facilities and may not be fully implemented within the CDM. T HCPCS Codes (T1000- T5999) State Medicaid Codes o These codes are not accepted by Medicare and should not be present on a Medicare claim o Codes created based on the needs and requirements of the State Medicaid Programs when no other national code exists. o May be used by some private insurers V HCPCS Code (V2020- V5364) Vision Services and Hearing Services o These codes are primarily for glasses, contact lenses, eye prosthesis and intraocular lenses o Specialty intraocular lenses, such as Crystalens, Rezoom, will be found within this section of HCPCS o Hearing aids and hearing services are also found within this grouping of HCPCS codes. 149 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

150 STEPS IN ASSIGNING A HCPCS CODE When assigning a HCPCS code for a supply or service the following steps should be taken: 1. The physician order should be reviewed to see that there is a date, designation of a specific service d (HCPCS code / CPT code preferred), diagnosis (narrative or ICD- 9- CM) code, and the physician signature. 2. The item or service provided is documented within the medical records with such clarity that there is no question as to what was performed or provided 3. If elements such as fitting and adjustment are specified, within the code, then medical record documentation should support that this portion of the code was, in fact, performed. 4. HCPCS code assignments follow the basics of a physician order and medical record documentation utilized for any other test, service, procedure or supply. More specifically, these codes have their own guidelines but do require the same intensity of documentation as would any other procedure, test or service in order to be correctly selected. 5. It is important not to choose or validate a code that is not allowable by that specific carrier. For example, there should not be any S codes present on a Medicare claim. Review for payor code specificity prior to assignment or validation. 150 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

151 CORE DOMAIN 2C: OTHER RELEVANT MEDICAL AUDIT RESPONSIBILITIES 2C- 1 UPDATE / REVIEW / MAINTAIN THE CHARGE DESCRIPTION MASTER (CDM) The Charge Description Master (CDM) is the one essential element that without it there would be no revenue cycle. The CDM (a.k.a. Chargemaster, Service Master, Item Master, Description Master) is an electronic roster of all patient charges for services, tests, supplies, pharmaceuticals and procedures. If a test, service, supply, pharmacy or procedure does not have a chargemaster line then there is no real method to charge for the service representing lost revenue. Alternatively, the CDM can be considered a compliance risk. In the OIG Compliance Guidance to Hospitals ( speaks to this issue. In addition to the coding risk areas noted above and in the 1998 hospital CPG, other specific risk areas associated with incorrect outpatient procedure coding include the following... Submitting incorrect claims for ancillary services because of outdated Charge Description Masters Charge Description Masters (CDMs) list all of a hospital s charges for items and services and include the underlying procedure codes necessary to bill for those items and services. Outdated CDMs create significant compliance risk for hospitals. Because the Healthcare Common Procedure Coding System (HCPCS) codes and APCs are updated regularly, hospitals should pay particular attention to the task of updating the CDM to ensure the assignment of correct codes to outpatient claims. This should include timely updates, proper use of modifiers, and correct associations between procedure codes and revenue codes 87 Therefore the CDM can be the facility s best asset or worst liability. The remainder of this section will review CDM basics and techniques for ensuring compliance and prevent charge capture loss. CDM BASICS The chargemaster is a listing of all services rendered by the facility whether payable or not. Therefore, every service (test, pharmaceutical, supply or procedure) provided to a patient should be evaluated as to the need for a CDM line item to assess a charge. Every chargemaster has the following fields: 1. Unique Identifier this is a number which is either alpha- numeric or numeric 2. Unique Description this is a description that is unique and accurately describes the service. This should approximate the CPT code or HCPCS description closely. In many cases facilities use the CPT or HCPCS short description as their unique description 87 Federal Register, Vol. 70, No. 19, January 31, 2005, p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

152 3. Revenue Code the four- digit code, as designed by NUBC, that best represents the service. Additionally, the MAC for the region in which the facility is located describes revenue code sets. Either source of data is appropriate to utilize for this assignment 4. Procedure Code - the CPT or HCPCS code that best represents the service the chargemaster line item represents. a. With a hardcoded procedure the actual CPT or HCPCS code is entered into the chargemaster b. When a CPT or HCPCS code for a softcoded procedure is not automatically populated on the claim, via the CDM, the procedure/service is generally coded by HIM. The CPT/HCPCS code then flows from the HIM encoder to the claim. 5. Patient Charge this is the charge for the service as determined by the facility CDM & THE REVENUE CYCLE The CDM is integral to the revenue cycle but the placement of the CDM in the revenue cycle will provide guidance as to whether audit concerns occur prior to the CDM (i.e. charge capture issues) or post CDM (failed billing edits). The following is a graphic representation of the revenue cycle and the placement of the CDM in the revenue cycle. As the diagram above indicates, the CDM is right in the middle of the revenue cycle. The revenue cycle depends upon having accurate and timely information / data prior to reaching the CDM component. Failure to have this will result in errors post CDM. 152 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

153 As noted, there is little opportunity to assess a patient charge after completion of the CDM component. Additionally, it is essential to note that all documentation must be present prior to entering a charge, as the CDM will hardcode the CPT/HCPCS code based upon what is entered. Audit Tip: Failure to have complete documentation (including order and progress notes / reports), prior to entering a charge, is a frequent source of error, found during audit activity that results in Federal, State and commercial payor recoupment of reimbursement. Once a charge is entered, the CDM automatically applies a CPT/HCPCS code to the claim and the assumption is that the CPT/HCPCS can be supported by documentation. Frequent random audits of hardcoded procedures should be part of every audit plan. Other errors are created directly by the CDM. As stated in the OIG Hospital Compliance Guidance, failure to have an up to date CDM can create errors. Therefore, the chargemaster analyst must utilize a strict regimen of review to ensure accuracy. Inaccuracies within the CDM will create automated billing errors that are easily caught in automated reviews. The following sections will speak to the maintenance of the CDM. CHARGEMASTER MAINTENANCE This section will focus on specific tasks as well as differentiating methods such as automated and manual reviews. Learning to audit the CDM should be an essential step in the development of a hospital or physician s internal auditor. The elements of the CDM include essential concepts of charge capture and billing and are core elements for the auditor. We will now look at creating a maintenance plan. Maintenance should involve the revenue cycle team but specifically utilize the CDM analyst. Maintenance is an on- going concern but there are specific times of the year where attention will be required. YEAR END MAINTENANCE Every year in October / November there are two sets of procedure codes which are updated and therefore must be updated in the CDM. Usually in October, the American Medical Association updates and releases the CPT code changes. If your facility utilizes chargemaster software (i.e. Craneware, MedAssets or other brand) then the codes will be added to your software file and the updates are performed according to the software methodologies of the vendor. If however, you are an auditor in a facility or physician s office that does not utilize software then a manual update will be required. Tools Required: Prior to October the auditor will need to obtain the tools necessary for the yearly maintenance. The auditor should order a: 153 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

154 1. Current Procedural Terminology (CPT) Codebook: This can be obtained from many different vendors including the American Medical Association (publisher), Ingenix publishing or other vendor. Many times this manual can be found in bookstores such as Borders or Barnes and Noble Booksellers. When purchasing your book make sure to purchase the edition that best suits your requirements. For further information consult: assn.org/ama/pub/physician- resources/solutions- managing- your- practice/coding- billing- insurance/cpt.shtml 2. Healthcare Procedural Coding System Level II Codebook (HCPCS Level II): This manual will be required to update procedural coding systems that involve supplies, pharmaceuticals and other government issued codes that are not covered by CPT. While these codes are generally released later in the year the purchase of the manual should be mid- summer to ensure that it arrives promptly after the codes are created and updated. For further information on purchasing HCPCS manuals consult your favourite coding vendor. This book is available from many vendors however; it may be downloaded, for free, directly from CMS. The download is available in Excel at: 3. National Uniform Billing Committee (NUBC) UB- 04 Specifications Manual: This manual provides guidance on the appropriate use of locations, billing conditions and revenue codes. The purpose of this manual is to have an overall guidebook for any aspect of the UB- 04. This can be purchased at: 4. Additional recommended tools include: a. CPT 20xx An Insider s View : This coding manual provides an in depth overview of the CPT changes at year send. It provides clinical examples as well as code selection tips. This book also assists when discussing changes with the department as it gives relevant clinical scenarios for which the department can then utilize as a framework for code selection. Further information can be obtained at: assn.org/catalog/product/product_list.jsp?_requestid= CPT Assistant: These are newsletters that describe some of the nuances of CPT coding. They are becoming more progressively designed to assist in denials management. These are offered in both paper and electronic version and most chargemaster software vendors include this as a feature within their products. Developing a Schedule: In order to complete the year- end maintenance schedule a calendar or workplan must be completed. The following workplan is for illustration purposes only. Each auditor / CDM analyst or revenue cycle manager must create their own schedule to ensure that all tasks are completed by the 31 st day of December for each calendar year. June / July: Purchase manuals Update subscriptions Evaluate need for additional chargemaster software 154 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

155 Prepare yearly budget for CDM maintenance August / September: October: Review the chargemaster for any items that have not had any usage in a 12 month period (i.e. zero volume items) Confirm with the departments that zero volume items can be deleted from the chargemaster or must be maintained. Note, zero volume items can lead to inaccurate charge capture. Work with each department to determine what services will continue to be rendered in the upcoming year; any additional new services that will be offered which will require new chargemaster line items to be added, and those services which will be discontinued requiring chargemaster line item deactivation. The CDM team should review capital budgets in areas such as radiology, laboratory and surgery to see if the new equipment will require new chargemaster lines to be created for the procedures that can now be performed. Review requests such as from ADR (Automated Data Requests) and RAC focused audits to see if there are any errors pertaining to the CDM, and correct any CPT / HCPCS code inaccuracies. Assemble the team to begin departmental reviews in October with the Departments. Establish roles and responsibilities for each team member for the remainder of the quarter. Suggested team members could include: CDM Analysts Compliance / Revenue Integrity Staff Medical Records / HIM Finance Cost report personnel Deliverable for August / September: At the conclusion of September all zero volume CDM lines for which there will be no future use should be inactivated and/or deleted. This will make the year - end maintenance much more efficient. Any new services planned for the upcoming year should have new chargemaster lines added as required. Have purchased all manuals / software required for year - end maintenance. Review vacation schedules for key staff during the last quarter of the year ensure that the plan yet to be created includes provisions for these leaves. October is a month that is key to the successful implementation of the next year s chargemaster Pre- meetings with the revenue producing departments must occur in order to ensure that the chargemaster is completely accurate and representing only those services offered and those to be offered within the next 3 to 6 months 155 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

156 Assemble the review team; have written policies /procedures and roles for each participant. Validate deadlines for which reviews and corrections must be submitted to the CDM analyst Using a calendar, pencil in all key personnel and their holiday requests to illuminate potential risk areas for completion of required tasks. Starting the first week of October, schedule a meeting with all revenue producing departments, to review their chargemaster. The following are suggested meeting lengths to cover the topics Pharmacy (up to 3,000 lines) 8 to 12 hours. In many cases this can take several days to adequately review each item Radiology- (diagnostic, MRI/ MRA, CT, Ultrasound) 8 hours (not including interventional). Interventional review could require an additional 4 8 hours. Nuclear Medicine 3 to 4 hours Cardiology / Cardiac Cath 8 hours (includes EKG, Cath Lab, Stress Lab, Pacemaker and Electrophysiology) Operating Room 4 hours Implants / Supplies (up to 3,000 lines) 8 to 12 hours. In many cases this can take several days to adequately review each item Anaesthesia 1 hour Physical Therapy / Occupational Therapy/ Speech and Audiology 8 to 12 hours GI Lab (if hardcoded) - 4 hours Emergency Services (not including supplies) 4 hours. More time will be required if minor surgical procedures are hardcoded within the ED CDM Laboratory 8 to 12 hours. This review will need to take into account the equipment and what the equipment is capable of performing. In some cases, especially if a reference lab is involved, this can take several days. Finance will need to review the pricing policy, if not automated within the CDM software, and designate new prices to be effective for the upcoming calendar year. Create worksheets indicating changes to be made. If using software such as Craneware place a change request memo into the software. The CDM analyst should have all changes completed prior to the last day of the month of December. Deliverable October: All current chargemasters will be 100% reviewed and any errors or inaccuracies will be indicated in the worksheets Update all prices (patient charges), for current items, within the CDM effective 1/1/xxxx of the upcoming year. Many billing software allow for a future effective date that would enable this function to be performed at any time. If the billing software does not have future date capabilities then the pricing will need to wait until the upcoming new year; however, all pricing changes should 1 56 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

157 November / December: have been previously completed, in the worksheets, allowing for a rapid changeover once the new year arrives. Chargemaster analyst will have all additions, deletions and changes completed and entered into the CDM prior to October 31 st. The overall objective is to have a completely clean CDM prior to the CPT/HCPCS code changes for the upcoming year These two months are the busiest times for the chargemaster team. All new, changed or deleted CPT/HCPCS codes will need to be reflected in the CDM prior to the required change date of 1/1/xxxx. This is why it is essential that all tasks except the CPT/HCPCS updates be achieved prior to November 1 of the current year. Starting with the new year s CPT Book, the team should utilize the Appendix in the back of the CPT codebook that demonstrates the additions, changes and deletions to CPT codes. Along with the CPT 20xx, An Insiders View a worksheet for each revenue producing department should be created. If you are an auditor using CDM software these additions, changes and deletions will be represented within your software. The software may have export functionality to create spreadsheets of changes for use with the department reviews. In either case a document or tool containing the code updates must be created to review with the departments. The CPT changes are generally released approximately days prior to the release of the HCPCS II changes. CPT is released late in October to early November; whereas, HCPCS is released in late November to early December. For this reason, CPT should be handled first. Following the review with CPT the HCPCS should similarly be enacted. Charge slips or charge capture tools must be updated to reflect all additions, changes and inactivation s/deletions made to the CDM. Upon completion of this update all additions, changes and deletions should be reviewed by an independent third party and through random claim audits of the codes manipulated. It is important that the auditor find errors before any third party auditor finds it post claim submission. November / December Deliverables: There is only one deliverable for this time period that is a completely accurate, up to date and accurately priced CDM as of 1/1/xxxx. There should be on- going testing of all changes as well as claim audits immediately after 1/1/xxxx to ensure that any changes made are completely accurate and support the service, test, procedure, supply or pharmaceutical provided to the patient. If external charge slips/ charge capture tools are being utilized these should also be updated to ensure accurate charge capture. 157 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

158 QUARTERLY CDM MAINTENANCE While the focus is upon year- end maintenance, quarterly maintenance is just as important. Keeping the CDM up to date is critical to on- going charge capture accuracy. Each quarter, CMS, Medicaid and many commercial payers release updates to their reimbursement program resulting in changes to the procedural coding (CPT / HCPCS). In some instances, such as Medi- Cal, the releases can be as frequent as monthly. Therefore, it is incumbent upon the CDM analyst and the team to ensure CDM lines are updated to reflect the most current regulatory requirements. We recommend that, as a minimum, facilities and physicians should review the CMS quarterly OPPS and Medicare Physicians Fee Schedule (MPFS) updates. These give specific coding instructions that need to be implemented within the CDM. These updates are published: January April July October As with the year- end updates we would recommend that you select a few new additions or changes to the CDM and follow them through to the claim to ensure accuracy and that the CDM is not creating a pattern of inaccurate code/charge submissions. CDM MAPPING The mapping between the ordering system and the chargemaster is a crucial step in ensuring accurate claim submission. Since the chargemaster is generally part of the patient accounting software and the clinicians use the ordering software then these two software components must be linked through a mapping. Mapping errors can lead to repeated charge to claim errors that represent a compliance risk. Below is a diagram indicating what can happen if the mapping is incorrect. In the example, the nurse would order a level 3 ED visit (99283) but due to an incorrect mapping the chargemaster would charge a level 4 ED visit (99284). Over time this would create a pattern of inaccurate billing and on audit would not be supported by documentation leading to a potential false claim concern. Mapping must be tested during a CDM review to ensure that the computer billing systems are mapped correctly. 158 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

159 USING CDM SOFTWARE Chargemaster software is becoming the platinum standard in chargemaster maintenance. Software offers the facility / clinic / physician certain advantages which are: Real- time compliance Accurate coding Audit trails for all additions, changes and deletions/inactivation to the CDM Practice standards that illuminate potential missing charges thereby reducing charge capture errors Matching of revenue codes to the CPT / HCPCS code Immediate illumination of errors within the CDM o Mismatch of revenue code to HCPCS code o Pricing below a specific facility / fee schedule threshold o Deleted CPT / HCPCS codes that appear as active in the CDM o Modifiers that are inappropriate for the CPT/HCPCS code o Medications without appropriate J codes in the CDM o Self Administered Medication identification The overall use of software is too copious for further discussion within this manual. However, the use of software does enhance the ability to provide a claim which is accurate and moves the facility / professional ahead in their quest for revenue integrity. However, no amount of software will assist in 159 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

160 correcting claim errors due to the failure to have documentation to support the charge. The auditor must take a keen look at the claim and the medical record and detect any chargemaster driven charges for which the documentation is not present or insufficient to support the charge. CDM AUDIT TIPS The auditor should be an active participant in all aspects of chargemaster function and maintenance. Additionally, systematic audits should be constructed to identify and correct errors or patterns of charge capture behaviour. Areas of risk include: Poorly maintained CDM Deleted codes within the CDM after their deletion dates Incorrect mapping of the CDM to other software components Unit of service errors originating from the CDM Documentation that does not support the charge Of all the errors created by the CDM the lack of documentation to support the claim is most certainly the highest risk. Because the CDM assumes that all documentation to support the claim is present prior to charge entry the result is often catastrophic on retrospective audit. The disconnect between the clinical staff, who generally charge these hardcoded CDM items, and the regulatory requirements can be severe. Auditors can bridge this gap through specific findings and creation of corrective action plans to ensure all necessary documentation is in the medical record prior to charge entry by staff. Since the CDM represents a compliance risk that is recognized by the OIG the yearly compliance audit plan must include detailed audits of the CDM and its functionality. 2C- 2 PROVIDE CLINICAL INTERPRETATION / GUIDANCE TO FELLOW AUDITORS & STAFF Interpretation by definition is The act or process of explaining the meaning of something. Clinical Interpretation then becomes explaining the meaning of clinical findings interpreted by the clinician. In radiology for example the translation of radiographic changes seen by the clinician into real variations in the object radiographed for diagnostic purposes. For auditors, the architecture that directly correlates to what is billed. Auditors need things interpreted (explained) in order to defend. Nurses are taught in nursing school "if it not documented it did not happen". So the written documentation that the clinician supplies, becomes the proof that it did indeed happened, and happened in the same way that it was billed. There are sometimes issues with the proof, and the auditor must become the detective. Maybe the clinician "interpreted" the procedure, but all the areas that should have been covered, were not. The auditor now becomes the teacher, and it is now necessary to go to the source of the "interpretation" and explain why it is so important for thorough documentation. Staff (especially physicians) must know what is expected before they can be held accountable for not doing something correctly. HIM also works closely with the staff (physician) to ensure that documentation is complete and accurate. 160 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

161 Quoted from: Coding Radiology Services By Gerri Walk, RHIA, CCS- P The following additional tips can help HIM professionals improve clinical documentation: Meet with radiologists to discuss coding issues Provide radiologists examples of good and bad reporting and how they affect reimbursement Explain bundling and packaging rules Discourage the use of rule out for outpatient documentation practices Train new radiologists on the appropriate information to dictate Use standard report templates 2 Complete and accurate documentation must support all charges that are billed. This is the only way that everyone involved knows what happened. The medical record must tell the whole story and be available to the payer upon request. Summary: The patient has a procedure be it Radiology, or in Operating Room, the staff (usually the physician) must document the procedure in a formal report. Other staff also plays a part in this documentation, the nurse who works the procedure, the technologist, any person who is called on to document any part of the process. These individual or collective groups should be groomed to document what is required for all aspects of what could happen to this record. This means for assessing coding by the coders (for DRG etc.), medical necessity for the case managers, and what was used for the itemized review for billing. And quite often this falls to the Auditor (Audit Nurse) to do. 88 2C- 3 RECOMMEND / APPROVE / MONITOR THE USE OF EXTERNAL AUDITORS & SUBCONTRACTORS External auditors / sub contractors are utilized based on the needs of the audit company, or payer. 88 Submitted by Nicole Cormier, LVN CMAS, National Audit, Florida 161 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

162 A due diligence process should be followed to identify auditor, or sub contractor based on their qualifications, experience, audit knowledge, education preparation, certifications, assignment, and other pertinent requirements of the audit company, Rates / compensation should not be a primary factor in selecting an external auditor/subcontractor. The Director or manager of the audit company owns the responsibility of keeping track of complaints from both external and internal and take appropriate actions. Expectations are that external auditors do not get involved with "issues" as they are to remain in good faith/good rapport with all external customers. The Director of the audit firm should be the primary person to handle issues. External auditors should be made aware of the audit companies expectations. Routine evaluations should be completed to monitor auditor performance. These evaluations serve to keep current the audit firm and auditor updated on performance and provides quality indicators. At minimum an annual evaluation should be completed with auditor involvement. Evaluations should be completed to address performance and improvement and not focused primarily on financial savings. savings. The statistical data obtained helps to determine if standards are being met, e.g., identified overpayments, focus a lot on savings, e.g., what did they educate the facility on (internal error with charge master- J code loaded incorrectly, unbundling, etc.) and capture the savings if a change was made. 89 EXTERNAL AUDITOR EVALUATION - SAMPLE The following is an example of a performance evaluation that can be used for the evaluation of Auditors. Auditor reviewed: Date of review: JOB KNOWLEDGE AND ANALYTICAL/DECISION MAKING SKILLS Possesses the knowledge necessary to complete job tasks, including: o Audit processes and procedures for conducting engagements o Auditing standards and auditing skills o. 89 This section provided by Allan Shane 162 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

163 Understands and adequately accomplishes job duties and responsibilities, including: o Performance of assignment (audit) o Preparation for and performance of audit o Completion and report preparation Recognizes problems, identifies cause and makes potential recommendations Explains the rationale behind decisions and recommendations, as appropriate COMMUNICATION SKILLS AND INTERPERSONAL RELATIONS Oral communications are clear and spoken with ease (i.e. client/audit meetings) Written communications are logical and well- organized Communicates with confidence while treating others with respect, courtesy, and fairness Keeps the audit firm appropriately informed throughout the engagement using clear, concise, accurate, and timely oral and written communications (i.e. phone, ) Listens effectively, responds clearly and directly, and seeks to clarify and confirm the accuracy of their understanding of unfamiliar or vague terms Contributes to the team and develops positive working relationships PRODUCTIVITY AND ADAPTABILITY Effectively balances workload and establishes priorities to meet commitments and accomplish all major objectives accurately and in a timely manner (i.e. completing fieldwork and on- going communication, planning and report preparation) Learns quickly and exhibits flexibility and versatility to changes in priorities, job assignment, approach/methodology, personnel, resources or surroundings INITIATIVE AND DEPENDABILITY Works independently, is self- directed, and requires minimal supervision Demonstrates proactive, positive and enthusiastic attitude and behaviour Consistently delivers a quality work product that is detailed, accurate, reflective of the work performed, and requires minimal rework CLIENT FOCUS Maintains a professional appearance Returns calls and fields inquiries from the client in a timely fashion Communicates clearly with clients Places importance on client relationships OVERALL STRENGTHS [List overall strengths] OPPORTUNITIES FOR IMPROVEMENT [List areas for improvement] Reviewer Comments: 163 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

164 Auditor Comments (optional): I have examined this document and have discussed the contents with the reviewer. My signature means that I have been advised of my performance on this audit and does not necessarily imply that I agree with the evaluation. Auditor's Signature Date Reviewers Signature Date 2C- 4 APPLY MEDICAL NECESSITY RULES IN AUDIT ACTIVITY Understanding medical necessity rules is a critical component of coding and billing compliance. In order for admissions to be considered medically necessary, the patient must have a condition requiring treatment that can be provided only in an inpatient setting. If the patient safely can receive treatment in a less intensive setting, such as outpatient observation, the patient should not be admitted. Medical Necessity must be: Consistent with the symptoms or diagnoses of the illness or injury under treatment. Necessary and consistent with generally accepted professional medical standards (i.e., not experimental or investigational). Not furnished primarily for the convenience of the patient, the attending physician, or another physician or supplier. Furnished at the most appropriate level that can be provided safely and effectively to the patient. Approximately 40 percent of all improper payments identified during the three- year RAC demonstration project stemmed from medical necessity; for inpatient hospitals, a whopping 62 percent of overpayments were the result of "errors in the determination of medical necessity." The revenue impact of these denials was $513 million in just three states. (RACmonitor.com Aug 11, 2010) 164 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

165 Medicare coverage is limited to items and services that are reasonable and necessary for the diagnosis or treatment of an illness or injury (and within the scope of a Medicare benefit category). National coverage determinations (NCDs) are made through an evidence- based process, with opportunities for public participation. In the absence of a national coverage policy, an item or service may be covered at the discretion of the Medicare contractors based on a local coverage determination (LCD). LCD s are made through local FI s (fiscal intermediaries). The Medicare Coverage Database contains all National Coverage Determinations (NCD) and Local Coverage Determinations (LCD) and can be accessed at coverage- database/. There are several commercial products available to help in determining medical necessity. Interqual and Milliman are two of the most widely used. These products list specific criteria that a patient must meet in order for a hospital admission to be deemed appropriate and necessary. 90 2C- 5 APPLY UTILIZATION REVIEW CRITERIA & PROTOCOLS IN MEDICAL AUDIT ACTIVITY The utilization review process compares requests for medical services ("utilization") to treatment guidelines that are deemed appropriate for such services and includes the preparation of a recommendation based on that comparison. Definitions Utilization Review The process of comparing requests for medical services ( utilization ) to guidelines or criteria that are deemed appropriate for such services, and making a recommendation based on that comparison. Prospective Review Those conducted prior to the delivery of the services requested. Prospective reviews may be for inpatient or outpatient services. The list of services varies, but most lists include nonemergency hospitalizations, outpatient surgery, 91 skilled nursing and rehabilitation services, home care services and some home medical equipment. The review and approval involves determining whether the requested service is medically necessary. 90 This section submitted by Patricia Barryessa, CMAS 91 outpatient.htm 165 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

166 There are usually predetermined criteria or clinical guidelines of care for a given condition. The process begins with the collection of information, including the symptoms, diagnosis, results of any lab tests and list of required services. The reviewer then reviews the criteria for the condition. Concurrent Review Concurrent reviews happen during active management of a condition. An important part of concurrent review is the assessment of the patient's needs after a hospitalization. Because concurrent review is used to decrease the amount of time you spend in the hospital, the first concurrent review often determines a discharge plan. This plan can include transfers to rehabilitation, hospice or nursing facilities. Retrospective Review Retrospective review involves the review of medical records after the medical treatment. The reviewer looks the medical records for evidence of medically necessary health care. Utilization review is generally done by a nurse who has experience using criteria sets to determine if a service is medically necessary. For instance, in reviewing a preauthorization request for an ACL repair (Anterior cruciate ligament), one might use the following as part of the criteria determine whether surgery is appropriate at this time: 1. What conservative measures have been tried (i.e. physical therapy, wearing a brace) 2. Is the knee unstable or buckling? Was there significant swelling at the time of injury? Does the patient describe a twisting or hyperextension at the time of the injury? 3. MRI demonstrates an ACL disruption 4. Pain is not controlled by NSAIDS. If the patient meets all of the above, the nurse reviewer could determine that this is a medically necessary surgery at this point in the care of this patient. At any point, the nurse has the option to request additional medical records for review. 92 2C- 6 APPLY CODING RULES IN MEDICAL AUDIT ACTIVITY Clinical Coding is "the translation of medical terminology as written by the clinician to describe a patient's complaint, problem, diagnosis, treatment or reason for seeking medical attention, into a coded format" which is nationally and internationally recognized. 92 This section submitted by Patricia Barryessa 166 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

167 Coding audits should be done on a routine basis; most HIM departments have protocols they follow. Code audits are done by the coders, however, it is important that the auditor be aware of these because it plays such a significant part in the billing accuracy. This does several things: Verifies that coding is consistent and accurate Gives confidence to reviewers of accuracy Maintains effective Quality Improvement Auditors do not commonly audit for DRG assignment (this is usually done by a coder), but it is valuable to understand what the process looks like. These codes do directly affect all aspects whether it is charge audit or DRG. If claims are paid by DRG for a particular provider (inpatient), these same codes may affect those patients that are outpatient for that same provider. And know they will affect some provider at some time for sure. When the auditor reviews a medical record, they should be able to verify that the coding submitted to the payer is correct. These codes are used by the payer to establish many things. They are used for payment as well as case management of the patient care in many cases. Medical coders also establish many other "codes" that are assigned to the claim, the UB- 04. Each one of the fields on the UB represents something that someone wants to know or track. It is important to know what these fields represent. These fields tell a great deal about the patient, and the provider. They link dates of service with diagnosis as well as services provided. The claim tells a story. In healthcare it is becoming more and more important to tell a more detailed story each time a patient comes into contact with a provider. When all the codes are correct and the patient s story is complete, a clean claim is submitted, and in most cases an expedited payment is received. Additional information regarding the UB- 04 and field locator is presented in 2B The OIG offers examples as well in their reports and findings as well as compliance guidance. There are several examples provided at: pdf 2C- 7 APPLY REGULATORY AND LEGISLATIVE POLICIES IN MEDICAL AUDIT ACTIVITY Regulatory and legislative policies govern Medicare and Medicaid compliance and reimbursement. The legislative policies that would be of most relevance in an audit are the eligibility, coverage, compliance and medical necessity policies. Eligibility will be covered by the Social Security Act, 42 CFR or Medicare / Medicaid Policies. Eligibility should be the first step in an audit. This is because if the patient was not eligible for coverage then the rest of the audit is moot. Most hospitals and physicians offices have on- line eligibility software. Alternatively some private payers also allow for eligibility checking on their websites. No matter how this is achieved the regulations provide methods to determine eligibility. 93 Submitted by Nicole Cormier, LVN CMAS, National Audit, Florida 167 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

168 Introduction Other aspects of the regulations include coverage and compliance. These regulations are located within the CMS manuals. These filters down from the Social Security Act, 42 CFR to the transmittals and finally the manuals. Manuals can be found at: While the Internet- Only Manuals (IOMs) contain the majority of current regulations, older regulations are still found within the Paper- Based Manuals. The IOMs all begin with publication 100 and then each manual has its own individual secondary identifier number. The majority of audit requirements are found within the Medicare Benefit Policy Manual (100-02) and Medicare Claims Processing Manual (100-04). MEDICARE INTERNET ONLY MANUALS (IOMS) The IOMs are as follow. Publication # Title Medicare General Information, Eligibility and Entitlement Manual Medicare Benefit Policy Manual Medicare National Coverage Determinations (NCD) Manual Medicare Claims Processing Manual 168 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

169 Publication # Title Medicare Secondary Payer Manual State Operations Manual Medicare Program Integrity Manual Medicare Contractor Beneficiary and Provider Communications Manual Quality Improvement Organization Manual Reserved State Medicaid Manual (The new manual is under development. Please continue to use the Paper- Based Manual to make your selection.) Medicaid State Children's Health Insurance Program (Under Development) Medicare ESRD Network Organizations Manual Reserved Medicare Managed Care Manual CMS/Business Partners Systems Security Manual 169 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

170 Coverage The The The Publication # Title Medicare Prescription Drug Benefit Manual Demonstrations One- Time Notification Recurring Update Notification Medicare Quality Reporting Incentive programs Manual State Buy- In Manual MEDICARE PAPER- BASED MANUALS Older manuals can be located within the paper manual sections. The majority of these manuals date back to the time of cost based reimbursement. The paper- based manuals are as follow: Publication # Title 06 Issues Manual 09 Outpatient Physical Therapy/CORF Manual 10 Hospital Manual 11 Home Health Agency Manual 170 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

171 The The The The The The The The 12 Skilled Nursing Facility Manual 13 Intermediary Manual 14 Carriers Manual 15-1 The Provider Reimbursement Manual - Part The Provider Reimbursement Manual - Part 2, Note: To comply with section 508, active cost report forms are furnished in two formats. Section 508 compliant format identified as files with a CSV extension, for the visually impaired and the standard Excel files for non- impaired users. 19 Peer Review Organization Manual 21 Hospice Manual 23 The Regional Office Manual (Available to CMS staff through TIMS) 27 The Medicare Rural Health Clinic and Federally Qualified Health Center Manual 29 Medicare Renal Dialysis Facility Manual 45 State Medicaid Manual 81 ESRD Network Organization Manual 171 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

172 Within this grouping of manuals we find some very essential references such as the Hospital Manual (which has become the Benefit Policy and the Claims Processing Manual). Other regulations can be found in the instructions to the Fiscal Intermediary within the Intermediary Manual. Many commercial payers follow Medicare and/or Medicaid guidelines. Therefore, when performing a commercial or managed care audit the contract must be reviewed to determine if the particular payer does follow these regulatory guidelines. Finally, Medicare guidelines are also provided regionally by Medicare Administrative Contractors (MAC). They generally provide instructional guidance on claims management. They provide additional guidance on medical necessity. Medical necessity is covered more in depth within Core Domain 2C- 4 2C- 8 REPORT IDENTIFIED AND POTENTIAL QUALITY AND RISK MANAGEMENT ISSUES During the auditor s review of the record it is not uncommon to come across a pattern or behaviour or a singular event that should be reported to appropriate personnel. Risk / Quality management issues such as never events discovered within the record should be included within the final report as a tangential finding. Never events are defined by the National Quality Forum and can be found at: Examples are wrong surgery performed, wrong patient, wrong body part etc Other risk management / quality issues can be nursing performing services without a valid physician order, physicians providing incomplete orders, failures to document procedures or services. The auditor may need to use their judgement to review the record and include in the report any areas where documentation did not support a service or demonstrated risk. Other areas of risk could be charges placed on the wrong account as the patient would have co- pay and or full liability for services not rendered and could be considered fraudulent charges. No matter what the inconsistency medical- legal issues should be included within the report to the client. In some cases, audits are conducted under an attorney- client privileged engagement. In this case, the supervising attorney may direct the auditor to label the documents as workproducts. Disclosure of any findings can only be made directly to the attorney who will then share the products with his / her client. 2C- 9 PARTICIPATE / CONDUCT INTER- RATER RELIABILITY (IRR) AND VALIDATION EXERCISES According to Wikipedia, Inter- rater reliability is defined as: In statistics, inter- rater reliability, inter- rater agreement, or concordance is the degree of agreement among raters. It gives a score of how much homogeneity, or consensus, there is in the ratings given by judges. It is useful in refining the tools given to human judges, for example 172 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

173 by determining if a particular scale is appropriate for measuring a particular variable. If various raters do not agree, either the scale is defective or the raters need to be re- trained. There are a number of statistics that can be used to determine inter- rater reliability. Different statistics are appropriate for different types of measurement. Some options are: joint- probability of agreement, Cohen's kappa and the related Fleiss' kappa, inter- rater correlation, concordance correlation coefficient and intra- class correlation. 94 An example of how an audit is conducted using the inter- rater reliability concepts can be found at: 5/hs/UM/MPUP3026.pdf An excerpt from that document and the relevance to healthcare auditing is detailed below rater_reliability 173 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

174 95 Non- financial audits also are examples utilising inter- rater reliability. Many examples of Quality audits can be found within National Health Service in the United Kingdom. One specific report can be found at: 2C- 10 DEVELOP / UPDATE DATABASE FOR TRACKING AND TRENDING MEDICAL AUDIT FINDINGS The US is in an auditing frenzy. There are federal audits like MAC, RAC, Medicaid RAC, and ZPIC s. Additionally, there are commercial, third party administrator and quality audits being conducted by all types of payers. Developing a database for tracking and trending medical audit results is entirely dependent upon the deliverable and type of audit being undertaken. Facilities (Hospitals) in specific are /hs/UM/MPUP3026.pdf 174 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

175 utilising extensive software programs to track their audits, denial management and appeals process. One such audit program is found at the American Hospital Association and known as RACTrack. issues/rac/ractrac.shtml There is also proprietary software that manages all payer types such as that offered by Craneware Insights. ( The auditor does not need to utilise software programs but can utilise Microsoft programs such as Access and Excel and create template tracking. Record Gross Charges Over Under Adjusted Gross Reviewed Settled $10, $0.00 $0.00 $10, wm 2/29/ $1, ($12.00) $0.00 $1, wm 3/12/ $8, ($886.00) $ $7, wm 3/1/ $9, $150 $0.00 $9,400 jj 3/18/12 Databases are essential in the overall management of audits. The auditor must be prepared to discuss and prepare databases as part of the overall deliverable. The database should support the deliverable as either the main exhibit or cross- referenced to the executive summary. Databases are essential to all work that the auditor performs. 2C- 11 PREPARE / SUBMIT COST BENEFIT AND FINANCIAL IMPACT ANALYSIS REPORTS Cost benefit analysis covers many aspects of business decisions. Some of the concepts within the cost- benefit analysis domain are concepts such as return on investment (ROI) and financial justification. While there is no one definition we refer to Wikipedia for a common definition. Wikipedia states: Cost benefit analysis (CBA), sometimes called benefit cost analysis (BCA), is a systematic process for calculating and comparing benefits and costs of a project, decision or government policy (hereafter, "project"). CBA has two purposes: To determine if it is a sound investment/decision (justification/feasibility), To provide a basis for comparing projects. It involves comparing the total expected cost of each option against the total expected benefits, to see whether the benefits outweigh the costs, and by how much. CBA is related to, but distinct from cost- effectiveness analysis. In CBA, benefits and costs are expressed in money terms, and are adjusted for the time value of money, so that all flows of benefits and flows of project costs over time (which tend to occur at different points in time) are expressed on a common basis in terms of their "net present value." Closely related, but slightly different, formal techniques include cost- effectiveness analysis, cost utility analysis, economic impact analysis, fiscal impact analysis, and Social return on investment (SROI) analysis. 175 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

176 The following is a list of steps that comprise a generic cost- benefit analysis. [2] List alternative projects/programs. List stakeholders. Select measurement(s) and measure all cost and benefits elements. Predict outcome of cost and benefits over relevant time period. Convert all costs and benefits into a common currency. Apply discount rate. Calculate net present value of project options. Perform sensitivity analysis. Adopt recommended choice. 96 As you can see from the above process this fits squarely within the auditor s domain. Facilities use cost benefit analysis to determine the effectiveness of a particular healthcare programme or a piece of capital equipment under consideration. Healthcare auditors from both the commercial and federal side review records and determine if the cost of providing the care meets their guidelines. Many times a feedback loop will be placed to provide alternate measures such as quality to improve the overall cost- benefit. The actual audit process will be determined by the measure to be evaluated. These could include a sampling of claims with a particularly high cost to them and determine if the current method of providing care is the most effective. Such an example is the Office of Inspector General reports (OIG) that examine elements stated on their workplan with the overall goal of ensuring integrity of the program as well as looking for ways to be more effective with taxpayer resources. Some examples of the audits used within the main scheme of healthcare are: act- oversight/index.asp#audit 96 benefit_analysis 176 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

177 CORE DOMAIN 2D: QUALITY IMPROVEMENT; EDUCATION & TRAINING 2D- 1 , DEV/UPDATE/MAINTAIN/DISSEMINATE TRAINING MANUALS AND EDUCATIONAL MATERIALS Quality improvement is a process that all participants in a system will be involved with. While we will speak to the auditor perspective here the overall quality improvement is a result of all people within the organisation. Duke University stated the following in a patient quality / safety publication. The definition of quality often depends on the stakeholders. Stakeholders are, as the name implies, people with some stake or concern in the process. In manufacturing, the definition of quality can be fairly straightforward. Products should work as intended with a minimum number of faults or failures. Stakeholders might be: Management, who wants to see improved production numbers with acceptable quality. Union officials, who want the best conditions and highest pay for employees Employees, who want consistent work in a safe environment. Customers/purchasers, who want value for their money. In service industries, customer satisfaction is often the primary measure. 97 From the audit standpoint we may want to achieve higher efficiency resulting in more accurate results for a less expensive cost to our clients. However, in order to achieve these measures the auditor / audit management or audit firm (including hospital auditors) will need descriptive guidelines to follow. The use of to disseminate on- going training manuals will be required. should contain a workflow approach whereby specific elements are sent out and tracked as delivered and read by the recipient. As a manager, you will need to follow up with the audit staff and determine if the materials were received and conduct on- going education on the documents and educational materials provided. Simply providing the materials through and electronic media is not going to suffice. Human review of the materials will need to occur. Managers need to ensure that there is a feedback loop to allow staff to voice both positive and negative comments regarding the education and always strive to improve the educational documents. Common examples of educational materials sent out to hospitals comes from the Medicare Learning Network (MLN) at the Center for Medicare and Medicaid Services (CMS). From this site there is on- going education that the auditor must be aware of to ensure that when auditing that all appropriate materials are being utilised. Many other groups within the Federal community provide guidance such as Medicaid, Medicare Administrative Contractors (MAC) and even the Recovery Audit Contractor (RACs) Copyright 2012 William L. Malm, ND, CMAS & AAMAS

178 The auditor can become part of these resources simply by signing up for a list- serve which delivers important healthcare information directly to their box. We recommend you look at the MLN site and see some of the options open to the auditor. 2D- 2 PARTICIPATE IN EDUCATION AND TRAINING OF STAFF Audit management and staff must continue to have on- going education. Those auditors that have the CMAS designation should participate in education as directed by CMAS. Continuing education units can be found on the AAMAS website at For non- CMAS auditors, the audit manager should prepare a selection of educational events and put them into the auditor s annual appraisal as non- negotiable items. For example, the audit manager could state that each auditor must obtain one CEU or hour from specified bodies. If the auditors are nurses then a combination of Nursing CEU (clinical), auditing (such as those offered by AAMAS) and regulatory such as those offered by CMS must be obtained. It is incumbent upon the audit manager to ensure a well- rounded course of study is set forth to enhance the auditors overall knowledge, accuracy and effectiveness within their field. Using the annual appraisal to determine what each employee requires is an opportunity that should not be missed. This time allows for the audit manager and auditor to jointly determine any weaknesses or perceived concerns for which specialised on- going education can be obtained. Many audit firms use weekly or bi- weekly conference calls to cover a topic, in a less formal fashion. For example, there have been concerns expressed regarding what documentation should be reviewed for supply items that are considered implants. Possibly the manager could combine with a couple of auditors to prepare a small PowerPoint presentation to aid the staff and guide the department. The importance in participating in on- going education with staff cannot be understated. 2D- 3 DEVELOP QUALITY ASSURANCE / IMPROVEMENT POLICIES & PROCEDURES Quality Assurance and Improvement policies and procedures will be more than just audit focused. Many facilities and audit organisations use outside accredited programmes to ensure that quality and quality improvement are an on- going process. Some of these programmes are: Leapfrog and Leapfrog Insights: o Leapfrog Hospital Insights is a new program of The Leapfrog Group designed to promote high quality and efficient hospital care. Information collected through the 178 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

179 o program builds on Leapfrog s Hospital Quality and Safety Survey and provides additional performance ratings for use by consumers. 98 Six Sigma: In the Six Sigma model, chart audit is part of the Measurement step of DMAIC. D: In the Define stage you identify the issue and the target group to be measured. M: Under Measure you could use a chart audit to actually do the measurement and collect the data. It would be important to determine a statistically significant number of charts to audit, as the Six Sigma relies heavily on statistical tools to determine the impact and goal for improvement. A: You would then Analyze the data to determine the corrective action. I: In the Improvement phase you would implement the corrective action. C: Chart audit can be used again as a tool of measurement for the Control phase to validate the impact of the change and monitor for any aberration. 99 Healthcare and Non- healthcare organisations frequently look to training with the Six Sigma scheme. Six Sigma can provide objective analysis and outcomes that assist with the quality improvement process. In the following excerpt General Electric (a non- healthcare company) describes the importance to their organisation. Six Sigma is a highly disciplined process that helps us focus on developing and delivering near- perfect products and services. 100 No matter what the course of study or whether it is internally prepared, there must be clear and measurable objectives and outcomes. Every action required to achieve the outcome must be documented within an associated policy and/or procedure and the staff educated on these policies and procedures. Ultimately objective actions and measurable outcomes will be the end result. 2D- 4 MONITOR PRODUCTIVITY LEVELS OF STAFF Staff productivity is essential to managing an audit. Our consumer depends upon an effectively managed process and finite result. As such, it is important to perform on- going assessment of the auditor s productivity. Using standards of coding records produced by organisations such as AHIMA and AAPC baseline record review times can be determined. Staffs who takes longer than these suggested times in a trial during orientation should not be put on a job alone until they have maintained a Copyright 2012 William L. Malm, ND, CMAS & AAMAS

180 minimal level of productivity. As part of the annual appraisal, auditors should receive the productivity requirements of their position. As an independent auditor or audit firm, productivity is everything. Productivity determines your overall livelihood. Productivity standards should also be written into contracts such that a minimum number of records will be reviewed per (hour, day, week) as long as all the data requested is present at the time of the audit. Clearly it is important to specify the need for the accessibility to data when writing the audit letter. Should productivity fall in an auditor remedial steps should be discussed. Potentially the auditor was weak in that area or the records were in shambles leaving the auditor no choice but to review them in a different fashion. Whatever the cause decreases in productivity must be investigated immediately. Productivity standards among audit staff can be an early warning indicator of a concern that should be addressed by management immediately to prevent further declines. Use productivity as a tool for success rather than a punitive measure. 2D- 5 RECOMMEND PROCESS IMPROVEMENT SOLUTIONS Every audit results in findings either positive or adverse based on documentation, policies and procedures. Process improvement is nothing more than a series of steps taken to improve the overall existing business, audit or other process to meet an organisation s goals for growth. Process improvement involves all the core domain steps in 2D to reach the ultimate goal. The audit firm/auditor is in the unique position to review the findings and create action steps to ensure that adverse findings are addressed and results in process improvement. In the same manner the overall audit can be evaluated as to the process against objective policies / procedures. Failures in the process can be addressed and result in action steps to create overall process improvement. CORE DOMAIN 2E: COMPLIANCE / SPECIAL INVESTIGATIONS 2E- 1 DEVELOP RISK ASSESSMENT SURVEYS Risk assessments, or risk analyses, are defined in many venues. For example, Investopedia defines a risk assessment as follows. The process of determining the likelihood that a specified negative event will occur. Investors and business managers use risk assessments to determine things like whether to undertake a particular venture, what rate of return they require to make a particular investment and how to mitigate an activity s potential losses assessment.asp#axzz1pns2fazw 180 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

181 Wikipedia defines risk as the potential that a chosen action or activity (including the choice of inaction) will lead to a loss (an undesirable outcome). 102 In any venue a risk assessment provides objective standards in which to judge whether an action or activity will result in a positive or adverse outcome. The purpose of the task is to examine a discrete aspect of a department or program to provide information in support of development of the overall compliance plan. An accompanying benefit is that the analysis may provide current data concerning the status of the program. Risk analysis requires viewing the program from a variety of angles. Not only should the auditor understand the culture of the company and experience of employees in the reviewed department, i.e. internal knowledge, the auditor must also be familiar with the multitude of rules, regulations and audits that affect the assessment, or external knowledge. Then, the task is to blend the information to develop a cohesive document. First, develop a checklist for information to be analysed if your company does not provide that resource. The checklist will be a reminder of all the areas to examine during the time of the current and future assessments. Additionally, a checklist will provide consistency in the approach and process of the assessment. Develop a risk assessment template to use in all risk assessments. Standard documents will support a culture of compliance claim and enable reviewers to understand the process. During the course of the assessment, examine OIG audits, webinars and court decisions regarding your subject area. If, for example, the subject area is compliance with the requirement to provide a primary care provider for a beneficiary in a Medicare plan, failure to review case law which better defines a plan s obligation will negatively impact ability to accurately assess risk. Also, carefully document the process. A completed risk assessment may be accurate and supported by facts, regulation and company policies, but not defensible. Assure that supporting documents are easily retrievable. Save all s and other records. They are a reminder not only of the process for the auditor but will support the observations in the report. On a practical level, review all policies and procedures related to the program or department. Consideration should be given to two major issues. One, do current policies and procedures conform to the mandates of regulations? As part of this analysis, check for consistency of language. Is a Medicare beneficiary referred to as an enrollee or a member? For employees who may not be familiar with this terminology, consistent wording is crucial. Second, does the department or program have a complete list of policies and procedures sufficient to show compliance and advise employees on a course of action? Copyright 2012 William L. Malm, ND, CMAS & AAMAS

182 The purpose of sufficient policies and procedures is two- fold. Policies and procedures are the law of the company. Second, risk assessments must be approached with the view that external review is likely. Policies and procedures that are lawful, clear and applied will assure less scrutiny. 2E- 2 CONDUCT DUE DILIGENCE AND COMPLIANCE AUDITS USING SET RULES, POLICIES AND PROCEDURES Much of the same process discussed above concerning risk assessments should be followed in an audit. The auditor must review Medicare and/or Medicaid Manuals, sections of the Code of Federal Regulations, OIG audits, CMS enforcement actions, contracts, state law and results of related litigation. The significant difference between a risk assessment and compliance audit is that in a risk assessment, the focus is a high level view, while in a compliance audit, the auditor will review the organization s performance in a discrete area, such as Part C claims turnaround time or timeliness in making organization determinations, Part D coverage determinations, redeterminations or appeals. That said, predetermined parameters assure consistent results. Prior to the initiation of the audit, create an audit report template. The intent, as with a risk assessment, is to have a tool that is a snapshot of the work. Part of the set procedure should be contemporaneous record. During the course of the audit, record methodology chronologically. Record observations at the time of discovery. Add legal references at the time of review. Remember that the audit is a document that should be reviewed by senior management. Suggested areas to include in the audit report are the executive summary, objective and scope, methodology, observations, requestor s response, action plan and anticipated completion date, recommendations, conclusion and implementation of recommendations. The project should be a collaborative effort, part of the basic procedure. Discuss the scope of the audit with a supervisor. Assure understanding of the objective at the inception. Audits often review the operation of another department. Review of policies of that department and asking questions from employees in that department may become relevant. With a supervisor s assistance, establish a working relationship with the department by meeting with the manager. Inform the manager of the audit. During the audit, questions about the categories to search in a spreadsheet, understanding a department process, or other issues will need answers. Ask the department manager for a contact within the department to assist. 2E- 3 PREPARE AUDIT WORK PAPERS AND REPORT FINDINGS Work papers are foundational to the preparation of a compliance audit. Each audit s work papers will contain the facts and law that led to the development of the report and associated findings. The two crucial components to a quality audit are finding and understanding the pertinent standards and careful analysis of the facts. Then, the auditor melds the two to document observations, prepare a conclusion and provide recommendations. Following the recommendations in the prior section regarding following set rules, policies and procedures will assist the auditor in preparing the work papers and report. 182 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

183 As the auditor progresses through the analysis, which may occur over time due to other responsibilities, saving copies of the raw data, samples pulled from the raw data, findings based on the samples, including outliers, regulations reviewed and analysed is crucial. The auditor must be prepared to support observations and findings upon review. No document, or other snippet of information is too minor such that it may be disposed of. Develop a logical and searchable system. Consult other auditors. Prepare a proposed format to save your material and review it with your supervisor. Devise logical categories are facts from certain time frames, i.e. Q1 CY Use descriptive material to help access the data. Name a folder ABC Medicare Health Plan Non Contract (or use K) unclean Q Save copies of case law, manual provisions and regulations that apply to the audit. Develop a folder and use descriptive terms to easily find the regulations at a later time. Develop simple tables to abstract data for reviewers. Since the audit may be written over a period of time, the work papers and preliminary report will assist in reviewing data, law and preliminary findings. Additionally, the audit process will be more efficient, saving time to review data or law yet once again. 2E- 4 DEVELOP COMPLIANCE PLANS Compliance plans are developed for the needs of the organization, depending on the identified strengths and weaknesses of the company, including both positive and negative recent events and the status of the compliance department leadership and staff. Some of the major purposes to take into account in developing a compliance plan are that it is required, that no company can know where it is compliant or non- compliant unless it does careful evaluation and to aid in the culture of compliance. The federal sentencing guidelines provide general categories to review to develop a compliance plan. Additionally, review of the current Office of Inspector General Work Plan, OIG audits, CMS enforcement action letters and recent court decisions will provide a basis for the general outline of a plan. Carefully structured surveys may be useful. Depending on the confidence in the results of a survey, auditors and compliance officers may choose to emphasize certain issues. Review results of mandatory company training. If a particular training shows a weakness in understanding a crucial compliance issue, that information may be used in evaluating a department s compliance. Risk assessment and audit findings form part of the basis for developing a compliance plan. They will provide guidance to the auditor and compliance officer about areas that seem to be compliant or non- compliant. CMS letters related to organization noncompliance support including those issues in a compliance plan. One may picture a compliance plan as a wheel and spokes situation. The plan is the centre portion of the wheel out of which the spokes emanate. Information passes back and forth from various spokes as 183 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

184 the wheel and spokes rotate. The point is that different speeds, conditions, and inputs may modify your well- planned and executed compliance plan. Thus, the plan must be both structured and flexible. It must be able to keep the forward looking view of evaluating and increasing compliance at the organization, while it maintains flexibility to adapt to new situations. 2E- 5 INVESTIGATE COMPLIANCE REPORTS AND ISSUES Much of the material discussed above will guide investigation of compliance reports and issues. Develop an objective fact and law- based procedure to enable clear memory and document all the steps taken. Thus, apply set rules, policies and procedures. Contemporaneously document all interviews, research and thoughts. Utilize learning based on experience from prior compliance department investigations. In an investigation of a compliance report, what are normally denominated soft skills are of paramount importance. While developing trusting relationships with co- workers is important for all assessments, audits and planning, it is even more crucial in compliance report investigation. Effective investigation is, then, developed over a course of time. Co- workers and colleagues must perceive that the investigator is approachable, objective, an active listener and non- judgmental. Remember, one possible outcome for your organization is that someone inside your organization does not perceive that the company is ethical, supportive and protective. Numerous qui tam, or more well known as False Claims Act whistle blower cases, arose from employees telling their company about unethical behaviour and receiving either no reaction or untoward consequences. Another potential negative situation is that an external auditor or other agency may identify an issue that an employee knew about, but chose not to disclose. Auditors must, then, actively encourage the culture of compliance. Certainly, no organization will find or know about the issues, but cultivating the atmosphere such that co- workers follow their duty to expose issues and are supported in the process is crucial. Compliance reports may also be initiated by members in the plan, employees of other organizations, cooperative government entities, i.e. Department of Human Services. Employ the same process as above in investigating. Realize, too, that some of these reporters may assist or hinder in future investigations. 2E- 6 RECOMMEND / MONITOR DISCIPLINARY AND CORRECTIVE ACTION PLANS A portion of the auditor s role may be to become involved in recommending or monitoring disciplinary corrective action plans. Use care, however, in stepping too far into that arena. 184 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

185 It is likely that the auditor will uncover facts during audits, assessments or investigations that lead to potential disciplinary action for co- workers, colleagues, members or others involved with the organization. For example, an audit could reveal issues that indicate a need for training of an employee. While the auditor s role is to investigate and illuminate, the perception of objectivity requires that the auditor carefully navigate moving too far into the disciplinary realm. The auditor s investigation may reveal noncompliance by an external entity. Often, the noncompliance may not be identifiable to an individual. The proper course of action, then, is as above. Carefully document the process, interviews, documents and law for presentation to a manager. However, the auditor must distinguish between discipline and corrective action plans. Corrective action plans are more focused on action, process or procedure that is non- compliant and is not oriented toward a particular individual. The plan records the action or inaction that led to the failing; the standard not met timeline for response and alleviation of the error and follow up. 2E- 7 COLLABORATE / COOPERATE WITH EXTERNAL AND REGULATORY AUDITORS Auditors should collaborate and cooperate with external and regulatory auditors as directed. Depending on the situation, auditors may have little time to be fully ready to participate in an external or regulatory audit. Remember that an auditor acts in a discrete function within a department. The role is to be an objective reviewer of facts who is aware of the law and then synthesizes that information into a cogent document written to a particular audience. As such, the auditor is not the sole employee or responder to review of company actions. Many employees of the organization will provide details to the authorities. However, the auditor should review past reports as time allows and seek guidance from management concerning the limits of areas and depth of material to be discussed. Certainly, the auditor should cooperate, exercising wisdom in choice of words and amount of explanation. 2E- 8 MONITOR / APPLY OIG AND GENERAL SERVICE ADMINISTRATION SANCTIONS LIST The U.S. Government publishes lists of excluded individuals and parties who may not participate in Federally funded programs such as Medicare. The Office of Inspector General (OIG) and the General Services Administration provide two of the most pertinent listings. These exclusion listings can be found at: OIG: General Services Administration: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

186 Per the OIG website, exclusions can occur for a number of reasons. Mandatory exclusions: OIG is required by law to exclude from participation in all Federal health care programs individuals and entities convicted of the following types of criminal offenses: Medicare or Medicaid fraud, as well as any other offenses related to the delivery of items or services under Medicare, Medicaid, SCHIP, or other State health care programs; patient abuse or neglect; felony convictions for other health care- related fraud, theft, or other financial misconduct; and felony convictions relating to unlawful manufacture, distribution, prescription, or dispensing of controlled substances. Permissive exclusions: OIG has discretion to exclude individuals and entities on a number of grounds, including misdemeanour convictions related to health care fraud other than Medicare or a State health program, fraud in a program (other than a health care program) funded by any Federal, State or local government agency; misdemeanour convictions relating to the unlawful manufacture, distribution, prescription, or dispensing of controlled substances; suspension, revocation, or surrender of a license to provide health care for reasons bearing on professional competence, professional performance, or financial integrity; provision of unnecessary or substandard services; submission of false or fraudulent claims to a Federal health care program; engaging in unlawful kickback arrangements; and defaulting on health education loan or scholarship obligations; and controlling a sanctioned entity as an owner, officer, or managing employee. 103 CMS began providing Medicare plans access to its Medicare Exclusions Database (MED) in the summer of The benefit of utilizing that database is that it allows searching by more categories than LEIE and EPLS. States have begun providing their own exclusion lists. If a potential employee has worked on other states, it is prudent to determine if each state has a distinctive exclusion list and to determine what information, if any, appears. Additionally, on- going monitoring of relevant lists is normative. Postings to state lists may be delayed for a variety of reasons. CMS began providing Medicare plans access to its Medicare Exclusions Database (MED) in the summer of The benefit of utilizing that database is that it allows searching by more categories than LEIE and EPLS. States have begun providing their own exclusion lists. If a potential employee has worked on other states, it is prudent to determine if each state has a distinctive exclusion list and to determine what Copyright 2012 William L. Malm, ND, CMAS & AAMAS

187 information, if any, appears. Additionally, on- going monitoring of relevant lists is normative. Postings to state lists may be delayed for a variety of reasons. The exclusions listing must be reviewed by the Healthcare facility or organisation to ensure they do not employ or do business with an excluded party. Should they fail to do this they may be subject to civil monetary penalties and will be required to return paid claims. As part of the monitoring, the organization should determine how often it will perform the monitoring and who will do the monitoring, if not the organization itself. The frequency of monitoring is a risk assessment; how much risk does the company want to assume by deciding to check yearly as opposed to monthly. Senior leadership should be advised of the issue and provide guidance on frequency. Complying with the monitoring task can be time consuming. Companies should evaluate whether performing the monitoring in house as opposed to engaging a service is more prudent. Remember, however, that the company remains ultimately responsible for its employees and contractors. Review of any service for its attention to detail and accurate information is required on a systematic basis. 2E- 9 INTERPRET / APPLY / DISSEMINATE LAWS, ACCREDITATION, LICENSURE AND CERTIFICATION MANDATES Auditors may be called upon to understand and share implications of legal issues within their organization. One of the first considerations is that unless the auditor is a licensed attorney, the information provided must not be couched as containing legal advice. If an auditor becomes aware of legal issues or assesses a possible legal issue, seek a supervisor or meet with legal counsel. With experience in the organization, an auditor may become more comfortable in identifying and sharing legal issues. Remember, though, that the task is not to provide advice on a course of action, but more to share identification of an issue. Analysis, then, is acceptable. Auditors may identify relevant statutes or prepare memoranda on issues. To protect the organization and auditor credibility, err on the side of caution. Accreditation, licensure and certification mandates are appropriate and relevant areas for examination. Auditors may need to review documents to assure that physicians, nurses, home health aides and other practitioners are current in continuing education, CPR training, licensing and are not excluded. As stated above, familiarity with OIG audits, state regulations, exclusion databases, state and federal law all are relevant. Further, each has individual requirements to maintain their practice. Investigate requirements, ascertain the value of old addresses and places of education. Use Internet search engines. Reviewing 187 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

188 national practitioner data banks, malpractice records, licensing in adjacent states and named defendants in litigation may assist in the investigation. Consider, as well, using a service that aggregates information. The searches required for complete and accurate investigation can be time consuming. An auditor may find time and efforts better used in other tasks. CONCLUSION An auditor s tasks are varied and may be complicated. However, utilizing consistent approaches to the job will simplify and validate the investigations. Finally, remember that compliance is best practiced with the whole company perceiving that compliance is crucial to the success of the company and that colleagues in the department are useful allies. Compliance auditing requires cooperating with a team; best practice mandates utilizing available internal and resources for success. CORE DOMAIN 2F: CONTRACTS AND NEGOTIATIONS 2F- 1 REVIEW / WRITE CONTRACTS Reviewing and the creation of contracts are completely dependent upon the venue in which the auditor is working. There are several venues that are part of audit these are: Contracts between external independent auditors and private client Subcontractor contracts to larger audit firms Contacts between commercial payers and providers such as hospitals and physicians Third party administrator contracts. The look, feel and reason for the contract will be as varied as the audit functions themselves. However, there are some specifics within the contract that should be considered. The following from the Defence Contract Audit Agency. Every audit contract should include, as the example exhibits, the following: Purpose Cancellation Language Scope of the Contract / Audit Audit Procedures Fees 188 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

189 104 2F- 2 NEGOTIATE WITH EXTERNAL AUDITORS Negotiating with external auditor should be conducted with the highest professionalism. Many organisations have policies and procedures on working with external auditors. Some of the key points in negotiating with an external auditor could be: An expectation that the external audit firm will provide notification and scope of the audit to be conducted. If this is not provided the client should contact the audit firm and request such a letter. Ensure there is a contract in place and fees have be formally acknowledged Request a data /record notification document which has the external auditor define what data will be required to be available upon their arrival. Request a kickoff meeting or audit entry meeting to formalise the audit scope Conduct daily meetings with the external audit firm regarding progress of the audit (not the findings) Copyright 2012 William L. Malm, ND, CMAS & AAMAS

190 Immediately address data that cannot be provided (i.e. a record is missing / cannot be located) with the auditor Request an interim meeting / exit interview with the external auditor Review any areas / findings in which there is disagreement, either negotiate the resolution or rebut the finding In working with external auditors it is important to act in the most professional fashion possible. There are occasions when the external auditor may begin asking for additional information outside the agreed data request. At this point the client should determine if this is in fact constituting scope creep. The client is not required to agree to scope expansion and may politely decline to assist the auditor at that point until the scope is contractually resolved. It is important to understand, this core domain sets forth the benchmark for dealing with external auditors. The management of the external auditor should be through written, agreed upon documents clearly defining scope, time period for the audit, expected data and fees. 2F- 3 NEGOTIATE WITH PAYORS Negotiating with payors is not different than any other negotiation. Clearly stated goals and desired outcomes begin the process. Certain aspects will need to be considered. Are you negotiating as an auditor with a third party administrator or the payor Do you have the payor contract or contract with the facility in which you represent What are the terms of the contract has the client met these terms or is there a deviation from them. Know the actual cost to perform, markup on service (in other words what is the client s bottom line in the negotiation) Have the payor provide audit findings (ie. Appeals and decisions) Have a basic policy from finance or your client as to what their basic settlement practices are (i.e. in network, out of network, self pay discounts etc ) A sample negotiating policy is found below from a payor and is the property of the payor. As such this sample policy and may not be disseminated, copied or otherwise used outside this manuscript: I. Negotiating Assess the plan benefit level for the type of service being negotiated and the difference between PPO and non- PPO allowance (example: PPO paid at 90%, non- PPO paid at 50%). If no difference in benefit allowance or minimum difference (10%- 20%), proceed with negotiating. 190 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

191 a) If benefit allowance difference is significant (>15%), determine if member out- of- pocket maximums have been met for the year or will be met with the service/claim being negotiated, as benefits would be payable at 100%. If so, proceed with negotiations. b) If out- of- pocket maximums have not been met, a provider may be reluctant to negotiate a discount on top of a low percentage reimbursement rate. To offer reimbursement at the PPO level in exchange for a discount, the difference in the benefit allowance would need to exceed the proposed discount. Attention needs to be given to the final payment. Example: DME pays 100% for PPO, 80% for non- PPO. Provider will accept a 15% discount if paid at PPO level. If accepted, the group would pay 15% more than if there were no negotiation. Each presenting situation needs to be evaluated based on the benefit allowances and out- of- pocket status, and if savings can be achieved, proceed with negotiations. A common contracted rate for ancillary services is 10%- 30% discount off of charges. Ask non- PPO provider if they would be willing to discount 10-30% off of charges for expedited service, meaning they can fax the claim directly to you for timely handling and processing. Negotiate downward from 30%. II. Prompt Pay: If a provider will only negotiate a discount for a prompt pay which means you are held to a specific turnaround time for claim payment, you need to consider several things What discount are they willing to give, and for what turnaround time? If they are only willing to give a 3-4% discount for a 10- day turnaround, we are not able to do this. (The rule of thumb remains that for a hospital fee negotiation involving prompt pay; the charges should be at least $30,000.) If the discount is substantial enough to commit to a turnaround time contact the provider regarding meeting the requested turnaround time frame. IV. Fee Agreement: Once a negotiation has been achieved, complete and sign the Fee Negotiation form and fax to provider contact for signature. A review of this policy indicates clear definitions, requirements and predictable outcomes upon implementation of the contract. This is important especially for third party administrators as it provides substantive guidance from which to conduct audits. CORE DOMAIN 2G: DENIALS AND MANAGEMENT 2G- 1 TRACK AND REVIEW DENIED CLAIMS One of the most salient tasks of any hospital auditor is to track and maintains a database of claims that either requires a corrective action of a denial. With the advent of contingency- based audits by the 191 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

192 Federal Government, facilities depend upon a prompt, efficient and accurate response. Many facilities and external auditors have created databases using Microsoft Office products such as Excel and Access. Additionally, there are more formalized tracking systems such as those offered by Craneware Insights or the American Hospital Association RacTrack system. In any case, the volume of denials has become a daunting management concern for external, internal and third party auditors. Tracking should ensure that each stage of the denial and appeal process is well documented and ticklers created to ensure that all timely filing deadlines are met. One of the most difficult tasks for all types of auditors is processing the required information in a timely fashion. The internal auditor must work with HIM, Business Office / Patient Financial Services as well as clinical staff to assemble the requested information in order to appeal a denied claim. The external or third party auditor must ensure that all required information has been assembled, documented as received and date stamped as the claim in question is in dispute and records of receipt must be maintained. Whether you are internal, external, third party or governmental auditor the record maintenance is paramount and some sort of tracking software will be necessary to ensure successful review of the claim from any angle. INTERNAL AUDIT PERSPECTIVE: From a hospital perspective, denied claims represent a true disruption of cash flow and resources. Therefore, when the facility receives a denial letter they must respond in a deliberate and efficient fashion. Some suggested steps in tracking the denial could include: 1. Date and time stamp receipt of denial letter 2. Scan denial letter into an electronic database or begin a numbered file folder system 3. Determine what records will be required and if clinical input / coding input will be required 4. Notify HIM/ Medical Records to copy (or scan) the documents into an electronic database or place hardcopy records into folder 5. Obtain any necessary input such as physician query, HIM recoding of documents, copies of submitted claims and ensure that the electronic database or file folder is complete 6. Have physician / clinician and HIM / Medical records review the case and make necessary coding changes / physician notes 7. Have second person review all the records prior to submission to ensure completeness of response 8. Include any medical community standards and research you wish to provide 9. Include a very succinct appeal letter that will be capable of surviving and contributing to a successful appeal at any appeal level 10. Submit the records either electronically (CD, DVD) or in hardcopy ensuring that a complete copy of the submitted records are maintained on site 11. Submit records using a certified system such as certified mail, UPS, FedEx or other tracking mechanism documenting receipt by the receiving party. 12. Maintain a tickler within the record to designate important dates. a. Date of expected decision on appeal 192 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

193 b. Date of resubmission for a higher level of appeal c. Final outcome The facility can use either an internally created database or proprietary database for tracking. The result should be the same accurate tracking of the denial status and outcome and any feedback from the payer or government authority (ALJ) as to why the claim had an adverse or successful outcome. Outcomes can be improved based on this type of feedback therefore outcome data mining should be one of the mandatory requirements of any software or internal home grown product that is utilized. EXTERNAL / THIRD PARTY AUDIT PERSPECTIVE: The external / third party audit approach will be quite similar to the internal auditors approach. They will need to log and collate records and review these records based on criteria and timelines. A defined database will need to be created demonstrating key milestones and deliverables. A potential scheme might resemble the following: 1. Review records 2. Obtain copies or pertinent ancillary information 3. Utilise an systematic review process 4. Ensure deadlines are met 5. Maintain copies of all records, findings and responses 6. Utilise appropriate clinical review to ensure accuracy 7. Maintain records as required by either IRS retention regulations or internal corporate regulations whichever is longer. No matter what the approach (internal, external, governmental or third party) the audit s success will be dependent upon a flexible yet articulate software tracking system. This system must serve as a resource to manage and data mine the audits and ensure timely submission / receipts of paperwork. The outcome data mining will be essential to overall improving the appeal process if used by an internal auditor. 2G- 2 WRITE APPEAL LETTERS Writing appeal letters is becoming a more demanding responsibility of the internal auditor. Appeal letters must be succinct and provide all the necessary information to the payer or government payor (including MAC, MIC, RAC etc ) to ensure the best possible chance of overturning the denial. Appeals must be constructed from the first response to include all information needed to overturn the denial. Write to win!. Nationally, most facilities are not being as aggressive as they should be to confront denials and appeal those capable of appealing. There are many reasons for this lack of appeal such as resource constraint; appeal will be less reimbursement than the monies required to mount an appeal or sheer volume of denials. 193 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

194 There are a couple differences between a government appeal and a commercial appeal. For example, the Medicare Fee- For- Service model has five distinct levels of appeal whereas the state Medicaid may differ based on state laws. Additionally if the appeal is to a commercial payor or third party administrator different steps may be required. Therefore, the very first step in any appeal letter is to know whom you are appealing to and what the requirements of that payer are. Make sure that filing deadlines are met, as the most complete appeal will be rejected if the filing deadlines are not met. In writing appeals, it would benefit the auditor to create scorecards which are index cards or excel spreadsheets of the payor, the filing requirements, submission address and any other component of the payors required scheme. This will ensure that all requirements are easily accessible and met by the auditor writing the appeal. The five levels of appeals for Medicare would be: First Level of Appeal: Redetermination by a Medicare carrier, fiscal intermediary (FI), or Medicare Administrative Contractor (MAC). Second Level of Appeal: Reconsideration by a Qualified Independent Contractor (QIC) Third Level of Appeal: Hearing by an Administrative Law Judge (ALJ) in the Office of Medicare Hearings and Appeals Fourth Level of Appeal: Review by the Medicare Appeals Council Fifth Level of Appeal: Judicial Review in Federal District Court In writing an appeal letter, Ms. Karen Bowden of Craneware Insights provides guidance. 105 In her article on writing a Medicare RAC appeal she states several characteristics that should be included in a successful appeal letter. Some of these are: Recap the denial. Include pertinent information such as the date of the letter, the patient identifying criteria, the stated cause of the denial. Any element that would assist the RAC in identifying the denial and applying this response to it. State clearly your disagreement with the findings. Provide any argument and research that would support your stance that the claim should not have been denied Make sure you reference the relevant sections of the medical record that might have been overlooked or misinterpreted leading to the original denial. Discuss these sections and their pertinence to ensure that the denial is overturned. Provide any guidelines utilised in creating the original claims such as community standards and Interqual / Milliman or other criteria. If the appeal relates to a coding concern provide all necessary coding documentation Copyright 2012 William L. Malm, ND, CMAS & AAMAS

195 While the above mentioned article is proprietary the Office of Insurance Commission for Washington has an section of their website dedicated to appeals and appeal letters. Tips- Good- Appeal- Letter.shtml The Insurance Commission has the following recommendations in creating an appeal letter. Identifying information about you, your plan, and the claim (or treatment) that the plan denied. If possible, include a photocopy of your insurance card with your appeal. If you re writing on behalf of someone else as his or her authorized representative, be sure to include your contact information and establish your legal right to act as a representative. A clear statement to identify the decision(s) you re appealing. A description of where you are in the appeals process. A clear statement of what you hope to achieve with the appeal. A sincere statement of why you re appealing the decision. Customize this part of the letter to your situation. Be sure to include all relevant facts, and any persuasive details. A description of any supporting information you ve included for the review board to take into consideration A table of contents, if you have included more than a couple documents, to tell the reader where he or she can find specific items. A courteous, closing statement after stating your case, and indicate that you look forward to hearing their decision. 107 As the above examples have provided the actual recipient of the letter will dictate the format and content. Some governmental payors, such as Medicare, require a submission form to accompany the appeal letter others such as the commercial payors require that the denial be identified utilising their criteria. No matter the recipient a key component will be the articulate identification of the claim and denial reason in question. The remainder of the letter should provide concrete evidence (based on authoritative guidance or contract requirements) as to why the appeal should be successful. Including research, identifying portions of the medical record speaking to your point and physician documentation is key. Finally, if an appeal is successful or unsuccessful keep fastidious record of why the outcome occurred. Reviewing outcomes can lead to improved success in future appeals. 2G- 3 PARTICIPATE IN DENIAL AND APPEAL DISCUSSION AND FOLLOW- UPS In order to be effective in denial and appeals, data and data mining is a growing requirement. Effective denial management involves business decisions. For example, a potential case would cost $ to appeal but its total worth is $10,000. The actual business decision is to set forth a policy as to when to pursue appeals / denials and when to close out. Therefore, prior to beginning discussions and follow- ups the denials must be separated into those that will be pursued and those that will not due to Tips- Good- Appeal- Letter.shtml 195 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

196 business decision. In much the same fashion, business policies must be set forth as to when to contact and retain legal counsel to assist with the appeals process. With the advent of RAC s participating in denials and appeal process is becoming a specialty within the hospital setting. RACs continually increase the number of claims they pull every 45 days and it takes concerted efforts by all parties to track, manage and successfully appeal any denials. Auditors, case managers, physician advisors are just a few of the personnel required to adequately manage and successfully appeal a denial. The following is a rudimentary listing of steps the auditor should be involved with to successfully create and manage and appeal. Log receipt of denial o Include date of denial o Reason for Denial o Patient demographics o Claim demographics o Date appeal required o Physician involved in original case Review the medical record for any information relevant to the appeal Research the community medical standard as the evidence based medicine response to the denial Develop the appeal letter with a very precise opening statement then attach details to support your response Copy appeal including all supporting documentation Send to payor by certified mail, log the date sent, address and certified mail tracking number Follow up to see status of appeal. The auditor s participation in appeals and denials is essential. According to FierceHealthcare, the appeal success rate is greater than 75%. Hospitals reported $355 million in denied claims between the first quarter of 2010 and the third quarter of 2011, according to the quarterly RACTrac survey from the American Hospital Association (AHA). However, hospitals appealed nearly one- third of those Medicare Recovery Audit Contractors (RAC) denials and saw 77 percent overturned. The value of the successful appeals totalled $27.2 million nationwide, the survey notes. 108 Appeals will be come a growing requirement of the auditor and the revenue cycle / revenue integrity team within hospitals and providers. Auditors should be aware of both how to defend a claim through appeal or if a government auditor how to defend the original denial hospitals- appeal- rac- denials- 77- success/ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

197 2G- 4 CONDUCT ADJUSTMENTS AND PAYMENTS Adjustments and payments are the end result of the audit, the appeal, the negotiated settlement, or payer policy. In order to conduct an adjustment there is usually a reference to a contractual position that allows the payor or the provider to gain an adjustment. The auditor should maintain the whole record including the audit, the agreed upon adjustments and the final payments along with any supporting documentation. This step is rather perfunctory step for the auditor. Part of the adjustment process however, may include calculations such as stoploss calculations or simple accounting of the debits / credits of the particular claim. The adjusted claim would be the net amount reimbursement that after audit has been corrected for under / overpayments. 2G- 5 RECOMMEND BUSINESS PROCESS RULES According to Wikipedia business process is dependent upon rules. A business rule is a statement that defines or constrains some aspect of the business and always resolves to either true or false. Business rules are intended to assert business structure or to control or influence the behaviour of the business. [1] Business rules describe the operations, definitions and constraints that apply to an organization. Business rules can apply to people, processes, corporate behaviour and computing systems in an organization, and are put in place to help the organization achieve its goals. 109 As auditors, we identify flaws within a process that result in an adverse outcome to the business or we confirm that the process is working as designed. To begin, the auditor must diagram or be educated in the actual process in place at the time. Key steps are then audited to test whether they meet the criteria as designed or there are flaws. The auditor will document the results of the test and then provide specific recommendations to either alter the process or actions to be taken to bring the process back into alignment with design. This part of the auditing process is also known as a feedback loop. This part of the auditing process allows the auditor to draw upon their expertise to provide objective actions that will impact the business process in either a new or corrective fashion. In other words, assert control or influence the behaviour of the process. CORE DOMAIN 2H: HEALTH INFORMATION MANAGEMENT (MEDICAL RECORDS) 2H- 1 ABSTRACT/COLLECT RECORDS FOR DEPARTMENT INDICES / DATABASES / REGISTRIES Copyright 2012 William L. Malm, ND, CMAS & AAMAS

198 Auditors are generally not involved in the actual abstraction or collection of records for departments. Having said this they are very much involved with the growing trends toward data mining. According to Wikipedia, data mining is as follows: Data mining (the analysis step of the knowledge discovery in databases process, [1] or KDD), a relatively young and interdisciplinary field of computer science [2][3] is the process of discovering new patterns from large data sets involving methods at the intersection of artificial intelligence, machine learning, statistics and database systems. [2] The overall goal of the data mining process is to extract knowledge from a data set in a human- understandable structure [2] and besides the raw analysis step involves database and data management aspects, data pre- processing, model and inference considerations, interestingness metrics, complexity considerations, post- processing of found structure, visualization and online updating. 110 Departments, whether facility or large payers all run on data. The collection, benchmarking of this data is now a key role within the audit job description. In many cases certified auditors become part of a decision support team that analyses data and provides business recommendations. 2H- 2 COLLECT DATA FOR INTERNAL / EXTERNAL USE (QUALITY ASSURANCE, UTILIZATION MANAGEMENT, RISK MANAGEMENT AND OTHER RELATED STUDIES) As stated in the prior core domain, data is the driving force for business processes in With the advent of RAC, MIC and other types of governmental auditors, data mining became a new tool for the auditor to select samples likely to contain errors that will serve for recoupment purposes. Other departments require data to manage their claim submission as well. Quality is becoming an increasing element in the provision and reimbursement for healthcare. Therefore, quality data is now a requirement within the auditing scope of practice. Lets examine a specific example the Never Event. Never events were previously described within other core domains. Specifically this is an event in the care of a patient that should never occur. If it does occur then the patient nor the payer may be billed for activities resulting in the never event or for the subsequent treatment to regain the health after the never event. The auditor would review the record, determine if a never event occurred and provide objective results to manage the situation and to ensure it does not occur again. This would be reported to quality management and risk management with corrective action plans to ensure it did not occur again. Data management is a new responsibility for auditors as they interact with quality assurance, utilisation review and risk management. These new quality standards impact the business process and require accurate solutions to prevent adverse outcomes and recoupments Copyright 2012 William L. Malm, ND, CMAS & AAMAS

199 2H- 3 PERFORM QUANTITATIVE AND QUALITATIVE ANALYSIS According to BusinessDictionary.com a qualitative analysis is: Examination of non- measurable data such as reputation, brand image or customer perception of the business. Alternatively a quantitative analysis is measurable and verifiable data such as earnings, revenue, wages, and market share. 111 The auditor may be involved in analysis that reviews customer reviews such as the Press Ganey Scores ( ghts.aspx). Generally however, the auditor is more involved in a quantitative objective analysis. Using accounting regulations and policies and procedures to analyse the actual process and provide objective findings and solutions. As many different organisations begin to review the outcomes and quality standards of a hospital the auditor is becoming more involved in the process. As the auditor s role changes, tertiary centres are beginning to diverge into two types of audit processes. The quantitative and qualitative processes are now completely separate functions within the auditor s role. 2H- 4 CALCULATE AND INTERPRET HEALTHCARE STATISTICS While most statistical calculations require an experienced statistician, the auditor may become involved with these statistics. For example, a retrospective OIG review will use the statistical programme called RAT Stats. Most often the auditor will incur statistics as it relates to either a governmental action or recoupment process. Commercial payors use statistics from illness management to determine and manage risk. Utilisation of statistics are used and constructed by auditors in such matters as accident prevention and disease prevention with chronic matters such as diabetes, drug abuse and obesity. 2H- 5 MONITOR AND ENFORCE JCAHO STANDARDS ON HEALTH INFORMATION MANAGEMENT Tricare insurance provides the most definitive overview of this core domain. According to Tricare article JCAHO requires: The standards are based on principles of good information management, whether paper- based or automated. JCAHO instituted the information standards to ensure that healthcare organizations obtain, manage, and use information to improve patient outcomes and individual and hospital performance in patient care, governance, management, and support processes. The objectives of the standards are to achieve: More timely and easier access to complete information throughout the organization; Improved data accuracy; Demonstrated balance between proper levels of security and ease of access; analysis.html 199 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

200 Redesigned information- related processes to improve efficiency; and Use of aggregate data and external knowledge bases, and greater information sharing to enhance patient care. 112 Whether the Department of Defence or a private payor or the hospital providing the care management of these standards is becoming a challenging task. Auditors may be involved with security audits to ensure patient information remains confidential or testing access points to information. This core domain continues to evolve. 2H- 6 EVALUATE SOFTWARE AND CODING SYSTEMS Healthcare providers are making software a mandatory part of their revenue cycle. There are a number of different software concepts in the revenue cycle. Some of the following are commonplace software management tools. Eligibility checking admitting / registration processes Chargemaster coding / billing module Claim Scrubber billing module and billing processes Denial management tools post submission processes The most common coding / billing software in the U.S. today is the chargemaster software. This software, if implemented accurately, serves to apply procedural (CPT / HCPCS) codes to elements of services that are performed in the same fashion each time. Variability requires another coding software that interfaces human knowledge and coding through an encoding process. Some coding software packages also bundle or group the services into the DRG, Per Diem or MS- DRG methodology. When evaluating software packages the auditor should test the actual medical record against the code assigned by the software. Accuracy is paramount. In many cases these software packages include coding tools to assist departments, coding staff and general members of the industry to coding tools. Manufacturer such as Craneware, Craneware Inc., MedAssets, McKesson, Siemens and many others produce these packages. Each offers specific advantages that will require the auditor to review against the needs of their client or facility. 2H- 7 MAINTAIN RECORD STORAGE AND FILING SYSTEMS Federal, State and payor regulations direct record management and record retention. The actual requirement of the record dictates retention time. For example there is one time period for a record resulting from personal injury the record must be maintained long enough to be able to sue. Federal government programs such as Medicare generally insist on at least 7 years. For minors the default is the Copyright 2012 William L. Malm, ND, CMAS & AAMAS

201 age of majority plus two years. In some cases, retention follows IRS rules. Therefore most facilities are now defaulting to ten (10) years. This was a space concern with paper records but now with the advent of electronic records the focus changes. While data repository space remains a critical management problem; data integrity and security poses their own challenges. Records are more easily accessed now with the emerging electronic health record. However, at present most of the U.S. has not fully converted making paper documentation still a requirement. Accessing paper records require a process, labelling and management process to make the record available only to personnel who require it and in a timely fashion. Medicare.gov website provides an excellent overview of the EHR initiative being undertaken today. That website is: your- health/personal- health- records/personal- health- records- overview.aspx. 2H- 8 MONITOR CREDENTIALING PROGRAMS Auditors very seldom will become involved in credentialing of providers such as physicians and physician extenders. While this is a mandatory process within the organisation, it is not an auditing function. Other credentialing processes such as coders are generally managed through outside parties such as AHIMA and the AAPC. The only portion of the credentialing process that auditors may become involved in may be with the OIG sanctions review, National Practitioner database review or testing the results of the credentialing process to ensure it s overall accuracy. CORE DOMAIN 2I: INFORMATICS AND TECHNOLOGY 2I 1 , WORD PROCESSING, SPREADSHEETS AND DATABASES E- MAIL / WORD DOCUMENTS Documents such as e- mail, word processing, databases all contain Patient Health Information (PHI) data that must be guarded to ensure patient privacy. Privacy rules provide the guidance needed to ensure that all communications and databases that an auditor may construct meet the requirements. The following is taken from the HIPAA government website at: Does the Security Rule allow for sending electronic PHI (e- PHI) in an or over the Internet? If so, what protections must be applied? Answer: 201 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

202 The Security Rule does not expressly prohibit the use of for sending e- PHI. However, the standards for access control (45 CFR (a)), integrity (45 CFR (c) (1)), and transmission security (45 CFR (e) (1)) require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e- PHI. The standard for transmission security ( (e)) also includes addressable specifications for integrity controls and encryption. This means that the covered entity must assess its use of open networks, identify the available and appropriate means to protect e- PHI as it is transmitted, select a solution, and document the decision. The Security Rule allows for e- PHI to be sent over an electronic open network as long as it is adequately protected. Luxsci has a number of blogs relating to HIPAA. One of the best is located at: hipaa- says- about- - security.html HIPAA security applies specifically to protected health information, not just personal information. Protected Health Information (PHI), as defined in HIPAA language, is health information of an identifiable individual that is transmitted by electronic media; maintained in any electronic medium; or transmitted or maintained in any other form or medium. For example, all administrative, financial, and clinical information on a patient is considered PHI. Privacy Standards: The HIPAA Privacy Rule sets standards for protecting the rights of individuals (patients). Covered entities must follow the laws that grant every individual the right to the privacy and confidentiality of their health information. Protected Health Information is subject to an individual s rights on how such information is used or disclosed. Privacy Standard Key Point: Controlling the use and disclosure of oral, written and electronic protected health information (any form). Security Standards: Taking the Privacy Rule a step further, HIPAA implemented the Security Rule to cover electronic PHI (ephi). To this end, more secure and reliable information systems help protect health data from being lost or accessed by unauthorized users. Security Standard Key Point: Controlling the access to electronic forms of protected health information (not specific to oral or written). The Privacy and Security Rules focus on information safeguards and require covered entities to implement the necessary and appropriate means to secure and protect health data. Specifically, the regulations call for organizational and administrative requirements along with technical and physical safeguards. 113 For an auditor, almost everything we do contains PHI data. Communications between client and auditor frequently contains PHI and therefore must be protected. As of February 2010 HIPAA has become more hipaa- says- about- - security.html 202 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

203 stringent. Health Information Technology for Economic and Clinical Health Act (HITECH) adds some additional rules as stated below. HITECH adds the following requirements: Mandatory yearly audits by Health and Human Services to make sure that you are meeting the HIPAA requirements Explicit fines of up to $1.5 million dollars/year for disclosures of protected health information that violate the HIPAA Privacy Rules Business Associate Agreements with vendors and partners who have contact with your organization s protected health information is now mandatory. New mandatory reporting requirements on unauthorized disclosures of protected health information to those whose information was disclosed, to Health and Human Services, and for large enough disclosures, to the media. For HIPAA Business Associates, HITECH imposes even more serious changes: Business Associates are now responsible for following all HIPAA Privacy and Security regulations with respect to all protected health information that they obtain or generate. Unauthorized use or disclosure by Business Associates of any protected health information leaves the Business Associate equally liable to damages and unfavorable publicity. 114 Faxing information should also be a concern for the auditor. Faxing has inherent risks and without each party (sender / recipient) has encrypted phone lines the requirements may not be achieved. you should utilize sensible policies to mitigate the insecurities of the facsimile and help ensure that you are abiding by the Safeguards Principle in a reasonable manner. Some policies include: Do not send PHI over FAX unless it cannot be sent over other, more secure, channels. I.e. delivery by hand, secure , etc. Only send the PHI actually needed; do not send extra information. Always use a cover letter to prevent casual reading of the first page of the FAX. Use saved speed- dial numbers for common FAX recipients to prevent numbers being mis- dialed. Test these numbers periodically. For any new recipient, verify the FAX number with a test send of a facsimile before sending the actual protected health information. Develop policies on what to do if a FAX was sent to the wrong place. Configure your FAX machines to never save copies of received Faxes hitech- impact- on- - and- web- outsourcing.html 203 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

204 Make sure that PHI FAXes never remain on the FAX machine after receipt, and that they are promptly delivered to the intended recipient. Develop policies on the storage, copying, and disposal of PHI FAXes. Development of policies along these lines will help to mitigate security issues associated with Faxing. These guidelines are common in institutions having to abide by HIPAA especially if they are not aware of better solutions. 115 If faxing is not an option due to the concerns over privacy then fax by should be considered. No matter what choice the auditor utilizes to transmit audit- required information it must meet HIPAA and HITECH regulations. WORKSHEETS AND DATABASES Databases such as Access, Excel will also be subject to the same HIPAA regulations as any other document. While we won t go into further detail here we recommend reviewing Core Domain 4 8 which covers HIPAA in detail. We will provide however a couple of examples of the essential worksheets created by an auditor. This exhibit demonstrates a worksheet required by a payer to determine any over charges or under charges based on the entire length of stay. Below is a template worksheet that exhibits each potential service offered within individual department(s). Note the template below is organised according to revenue codes with specific tests, procedures, services, medications, and supplies according to the itemised revenue codes. More detailed charges are noted in the area of pharmaceuticals and supplies. Below is only a template that could be used as a hospital auditor or payer auditor when reviewing inpatient charges. While this template is for inpatient services it could be adopted easily to outpatient services with the deletion of the inpatient accommodation revenue codes (i.e. 111 Med- Surg / Gyn) and expanding the outpatient procedures. Additional attention should be directed to the supply area of this example. In this example there are multiple items that according to Medicare would not be separately billable. Instances of items such as gloves 9 and equipment demonstrate a violation of this requirement. These items are to be included within the price charged for the associated procedure. Equipment is depreciated on the Medicare cost report and not to be billed separately (double dipping) and routine items such as gloves are to be included within the charge a- fax- document- hipaa- secure.html 204 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

205 Description 111/Med- Surg Gyn/Pvt Charge # Charge $ Dat e O f Servic e Total Total $ 1 Bille 0 d Room Pvt - Med- Surg/Gyn $ $8, Private Room - Medical $ Private Room - Surgical $ /OB Room Pvt OB $ /ICU ICU General $3, ICU General $3, /ICU Intermediate Room Inter ICU/Tele $2, /Pharmacy Acetaminophen 325mg Tab $6.480 Acetaminophen 650mg Supp $7.230 Acetylcysteine 600mg Tab $6.480 Albuterol 2.5mg/3ml Dose $6.480 Albuterol 0.5% 1ml/0.5 ml Dose $6.720 Alprazolam 0.25mg Tab $ Alprazolam 0.5mg Tab $ Aluminum/Magnesium 30ml Liq $7.140 Amino Acids 10% 1000ml Bag $ Aminocaproic Acid 5Gm Vial $ Amiodarone 200mg Tab $8.150 Amlodipine 5mg Tab $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

206 Description Charge # Charge $ Dat e O f Servic e Total Total $ Anesthesia Gas - 1 App (Sevo) $ Ascorbic Acid 500mg Tab $6.480 Aspirin 325mg Tab $6.480 Aspirin Enteric Coated 325mg $6.480 Atorvastatin 20mg $ Atracurium Besylate 10mg/ml V $ Atropine Sulfate 1mg/ml $ Azithromycin 500mg Vial $ Bacitracin 50,000 Unit Vial $ Bicitra Syrup 15ml Dose $6.480 Bupivicaine/Epi 2.5mg/30ml $ Bupivicaine 5mg/ml 30ml $ Calcium Chloride 1Gm Vial $ Calcium Chloride 10ml Syr $ Calcium Gluconate 4.6mEq/10ml V $ Carvedilol 3.125mg (Tab) $6.480 Cefazolin/D5W 1 Gm $ $ Cefepime HCL 2Gm Vial $ Cervidil Vag Insert, Dinoprostone $1, Chlorhexidine Colunonate 20ml $6.480 Clonidine HCL 0.1mg Tab $6.480 Clopidogrel 75mg Tab $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

207 Description Charge # Charge $ Dat e O f Servic e Total Total $ Clopidogrel 300mg Tab $ Dexmedetomidine 200mcg $1, Dextrose 50ml Syr $ Dextrose 50% 50ml Vial $ Diazepam 5mg Tab $ Digoxin 0.125mg Tab $6.480 Digoxin.25mg Tab $6.480 Diltiazem CD 240mg Cap $ Diltiazem 90mg Cap $7.560 Diltiazem 5mg/ml Vial $ Dinoprostone Gel 0.5mg/5ml Syr $ Diphenhydramine 25mg Cap $6.480 Diphenoxylate/Atropine 1 Tab $ Docusate Sodium 100mg Cap $6.480 Electrolyte A (Plasma Lyte A) $ Empty Evac 250ml Bot $ Enalapril 5mg Tab $6.480 Ensure 8 oz Cans $ Ertapenem Sodium $ Etomidate 2mg/ml Amp $ Famotidine 20mg Tab $6.480 Fluticasone 250/Salmeterol 50Pk $1, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

208 Description Charge # Charge $ Dat e O f Servic e Total Total $ Folic Acid 1mg Tab $6.480 Fursosemide 40mg Tab $6.480 Furosemide 20mg/2ml Vial $ Furosemide 40mg/4ml Vial $ Furosemide 100mg/10ml Vial $ Gabapentin 300mg Cap $6.480 GI Cocktail 55ml Bottle $ Glucerna 8 oz Cans $ Glycopyrrolate 0.2mg/ml Vial $ Guaifenesin 600mg Tab $6.720 Heparin 1000U/Ml 10ml Vial $ Heparin 1000U/Ml 30ml Vial $ Heparin 5000 Uts/ml, 1ml $ Heparin 25,000/D5W 250ml $ Humulin Reg Insulin 100 Unit $ Hydralazine 20mg/ml Amp $ Hydrocodone APAP 7.5/325 $ $7.285 Hydromorphone HCL 1mg/ml Tubex $ Ibuprofen 400mg Tab $6.480 Insulin 100 Units/1ml, 10ml $ Iohexol 50ml $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

209 Description Charge # Charge $ Dat e O f Servic e Total Total $ Iohexol 150ml $ Juven 23 Gm Powder $ Labetolol 5mg/ml Syr $ Labetolol 100mg Tab $6.480 $9.720 Labetolol 200mg Tab $6.480 $ $3.240 Levofloxacin 250mg Tab $ Lidocaine Dose $ Lidocaine 1% HCL 20ml $ Lidocaine 30Gm Tube Jelly $ Lidocaine 2% 5ml Tube $ Lidocaine 100mg/5ml Syr $ Linezolid 600mg Tab $ Lisinopril 20mg Tab $6.480 LOCM mg/ml Iodine $ LOCM mg/ml Iodine $ Lorazepam 0.5mg Tab $ Lorazepam 1mg Tab $ Magnesium Sulfate 0.5G/M $ Magnesium Sulfate 2G/50 ml $ Magnesium Sulfate 2G/5 $ Magnesium Sulfate 1G/D5W100 $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

210 Description Charge # Charge $ Dat e O f Servic e Total Total $ Magnesium 4Gm/100ml Water $ Magnesium 25Gm/Lact Ring 250 $ Mannitol 20% 500ml Bag $ Meperidine 25mg Tubex $ Meperidine HCL $ Meperidine 75mg Tubex $ Metoclopramide 10mg/2ml Vial $ Metoprolol 50mg Tab $6.480 Metoprolol 25mg Tab $6.480 Metronidazole 500mg Tab $6.480 Midazolam 2mg/2ml Vial $ Midazolam 10mg/2ml Vial $ Milk of Magnesia 30ml Dose $6.480 Miralax 17Gm Bot $ Misc Drug 1 Each Item $ Misoprostol 50mcg Tab $6.480 Morphine/Sod Chl PCA 55mg/55m $ Morphine Sulf 2mg/ml Tubex $ Morphine Sulf 4mg/ml Tubex $ Multivitamin Therapeutic 1 Tab $6.480 Multivitamin (MVI- 12) 10ml $ Mupirocin 15Gm Tube $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

211 Description Charge # Charge $ Dat e O f Servic e Total Total $ Mupirocin 2% 1Gm $ Nalaxone 0.4mg/ml Vial $ Neutrophos 250mg Cap $6.480 Nifedipine 10mg Cap $6.480 Nifedipine XL 30mg Tab $ Nitroglycerin 2% Oint - 1 Gm $ Nitroglycerin/D5W 50mg/250ml $ Nitroprusside Sod 50mg Vial $ Norepinephrine 4mg/4ml Amp $ Omega- 3- Acid Capsule $ Ondansetron 4mg Tab $ Oseltamivir 75mg Cap $ Oxycodone/APAP 1 Tab $ Oxycodone 5mg Tab $ Oxycodone 10mg Tab $ Oxycontin 30/LR 500 $ Pantoprazole 40mg Tab $6.480 Papavarine 60mg/2ml Amp $ Phenylephrine 1% 10mg/ml Amp $ Potassium Acetate 2mEq/ml Vial $ Potassium Chloride 10mEq/50ml $ Potassium Chloride 20mEq/100ml $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

212 Description Charge # Charge $ Dat e O f Servic e Total Total $ Potassium Chl 20mEq/10ml $ Potassium Chl 20mEq/15ml $6.480 Potassium Chl 20mEq Tab $6.480 Potassium Chl 40mEq/20ml $ Potassium Phosphate 3mm/ml Vial $ Primidone 50mg Tab $6.720 Propofol 10mg/ml Bottle $ Propofol 50ml, 10mg/ml Bot $ Propofol 10mg/ml 20ml Vial $ Protamine Sulfate 10mg/ml $ Rocuronium Bromide 10mg/ml Vi $ Senna Concentrate 8.6mg Tab $6.480 Sertraline 50mg Tab $6.480 Silvasorb Gel 1.5 Oz Tube $ Simvastatin 40mg Tab $7.770 Sliding Scale Aspart Insulin 100 ut $ Sliding Scale Reg Insulin 100 Ut $ Sodium Bicarbonate 50mEq Syr $ Sodium Bicarbonate 50mEq Syr $ Sodium Phosphate 4mEq/ml Vial $ Sterile Water 1000ml Bag $ Stuartnatal tab $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

213 Description Charge # Charge $ Dat e O f Servic e Total Total $ Succinylcholine 200mg/10ml Vial $ Sucralfate 1Gm/10ml UDC $ Sucralfate 1Gm Tab $6.480 Temazepam 15mg Cap $ Tetrac/Benzo/Buramben 56ml Bot $ Thrombin Topical Bovine 5000 Un $ Tiotropium Bromide 18 mcg Inha $ Trace Element 1ml Vial $ Valsartan 80mg Cap $ Vancomycin 250mg Cap $ Vancomycin/NACL 1 Gm $ Vancomycin 1Gm Vial $ Vaponeferin Recepinephrine 0.5ml $ Warfarin 2mg Tab $ Warfarin 10mg Tab $ Zinc Sulfate 220mg Cap $6.480 Zolpidem 5mg Tab $ /Drugs Incid to Radiology Isosulfan Blue 10mg/5ml Vial $6, /IV Solutions Dextrose 70% in Water 500ml $ $ Heparin 1000Uts/500ml $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

214 Description Charge # Charge $ Dat e O f Servic e Total Total $ Lipids 20% 500ml Bottle $ Multiple/Complicated IV Set Up $ NACL 0.9% 50ml Bag $ NACL 0.9% 100ml Bag $ NACL 0.9% 250ml Bag $ NACL 0.9% 250ml Bag $ NACL 0.9% 250ml Bottle $ NACL 0.9% 500ml Bag $ NACL 0.9% 500ml Bag $ NACL0.9% 1000ml Bot Irrig $ NACL0.9% 1000ml Bag $ $ NACL0.9% 3000ml Bot Irrig $ Normosol R 1000ml $ Sodium Cl 0.45% 1000ml Bag $ Sodium Cl 0.45% KCL $ Sodium Cl 0.9% KCL $ TPN/Blood/Enteral Set up $ /IV Therapy Infus Tx/Dx/proph 1st hr $ Inj Tx/Dx/Pro IVP Seq Add $ Inj Tx/Dx/Pro IVP Initial $ Inf IV Hydrat Ea Add Hr $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

215 Description Charge # Charge $ Dat e O f Servic e Total Total $ 270/MS Supply Abbott Pump Model 3 1 Device $ Accucheck Monitor $ Adaptor Aerovent $ Adaptor, Double Male LL $ Anesthesia Cardiac Monitor $ Applicator Chloraprep 26ml $ Arterial Line Maintenance Daily $ Arthroscope/Laparoscope $1, Cardiac Monitor $ Cardioversion $ Cath Berestein $ Chest Tube Maintenance $ Circuit 7200 Ventilator $ Circuit Parapac With Tube $ Circuit Resmed BiPap $ Collector Wound Drain W/ Barrier $ Cpap Initial $ Crash cart Supplies $ CVP Insertion $ CVP Maintenance $ Dressing VAC Assist Med $ Dynamap/Omega BP Monitor $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

216 Description Charge # Charge $ Dat e O f Servic e Total Total $ Epidural Tray - Braun $ Glove Surg 9 $ Holder ET Tube $ Hotline $ Irrigator Simpulse $ Jelco Protective Plus 20g Cath $ Jelco Protective 20g 1ml $ Kit Arrow CVP $ Kit Merit PTCA $ Local Monitoring $ LOCM mg/ml Iodine $ Marker Skin $ Modulus II Anes Machine $ Nebulizer Aeroeclipse $ Nerve Stimulator $ OR Room Other 20mm Saw Blade $ OR Cardiac Monitor $ Oxygen Initial $ PCA Pump $ Pen Dermabond Pro XL $ Rental Bari- Rehab w/rotation $ Rental Bed Magnum II $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

217 Description Charge # Charge $ Dat e O f Servic e Total Total $ Rental Biodyne Bed $ Rental First Step Select $ Rental Fluid Air Bed $ Rental Kangaroo Feeding Pump $ Rental Kinair III Bed $ Rental SCD $ Rental Vaccuum Closure Machine $ Rental Wall Suction $ Set Angio Jet Pump $ Set Checkflo Blue Intro $ Set Flexor Check Flo $ Simple IV Set Up $ Sleeve Seq Compression $ Switch, Flow HP $ Syringe Angio Injector $ Trapeze Overhead $ Tray CT Biopsy $ Tube Crystalline Pressure $ U- Adaptit $ /Non- Sterile Supply Adapter Valved Tee Airlife $ Adapter Vent Monitor $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

218 Description Charge # Charge $ Dat e O f Servic e Total Total $ Airway Oral $ Circuit Anes Adult $ Daily Supply Charge - ICU $ Daily Supply Charge - Medical $ Daily Supply Charge - Surgical $ Dura Prep $ Electrode EKG Red Dot $ Guide Needle w/cover $ Headstrap $ Humidifier $ Intro MicroEz Univ $1, Liner Suction 1000cc $ Liner Suction 3000cc $ Mask Adult Aerosol $ Mask Anesthesia Large $ Mask Full Face BiPap $ Mask O2 Adult $ Nitroglycerin Pump Set 1ml $ O2 Initial Hour $ O2 Subsequent $ Oxisensor Adult Disp $ PCA set Up $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

219 Description Charge # Charge $ Dat e O f Servic e Total Total $ Primary Anesthesia Set 1ml $ Secondary Piggyback Set 1ml $ Spirometer Incentive $ Spriometer Incentive 4000ml $ Sterile Water Irrig 1000ml Bot $ SVN W/Tubing $ Temp Dot $ Trapeze Set Up $ Tube Regular Endotracheal $ Tubing Oxygen 7 Ft $5.100 Twin- Site Extension Set 1ml $ Venoset Pump Set 1ml $ /Sterile Supply 1.6mm Kirschner Wire w/5mm Thr $ mm Drill Bit 110mm $ mm Reaming Rod W/Ball Tip $ mm Drill Bit 165mm $ M Clipper Blade $ mm Egg- Shaped Burr $ mm Saw Blade 30mm $ Fr Aortic Cannula $ Arterial Cath/Cann Perc $ Assorted Reamer Heads/Synthes $1, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

220 Description Charge # Charge $ Dat e O f Servic e Total Total $ Balloon Quantum $1, Bandage Ace 4" Sterile $ Blade Scalpel 10 $9.500 Blade Scalpel 11 $ Cannula Adult $ cartridge Blue HPT $ Cath Angiojet Dvx $3, Cath Atlantis IVUS $1, Cath Balloon Dil $1, Cath Balloon Dil XXL $1, Cath Balloon Meadox $1, Cath Bluemax $1, Cath Cardiac Multi- Pak $ Cath Infusion 90cm Length $ Cath Infusion Angiodynamic $ Catheter Headhunter Cook $ Cath Maverick Balloon $1, Cath Triple Lumen (Arrow) $ Clip Skin M- 11 $ Connector Tubing $ Cover Ultrasound Probe $ Custom Set #1 Coated $3, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

221 Description Charge # Charge $ Dat e O f Servic e Total Total $ Device Inflation Encor 26 $ Drain 131 Safety - Ballard $ Drain Safety (Ballard) $ Dressing Op Site 10x14 $ Dressing Vaccuum Assist Lg $ Drive Sgaft Seal for RIA/Synthes $ Export Catheter $4, Filter Breathing - Intertech $ Filter HME CO2 Port $ Floseal Hemostatic Agent $1, Gauze 4x4 $ Glove High Density $ Gloves Sterile - Anesthe $7.400 Gown Surgical Unreinforced XL $ Guide Femoral Cath Wire $ Guide Needle w/cover $ Guidewire Cathlab J $ Guidewire Troupe Floppy $ Hep Lock Set Up Kit 1ml $ Intro MicroEZ Univ $1, Introducer Sheath Cook $ Irrigator Splash Shield $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

222 Description Charge # Charge $ Dat e O f Servic e Total Total $ Irrigator Tips Davol $ Irrigator Tips 3766 $ Kerlix Large Roll 4 Inch $ Kerlix Super Sponges (Fluffs) $ Kit Namic Cardiac Cath $ Kit Platelet Gel Applicator $ Kit Platelet Gel Double Proc $2, Kit Trach Care Ballard $ Kit Vaccuum Tender Touch $ Multiple Suture Charge $ Oxisensor Adult Disp $ Pack Angio Cordis $ Pack Angio PICC $ Pack Major $ Pack Towel Sterile 6/Pk $ Pleuragard Double Chamber $ Redi Flow Fine Filter System/Biom $ Retrograde Cann $ RIA Tube Assembly 520mm/Synt $2, Set Coaxial Introducer $ Set Perfusion Heparin Tip $ Sheath Brite Tip $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

223 Description Charge # Charge $ Dat e O f Servic e Total Total $ Sheath Super 11cm 5-6Fr $ Sheet 3/4 $ Sheet Split $ Single Suture Charge $ Stapler Skin 35W $ Ster Water Irri 1000ml Bot $ Steri Strip 1/2" $ Stockinette 1 Ply 6" $ Surgical 4 x 8 $1, System Medistim Smart Card $1, System Vasoview Hemopro $1, Triverse 10 Elec Pencil 10Ft $ Tube Extension 33" $ Tube Regular Endotracheal $ Tube Suction 10Ft $ Tube Yankauer $ Tubing Corrugated $6.600 Venigard Start Kit 1ml De $ Venigard Jr 1ml Device $ Venous Cannula $ Wire Bipolar Pacing $ Wire Guide BH $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

224 Description Charge # Charge $ Dat e O f Servic e Total Total $ Wire Guide bentsen.035x145 $ Wire Stiff Tip Glide $ Wire Straight Tip $ Xerofoam 5x9 $ /Supply/Implants 3.5mm Medial Distal Tibia Plate $9, Device Angioseal Closure $3, Misc Implant/Breast Prosth/Tiss Exp $9, Misc Implant Mesh 5x16cm Strattice $15, Osteogen Bone Growth Stim/EBI $41, Screw Ortho 3.5mm Cortex Screw $ Screw Ortho 3.5mm Locking Screw $ Stent Cypher Drug Eluding $25, Stent(s) DES Sngl Vess LC $12, Stent Protégé Peripheral $5, /Laboratory Aerobic Organism ID $ Crossmatch by Immed Spin $ FFP Thaw Ea Unit $ Venipuncture or Other Stick - IP $ /Lab/Chemistry A1C Hemoglobin $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

225 Description Charge # Charge $ Dat e O f Servic e Total Total $ Acetaminophen $ Accucheck - Recovery Room $ Alcohol $ Aldolase $ ALT/SGPT $ Ammonia $ Amphetamine Screen $ Amylase Serum/Urine $ ANA Screen $ AST/SGOT $ Barbituates Screen $ Basic Metabolic Panel $ Benzodiazepine Screen $ Blood Gas W/O2 Sat $ B- Type Natriuretic Peptide (BNP) $ Calcium Ionized $ Calcium Ionized $ Cannabinoid Screen $ Ceruloplasmin $ Cocaine Screen $ Comprehensive Metabolic Panel $ Copper $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

226 Description Charge # Charge $ Dat e O f Servic e Total Total $ CPK Total $ CPK MB Only $ Creatinine Clearance $ Creatinine Urine $ Digoxin Level $ Electrolyte Panel $ Folic Acid Serum $ Free Thyroxine $ Glucose By Blood Device $ Haptoglobin $ HCG - Quant $ Hepatic Function Panel $ Homocysteine $ Lactic Acid $ LDH $ Lipase $ Lipid Profile $ Magnesium Level $ MRSA Admit Screen NP $ Myoglobin - Blood Count $ Opiates Screen $ PCP Screen $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

227 Description Charge # Charge $ Dat e O f Servic e Total Total $ Phosphorus Level $ Potassium Serum $ Potassium Serum/Bld/Plasm $ Prealbumin $ Prolactin $ Protein Total Urine $ Protein Urine Quant $ Renal Profile $ Salicylate $ Sodium Serum/Bld/Plasm $ Sodium Urine $ Troponin $ TSH $ Uric Acid Blood $ Vancomycin $ Vitamin B- 12 $ Whole Blood Glucose Reagent $ /Lab/Immunology ABO $ Anti- Cardiolipin IgA $ BB- ABO Blood Group $ BB- Coombs Direct $ BB- Coombs Indirect $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

228 Description Charge # Charge $ Dat e O f Servic e Total Total $ BB- Rh $ Description Charge $ Protein C Functional $ RBC AB Scr $ Rh (D) $ /Lab/Hematology Anti Thrombin III $ APC Resistance $ Blood Smear No Diff $ CBC - Complete Blood Count $ CBC Auto W/O Diff $ Factor II Mutation $ Factor V Leiden $ Fetal Hgb Rosette $ Fibrinogen $ Fibrin Split Product $ Hgb F Kleihauer- Betke $ Hemoglobin & Hematocrit $ Platelet Count (Automated) $ Prothrombin Time $ PTT $ Protein S Ag Free $ Sed Rate RBC Auto $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

229 Description Charge # Charge $ Dat e O f Servic e Total Total $ Smear Review $ /Lab/Bact- Micro Blood Culture $ C Diff Toxin $ Cult Aerobic ID $ Cult Blood $ Cult Cath Tip $ Culture Nasal Pharyn $ Culture, Sputum $ Culture, Stool $ Culture, Urine w/colony Count $ Culture Wound Superficial $ EIA Ql Influ A/B Ag $ EIA Ql Influ A/B Ag $ Gram Stain $ MRSA Admit Screen NP $ Smear Gram/Geimsa $ Susceptibility $ Syphil VDRL/RPR Ql $ Toxin or Antitoxin $ /Lab/Urinalysis HCG- Urine Pregnancy Test $ Preg Urine Visual $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

230 Description Charge # Charge $ Dat e O f Servic e Total Total $ Urine Micro Only $ Urinalysis Automated W/O M $ Urinalysis Misc Parts $ Urinalysis Routine $ /Lab/Other ABO $ BB Antibody ID $ RBC AB Scr $ Rh $ /Path/Histology Frozen Section - First - T $ Gross & Micro Level 3- T $ Gross & Micro Level 4- T $1, Gross & Micro Level 5- T $ Her- 2/Neu Tissue Assay Paraffi $ Special Stain 4- T $ Tissue Decalcification $ /Dx Xray IR PTA Venous $1, IR Stent (S) Place Non Cor $1, IR Transcath Ang Exist Cath $ IR Transcath Therapy INFUS $2, IR Venacavagram Inferior $1, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

231 Description Charge # Charge $ Dat e O f Servic e Total Total $ IR Venogram Extremity Uni $ XR Abdomen 1 View (AP) $ XR Abd AP Decub Erect $ XR Abd AP Decub Upr+Chest $ XR Ankle 2 Views Rt $ XR Ankle 3+ Views Rt $ XR Colon BE W or WO KUB $ XR Elbow 2 Views Lt $ XR Fluoro 1-2 Hrs $ XR Tibia & Fibula 1 Vw rt $ XR Wrist 3+ Views Lt $ /Dx X- Ray/Chest XR Chest 1 View $ XR Chest 2 Views $ /Nuclear Med NM MAA Up $ NM Penteta $ NM Pul Perf W Aer Vent 1 $1, Sulfur Collod Dx to 20mCi $ /CT Scan CT Head WO Con $2, /CT Scan/Body CT Abdomen W Con $3, CT Cardiac Calcium Scoring $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

232 Description Charge # Charge $ Dat e O f Servic e Total Total $ CT Chest W Contrast $2, CT Chest WO Contrast $2, CT Pelvis W Con $3, /OR Services C- Section - Emergency $4, CV Surgical Level 5,1st Hour $13, CV Surgical Level 5, Ea Addl 15 $3, Emergency Call Back - OR $ Operating Room Ea Addl Min $ Operating Room Time - First Hour $4, Preop Holding $ Surgery Level 4 1st 30 Min $4, Surgery Level 4 Add 15 Min $1, /OR Minor Arterial Cath/Cann Perc $ Insert nontun CV Cath <5 $ PICC Line Insertion >5Y $ Preop Ndl Place Wire LOC $ Preop Ndl Wire Loc Ea Add $ PTA Venous $ Sentinel Node ID Inj $2, Stent Non Cor Perc Initial $13, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

233 Description Charge # Charge $ Dat e O f Servic e Total Total $ Stent Non Cor Perc Addl $8, Transcath Thrombl Non Cor $ Ultrasound Guidance $1, Vena Cava Intro Cath $1, Venogram Extremity Inj $ Venous Mech Thrombectomy $8, Venous Mech Thrombect Ea Add $8, /Anesthesia Anesth Standard 1st 30 Min $ Anesth Standard Add 15 Min $ Baxter Patient Gas Sampling Li $ Conscious Sedation >5Yrs 30 Min $ Conscious Sedation Ea Addl 15 M $ CV Surgery Anesthesia 1st Hour $3, Epidural Block $ Gen Anesthesia Ea Addl Min $ Gen Anesthesia Up to 1 Hr $1, Mallinckroot Intubating Stylet $ /Blood Process & Storage BB- Packed Cells- Leukopoor $ Plasma Frozen 8-24 hr $ Platelets Pher L/R Ea $ Red Cells L/R Ea $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

234 Description Charge # Charge $ Dat e O f Servic e Total Total $ 391/Blood Admin Transfusion Blood/Blood Products $ /Ultrasound US Fetal Biop Prof WO NST $ US Guide Intraop 1-2 Hr $ US Guided Needl Placement $ US Guided Vasc Access $ US Pre 1 or >Fetuses Ltd $ US Retroperitoneal Compl $ /Respiratory Arterial Line Maintenance Daily $ Arterial Puncture $ BiPap Initial Day $ Cont Vent Subs & vent $1, CPAP Initial $ CPAP/BiPap Initial & Mgmnt $ CPR $ Demo/Eval Inhalation Tx $ Vent Subseq Day Invasive $1, Vent Set Up & Vent Mgmt $1, /Inhalation Services Bland Aero Tx Init Ea Day $ Bland Aero Tx Subs $ Inh Tx Initial Ea Day $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

235 Description Charge # Charge $ Dat e O f Servic e Total Total $ Inh Tx Ea Subseq Tx/Day $ Inh Tx Init w/vent/day $ Inh Tx Subseq w/vent $ /Physical Therapy PT Gait Training Ea 15 Min $ /PT Evaluation PT Evaluation 15 $ PT Evaluation 15 $ PT Re- Evaluation 15 $ /OT OT Exercise Thr Ea 15 $ OT Self- Care/Hoem Ea 15 $ /Ot Eval OT Eval 15 $ OT ReEval 15 $ /Emergency Room ER Critical Care Min $3, ER Critical Care Add 30 Min $1, ER Level 4 w/procedure $1, ER Level 5 w/procedure $2, Inf IV Hydrat Ea Add Hr $ Inf Tx/Dx/Pro Init 1st Hr $ Insert cath Bladder $ Intubation Endotracheal $ Place NG/OG Tube Phys Skill $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

236 Description Charge # Charge $ Dat e O f Servic e Total Total $ 460/Pulmonary Function Pulse Ox Single Determin $ /Cardiology/Heart Cath Angio Atr/Ven W Crd Cath $ Angio Inj Crnry W Crd Cath $1, Angio Inj LV/LA W Crd Cath $1, Angio Pul/AO/Cor/GF W Cth $ IVUS Initial Vessel Study $2, Left Heart Cath Perc $3, Stent (S) Des Sgl Vess LC $12, /Echocardiology Doppler Echo Color Flow $ Doppler Echo Pulse/Cont Wave $ Echocardiogram- M Mode/2D Mode $ TEE Cong Spec Comp WO Con $1, /MRI MR Low Extrem WO Con Bil $2, /Drugs/Detail Code Adenosine 6mg/2ml Vial $ Amiodarone 150mg (Vial) $ Alteplase 2mg Vial $ Alteplase 100mg Vial $24, Argatroban 250mg/2.5ml Vial $8, BB Rhogam $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

237 Description Charge # Charge $ Dat e O f Servic e Total Total $ Bivalirudin 250mg Vial $6, Cefazolin 1Gm Vial $ D5/0.45 NACL 1000ml Bag $ Dexamethasone 4mg/1ml Vial $ Dextrose 5% in Water 100ml $ Dextrose 5% in Water 250ml $ Diazepam 5mg/ml Inj $ Digoxin 0.5mg/2ml Amp $ Diphenhydramine 50mg.ml Vial $ Dobut 500mg/D5W 250ml (Bag) $ Enoxaparin 40mg Inj $ Enoxaparin 100mg Syr $ Fentanyl Citrate 50mcg/ml Amp $ Fentanyl Cit 50mcg/ml amp, 5ml $ Fentanyl Cit 50mcg/ml amp, 20ml $ Fondaparinux 10mg Syr $ Furosemide 20mg/2ml Vial $ Gentamicin 80mg/2ml Vial $ Haloperidol 5mg/ml Vial $ Hydromorphone 1mg Tubex $ Hydromorphone 2mg Tubex $ Imipenem Cilastin 250mg $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

238 Description Charge # Charge $ Dat e O f Servic e Total Total $ Ipratropium Bromide 2.5ml $6.480 Kanamycin 1Gm/3ml Vial $ Ketorolac Trometh 30mg Vial $ Lactated Ringers 1000ml Bag $ Levalbuterol HCL 0.63mg Dose $ Levalbuterol HCL 1.25mg Dose $ Levofloxacin 500mg/D5W 100ml Bag $ Lidocaine 1% 20ml $ Lidocaine/Epi 1% 20ml Vial $ LOCM mg/ml Iodine $ LOCM mg/ml Iodine $ Lorazepam 2mg/ml Syr $ Lorazepam 2mg/ml Vial $ Magnesium Sulfate 0.5Gm/ml Vial $ Magn Sulfate 2Gm/100ml Bag $ Magn Sulfate 8mEq/2ml Vial $ Mannitol 12.5Gm/50ml Vial $ Meperidine 25mg/ml Tubex $ Meperidine 50mg/ml Tubex $ Methylpred Sod Succ 125mg/2ml $ Metoclopramide 10mg/2ml Vial $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

239 Description Charge # Charge $ Dat e O f Servic e Total Total $ Metoprolol 5mg/5ml Amp $ Midazolam 1mg.ml Inj, 2ml $ Midazolam 5mg/5ml Vial $ Morphine Sulfate 2mg/ml Tubex $ Morphine Sulfate 4mg/ml Tubex $ Morphine Sulfate 5mg/10ml $ Morphine Sulfate 10mg/ml Tubex $ NACL 23.4% Inj 4mEq/1ml Vial $ NACL 0.9% 10ml Syringe $ NACL 0.9% 50ml Bag $ NACL 0.9% 100ml Bag $ NACL 0.9% 250ml Bag $ NACL 0.9% 250ml Bag $ NACL 0.9% 500ml Bag $ $ NACL 0.9% 500ml Bag $ NACL 0.9% 1000ml Bag $ NACL 0.9% 1000ml Bag $ NACL 0.9% 1000ml Bottle $ Nalbuphine 10mg/ml Amp $ Neostigmine Methylsulfate 10ml Vi $ Normal Serum Albumin 5% 250ml $ Normal Serum Albumin 100m $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

240 Description Charge # Charge $ Dat e O f Servic e Total Total $ Normal Serum Albumin 500ml Botl $ Ondansetron 4mg/2ml $ Pantoprazole 40mg Inj $ Phytonadione 1mg/0.5ml Amp $ Piperacillin/Tazobactam 2.25G Vi $ Piperacillin/Tazobactam 3.375G Vi $ Potassium Chloride 20mEq/10ml $ Promethazine 25mg/ml Vial $ Rocuronium Bromide 10mg/ml $ Vancomycin 1Gm Vial $ Vecuronium Br 10mg Vial $ /Recovery Room PACU Phase I - IP/OP $ PACU Phase II - OP $ PACU Standard 1st 30min $ PACU Standard Addl 30 Min $ Recovery Phase I Ea 30min $1, /Delivery Room Fetal Monitoring - External $ Preoperative Preparation $ /EKG EKG 12 Lead Tracing Only $ Portable Charge $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

241 Description Charge # Charge $ Dat e O f Servic e Total Total $ 761/Treatment Room PICC Line Insertion $ Ultrasound Guidance $1, /Observation Observation Per Hr $ /Peri Vascular Lab US V Dplx Art Low Ext Uni $1, US V Dplx Venous Ext Bil $ US V Dplx Venous Ext Uni $1, ??Rev Code Neuro/Sleep- Pl HD $ Totals The template above is provided as an example but is not completed. The spreadsheet sample below demonstrates an audit in which there are noted errors and adjustments. The spreadsheet / database below have three columns on the right specifically identifying the overpayment, underpayment and lost charges. By designing the spreadsheet like this changes are easily identified making the reconciliation task much easier. Additionally this provides an easy database to discuss with your client making the final reconciliation (the reconciliation that will be signed by the client) easier. This type of database can serve as final exhibit to the report provided to the client. Description 121/Room & Board/Med- Surg/Gyn Char ge # Charge $ Date of Svc B il l e d Total Billed R&B 55 Med/Surg $3, /9/ $3, Do c Notes admit at 0950 $3, /10/ $3, D/C 10/11/10 Overch g Und er Unbill ed 250/Pharmacy Acetaminophen 325mg Tab $ /10/ $ no docum $0.36 Aspirin Tab 325mg $ /9/ $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

242 Description Char ge # Charge $ Date of Svc B il l e d Total Billed Do c Notes Overch g Aspirin EC Tab 325mg $ /10/ $ no docum $0.33 $ /11/ $ no docum $0.33 Und er Unbill ed Tamsulosin Cap 0.4mg $ /9/ $ $ /10/ $ no docum $ /IV Therapy Iv Therapy - By Other /10/ $ no docum /11/ $ no docum $ $ /Med- Surg Supplies Bottle Bld Cultur Aer $ /9/ $ unbundled $58.80 Dressing Transplant 2 $ /9/ $ $3.72 Needle Protecath 18ga $ /9/ $ ED Set Clave Primary Mac $ /9/ $ ED Set Clave Primary Mac $ /10/ $ $12.76 Set Wing Infus23G But $ /9/ $ $5.37 Soln IV.9% S/C Inj 10 $ /9/ $ $5.18 Spinal Needle $ /9/ $ ED Syringe Sod Chl.9% 10 $ /9/ $ $5.16 Tray Lumbar Punct $ /9/ $ ED 300/Laboratory Alanine Aminotranfer $ /11/ $ Alkaline Phosphatase $ /11/ $ Asparate minotranfe $ /11/ $ B Burgdorferi ABS Scr $ /9/ $ test cancelled $76.86 B Burgdorferi ABS Scr $ /9/ $ $ /11/ $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

243 Description Char ge # Charge $ Date of Svc B il l e d Total Billed Do c Notes Overch g Und er Unbill ed Bact Culture Blood $ /9/ $ Bact Culture Wound AE $ /9/ $ Basic Metabolic Panel $ /9/ $ $ /10/ $ $ /11/ $ Bilirubin Direct $ /11/ $ Bilirubin Total $ /11/ $ CBC/Plt Auto Diff $ /9/ $ $ /10/ $ $ /11/ $ CK- MB $ /9/ $ /1700 $ /10/ $ Creatinine Kinase (CK) $ /9/ $ /1700 $ /10/ $ Entervirus Rt - PCR $ /9/ $ Glucose Quant Fluid $ /9/ $ Gram Stain $ /9/ $ HSV DNA PCR $ /9/ $ Description Char ge # Charge $ Date of Svc B il l e d Total Billed Do cu m Notes Overch g Und er Unbill ed Lab - Spinal Fl Cell Co $ /9/ $ Lipid Panel $ /10/ $ Macroscopic Urine $ /9/ $ Magnesium $ /11/ $ Phosphate $ /10/ $ Copyright 2012 William L. Malm, ND, CMAS & AAMAS

244 Description Char ge # Charge $ Date of Svc B il l e d Total Billed Do c Notes Overch g Und er Unbill ed Protein Total CSF $ /9/ $ Prothrombin Time $ /9/ $ PTT Partial Thromboplastin $ /9/ $ Troponin T $ /9/ $ /1700 $ /10/ $ TSH - Serum $ /9/ $ Urine Clean catch $ /9/ $ $ /10/ $ $73.22 Venipuncture $ /8/ $ $23.69 West Nile Virus IgG $ /9/ $ West Nile Virus IgM $ /9/ $ /Dx Radiology Chest 2V Front & Lat $ /9/ $ /Nuclear Medicine Card Spect Mult WWO $2, /10/ $2, /NM Pharm TC99m Tetro/Myoview/D $ /10/ $ mCi+23.8 mci Description Char ge # Charge $ Date of Svc B il l e d Total Billed Do cu m Notes Overch g Und er Unbill ed 360/OR Services Lumbar Puncture /8/ $ ED 482/Stress Test Stress Test W Trace on $ /10/ $ /Emergency Services 244 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

245 Description Char ge # Charge $ Date of Svc B il l e d Total Billed Tier Four $1, /8/ $1, Do c Notes ED Overch g Und er Unbill ed 730/EKG/ECG EKG $ /10/ $ $18, $ $0.0 0 $0.00 2I- 2 GRAPHICS, FLOW CHART AND PRESENTATION TOOLS Graphics, flow chart and presentation tools can be as simple as a written diagram or sophisticated flow charting. Many of the Microsoft Office tools incorporate tools for providing graphics and flowcharting. Visio, another Microsoft product, offers more sophisticated flow charting tools. Auditors require these tools in order indicate specific s of business process and identified areas of concern. Flowcharting is a skill necessary for every auditor. Business processes must be diagrammed in order to detect potentially flawed decisions resulting in claim errors. These diagrams can illuminate patterns of behaviour that can result in overpayments or patterns of abusive billing practices. Example: The auditor finds that whenever an order for a chest x- ray appears in the medical records of 10 patients there is a charge for rib x- rays. The auditor maps all the steps from order through billing in a diagram and finds that the Radiology Information System (RIS) has mapped the order to an incorrect charge. By using graphics, flow charts this can be visually presented to the audit claim. Key Performance Indicators (KPI) are frequently displayed in a dashboard type of graphic representation. Most often these dashboards are seen in the Finance area demonstrating days of cash on hand, days in Accounts Receivable, unbilled amounts, amounts in medical records These dashboards assist in visually and quickly spotting and deploying resources to the most deserving concern. An example of presentation of the revenue cycle is seen below: 245 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

246 116 In this diagram the auditor has indicated with a red arrow an area in which during testing indicated a flawed process. In this way auditors can demonstrate to their clients concerns and rectification processes that visually enhance the clients understanding. 2I- 3 STATISTICAL APPLICATIONS Statistical applications are based upon the requirement of the audit. As previously stated, the OIG and Department of Justice utilise the RAT Stats Program. The program overview is provided at: RAT- STATS is a free statistical software package that providers can download to assist in a claims review. The package, created by OIG in the late 1970s, is also the primary statistical tool for OIG's Office of Audit Services. Among other tasks, the software assists the user in selecting random samples and estimating improper payments. We have attempted to make RAT- STATS as user- friendly as possible, keeping in mind the program uses technical statistical terms. OIG does not provide technical support for RAT- STATS. Although OIG does not require the use of RAT- STATS, many providers download the software in their efforts to fulfill the claims review requirements for corporate integrity agreements or provider self- 116 Copyright, Health Revenue Integrity Services, Inc Copyright 2012 William L. Malm, ND, CMAS & AAMAS

247 disclosure protocol. 117 As indicated in other core domains, there are many free software packages that assist with the selection of random samples integral to many audits. Generally, however, a statistician is employed to use the software if a retrospective or legal matter is being reviewed to ensure that portion of the audit is properly conducted. 2I- 4 PROJECT MANAGEMENT TOOLS Project management tools should detail the scope of the audit or project, allow the user to manage budget, staff, resources and time. These management tools can be part of the Microsoft scope of products such as Microsoft Project or another project management tool. Many different types of project management tools exist most now incorporating social media tools. No matter what software you utilise it must be flexible and be able to be configured to the audit scope, engagement personnel, track qualifications, track deliverable and most importantly track progress and budgetary items. Basecamp, is another project management software program but is webased. It will be incumbent on the auditor or firm to select or create homegrown tools that manage the data as required to achieve success. 2I- 5 OTHER COMMERCIAL BILLING AND AUDITING SYSTEMS, HOMEGROWN SYSTEMS, CODING SYSTEMS AND ANTI- FRAUD SOFTWARE Recently there has been an explosion of software packages utilised by hospitals to provide coding guidance, actually provide coding based on electronic documentation and of course packages that audit for potential abuse. These packages are sometimes integrated and sometimes standalone. The software, no matter the vendor, has to be maintained to contain the most recent coding rules and codes to ensure that a clean claim is submitted every time. From an audit standpoint, these software packages can represent risks as well as benefits. Most of these programs are individual modules that connect to other modules. For example, the chargemaster module connects to the billing module and the clinical module connects to the chargemaster. With these connections between completely separate modules, bridges are created. If there is an error in connecting the modules accurately a pattern of charging errors can occur. Testing of these mappings is well within the role of the auditor to ensure that the software does not represent a risk. These systems fall into one or several of the following categories. The auditor should be aware of which system they are working with, receiving data from and what the information is constituted within the data provided. These software categories include: Clinical including electronic health records stats/index.asp 247 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

248 Charging this system is an interface between clinical and billing Chargemaster this codes the charges Billing this module actually puts the charge on the claim Claim scrubber reviews claims against billing regulations / contracts to ensure compliance with the billing regulations. All of these modules / categories are designed to create a clean claim. They may also be used for data mining for detection of potential fraud. These categories act to define how the business processes interact. 248 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

249 CORE DOMAIN 3A: AUDIT SKILL: INTERACTION / COMMUNICATION OVERVIEW OF COMMUNICATIONS Communications are achieved in many different ways. Specifically there are verbal (oral) communications, written and non- verbal / behavioural communications. The core curriculum defines communications with different types of entities. Before we discuss the actual particular communications such as physicians, payers we will cover the basics. The definition of communications is multi- faceted. Wikipedia states: Communication is the activity of conveying information. Communication requires a sender, a message, and an intended recipient, although the receiver need not be present or aware of the sender's intent to communicate at the time of communication; thus communication can occur across vast distances in time and space. Communication requires that the communicating parties share an area of communicative commonality. The communication process is complete once the receiver has understood the sender. 118 There are four types of communication. Verbal / Oral communications (i.e. talking, singing) Written communications (i.e. , letters, reports) Visual communications (i.e. signs, video, DVD) Non- verbal or behavioural communications (i.e. sign language, body language) We will be focusing on the verbal and written communications in the following sections in Core Domain 3A. Verbal / Oral Communications: Verbal communications... while primarily referring to spoken verbal communication, typically relies on words, visual aids and non- verbal elements to support the conveyance of the meaning. Oral communication includes discussion, speeches, presentations, interpersonal communication and many other varieties. In face to face communication the body language and voice tonality plays a significant role and may have a greater impact on the listener than the intended content of the spoken words. 119 With verbal communications there can be confusion and misinterpretation of statements made. In order to overcome this you need to Say what you mean and mean what you say. Additionally, when communicating by verbal method it is essential that the auditor test to determine if the communication was received accurately. Therefore, ask probing questions that validate what you stated. For example if you state: I will be on- site Thursday to review the charts for the period 1/22 through 1/24. I will be Copyright 2012 William L. Malm, ND, CMAS & AAMAS

250 there around 8am could you have these records ready for us. Then at the close of the conversation ask: Could you please confirm for me our arrival and record request verbally at this time. Ensure that the question is open ended so you get their full comprehension. Written Communications: Written communication involves any type of interaction that makes use of the written word. Communication is a key to any endeavour involving more than one person. Communicating through writing is essential in the modern world and is becoming ever more so as we participate in what is now commonly called the information age. In fact, written communication is the most common form of business communication. 120 One advantage to using written forms of communication is that written messages do not have to be delivered on the spur of the moment; instead, they can be edited and revised several times before they are sent so that the content can be shaped to maximum effect. Another advantage is that written communication provides a permanent record of the messages and can be saved for later study. Since they are permanent, written forms of communication also enable recipients to take more time in reviewing the message and providing appropriate feedback. For these reasons, written forms of communication are often considered more appropriate for complex business messages that include important facts and figures. Other benefits commonly associated with good writing skills include increased customer/client satisfaction; improved inter- organizational efficiency; and enhanced image in the community and industry. There are also several potential pitfalls associated with written communication, however. For instance, unlike oral communication, wherein impressions and reactions are exchanged instantaneously, the sender of written communication does not generally receive immediate feedback to his or her message 121 No matter what form of communication utilized to communicate to the specific person, entity listed below there may be occasion to deal with anger or conflict resolution. There are three basic ways to deal effectively in conflict situations: Listen carefully to determine the nature of the conflict Identify areas of agreement Allow the other person a way out 122 Additionally, t. Rosenbaum states in her study guides that the following should occur in resolving conflict communication/ communication/ 122 Effective Communication Skills for Highway and Public Works Officials, T. Rosenbaum, September Copyright 2012 William L. Malm, ND, CMAS & AAMAS

251 Seek agreement or common ground Refuse to argue Seek commitment and action to change Plot the follow up Deliver on promises 123 We will now look at individual core domains utilizing this information and practices. 3A- 1 INTERACTION & COMMUNICATION PHYSICIANS Interactions between auditors and physicians will occur for several reasons. A partial listing of interactions might include: Requesting clarification or medical necessity information Requesting office records Clarification of documentation Auditor during audit of claims (hospital, payer) One of the major factors that an auditor must understand is that the physician s time is very limited. All communications must be well planned and concise. Therefore, when scheduling an audit with the physician s office ensure that you have an audit letter providing specifics of the records to be reviewed, estimated time requirements on- site, any resources required and potential dates. Provide the physician s office with a minimum of the customary 30- day notice of potential audit. The planning phase of the audit will allow the audit to be successful or difficult. Be clear in a written document that can be referenced during the planning call. Once the letter has been sent the auditor must follow up with verbal communications. Specifically, the auditor must arrange a time for a kickoff call with the physician and/or their office staff. During this verbal communication selection of audit dates shall be solidified as well as reviewing the required number of records, time frame for on- site visit, estimated total time for the audit to me completed, and any required resources At this point both a written and verbal communication has occurred. At the end of the kickoff call the auditor shall ask open ended questions of the physician / office staff to ensure that all necessary requirements are understood and verbally acknowledged. Once the kickoff call has been completed a formal letter of acknowledgement should be sent. Several days prior to the audit the auditor must once again call upon the physician / office staff to ensure that all required materials are ready for the audit to ensure efficiency. Auditors may communicate with a physician for reasons other than a record audit or payer audit. In many cases the auditor may have questions during the audit regarding documentation. In these cases 123 Effective Communication Skills for Highway and Public Works Officials, T. Rosenbaum, September Copyright 2012 William L. Malm, ND, CMAS & AAMAS

252 there may be a verbal or written request to clarify documentation within the medical record. This can occur due to incomplete or illegible records. As such, this may be somewhat difficult and the auditor must be very respectful and provide the specific section or citation within the record requiring clarification. Additional communication may occur to request medical necessity documentation such as copies of prescriptions, requisitions etc... The auditor should be very conscious of the demands upon the physician and his/her time. Every effort should be made to request as much information as possible from the office staff. Creating a working communication pattern with the staff through , letter or by phone will prove invaluable. Always be conscious of the communication patterns. Every successful communication, whether written or oral must have the following pattern. Written Verbal Communications SOURCE Written Verbal Communications RECEPIENT UNDERSTOOD 3A- 2 INTERACTION & COMMUNICATION NURSES AND OTHER CLINICAL PRACTITIONERS Interactions with nurses and other clinical practitioners will be similar to the physician. Again, be conscious of the time demands upon these very busy staff members. The auditor will utilize the same feedback loop to validate the communication, whether written or verbal, as depicted above. Discussions with nurses may be of a different nature. Nurse auditors may have communications with other nurse auditors, laboratory clinicians, radiology technicians and other types of clinicians. If the communication is occurring within an organisation then the communication may be less formal than outside the organisation. Example #1: The revenue integrity auditors are assigned to review 25 records from the prior calendar day s Emergency Department records. What would the communication look like and how should the auditor interact with the ED nursing staff. Behaviour #1 the nursing staffs in the ED is most likely stressed and with minimal amount of time to devote to the auditor be conscious of the time and effort you are requesting from this group. Plan ahead so that only one request for all requirements is made. 252 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

253 Behaviour #2 Due to the charged nature of a request with staff that by their job is probably under duress it is important to avoid any conflict or direct criticism. Nurse auditors in this situation will be able to talk to the nursing staff in the ED as peers. Every effort should be made to support the communication with non- verbal positive cues. Communication pattern the nurse auditor / clinical auditor will prepare a list of questions or follow up items that can act as a reference during the communication. Verbal communication with the ED nurses / staff must culminate with open- ended questions to validate their understanding and yours. The entire feedback loop of sender to receiver to understanding to sender must be completed to avoid any miscommunications. In conclusion, when communicating with nurses or other clinicians, the auditor needs to follow the simple steps for oral and written communications as stated within the overview of Core Domain 3A. In many ways the communication with the nurses are very similar to those with physicians. 3A- 3 INTERACTION & COMMUNICATION SENIOR MANAGEMENT TEAM Communications with senior management follow all the steps above for general communication. However, whenever working with the C- Suite (CEO, CFO, CNO, CMO, and CIO) the communication needs to be more of a big picture rather than extensive detail. The written communications need to be in the form of an executive summary listing the actual concerns with potential solutions. The senior management team will be expecting a comprehensive report and part of that report would be to communicate potential solutions to the concerns. Wikipedia provides some common characteristics of an executive summary. Executive summary is a term used in business for a short document that summarizes a longer report, proposal or group of related reports in such a way that readers can rapidly become acquainted with a large body of material without having to read it all. It will usually contain a brief statement of the problem or proposal covered in the major document(s), background information, concise analysis and main conclusions. It is intended as an aid to decision making by business managers. 124 Other characteristics noted were: be written in non- technical language have a conclusion make a recommendation summarize more than one document contain a sources list for materials gathered consist of short and concise paragraphs Copyright 2012 William L. Malm, ND, CMAS & AAMAS

254 Generally the executive summary is less than 15% of the total document and written in plain English. The role of senior management is to provide leadership and resources. Therefore, the communication should be a high level discussion that is easy to understand describing the process, the result and what needs to be done about it. Part of the executive summary or the resolution phase would be to inform the senior management what resources will be required. Payer auditors will need to explain the process, the findings and whom they have worked with in the facility. If possible have those personnel at the exit interview. The other point that the senior management is going to want to know is how much is this going to cost. All auditors will need to be prepared in the communications with the actual financial exposure to the facility. Additional concerns when communicating with the CEO (Chief Executive Officer) or CFO (Chief Financial Officer) are that they generally are not clinical. Nurse auditors will need to be cognisant that clinical discussions can be confusing for non- clinicians. A sample executive summary may include the following format. Communications should be non- technical and concise. Identification of stated concerns (reason for audit) Discussion of objective (internal review, payer audit, government audit) Listing of findings bullet format Financial implications / Resource allocation implications / Legal implications Suggested corrective actions Other matters (i.e. attorney client privilege, voluntary self- disclosure, non- disclosure etc...) Attached to the executive summary should be a copy of the full report to ensure that if the executive team wishes to review any details the report is readily available. Finally, there is the matter of legal privilege. If the audit is performed under attorney- client privilege then the auditor can only communicate with the attorney and not directly with the executive team. It will be the attorney s role to communicate to the executive team. 3A- 4 INTERACTION & COMMUNICATION LEGAL COUNSEL /ATTORNEYS Many audits performed by providers and suppliers are being performed under attorney- client privilege, as stated above. In the interaction with attorneys, the auditor s role will be two- fold. First of all the auditor must conduct the audit and secondly they will need to educate the attorney as to the issues, findings and potential rectification. In many cases, the auditor will be more of an educator. In order for an attorney to accurately provide counsel, he/she will need to fully comprehend all aspects of the process and the findings. Verbal conversations directly with the attorney will be generally covered under the privilege. At this point we will provide a working definition of the privilege. This is taken from legal dictionary. 254 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

255 In the law of evidence, a client's privilege to refuse to disclose, and to prevent any other person from disclosing, confidential communications between the client and his or her attorney. Such privilege protects communications between attorney and client that are made for the purpose of furnishing or obtaining professional legal advice or assistance. That privilege that permits an attorney to refuse to testify as to communications from the client. It belongs to the client, not the attorney, and hence only the client may waive it. In federal courts, state law is applied with respect to such privilege. The attorney- client privilege encourages clients to disclose to their attorneys all pertinent information in legal matters by protecting such disclosures from discovery at trial. The privileged information, held strictly between the attorney and the client, may remain private as long as a court does not force disclosure. The privilege does not apply to communications between an attorney and a client that are made in furtherance of a fraud or other crime. The responsibility for designating which information should remain confidential rests with the client. In its most common use, however, the attorney claims the privilege on behalf of the client in refusing to disclose to the court, or to any other party, requested information about the client's case... Because the attorney- client privilege often balances competing interests, it defies a rigid definition. However, one often- cited characterization was set forth in United States v. United Shoe Machinery Corp., 89 F. Supp. 357 (D. Mass. 1950). The court articulated five requirements: First, the person asserting the privilege must be a client, or must have sought to become a client at the time of disclosure; Second, the person connected to the communication must be acting as a lawyer; Third, the communication must be between the lawyer and the client exclusively no non- clients may be included in the communication; Fourth, the communication must have occurred for the purpose of securing a legal opinion, legal services, or assistance in some legal proceeding, and not for the purpose of committing a crime; Fifth, the privilege may be claimed or waived by the client only (usually, as stated above, through counsel). 126 Privilege allows the client an element of protection from discoverability as long as it does not further the commission of a felony. Therefore, as an auditor the attorney may request, on behalf of the client, that dictionary.thefreedictionary.com/attorney- client+privilege 255 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

256 your communications also be under the privilege. In most cases, the auditor s client will be the attorney who has retained the auditor on behalf of their client (the group being audited be it physician, hospital, payer or other entity). In such an instance the attorney will instruct the auditor the limitations on the communications. Written communications, such as , written documents, exhibits, reports etc... may require that each page be labelled attorney- client privileged work document in order to protect the privilege. For further clarification on this matter we recommend that the auditor speak with the attorney retaining them for the audit. If the auditor is an internal auditor for a physician, DME, supplier, facility or other provider the communication patterns may be similar. However, the auditor should ask the attorney (representing them) exactly how communications are to be conducted. Finally, if auditor is contacted by an attorney representing someone other than who the auditor is retained by then they should only communicate with their client and/or their attorney. Specific releases and protections will need to be provided to the auditor prior to speaking to opposing counsel with the exception of court ordered requirements. Again, these types of occasions are outside the scope of this manual and the auditor should seek their own legal counsel or utilize the provider/supplier counsel at their direction. Michael D. Walrath, Esq., of Medical Bill Clinic reports several other concerns that the auditor must be aware of. Depending upon what state you are in, there are different legal remedies available for the various types of billing fraud and abuse located by a medical bill auditor, but there is one thing that is the same in every state. If you identify fraud or abuse when auditing your clients medical bills and wish to proceed, you must contact an attorney. Medical bill auditors are more frequently falling under attack for the Unlicensed Practice of Law ( UPL ) because there is a very fine line between the facts (which you are permitted to give an opinion on) and the law (which you are not, without a license to practice law in the state where the dispute resides). Most of the complaints against auditors come from medical providers who ve learned a UPL complaint is an effective way to make auditors and advocates go away. So remember, making statements about practices being illegal and/or citing statutes or cases in your negotiations, or threatening to take legal action thereupon are arguably the practice of law and must be avoided. Auditors and advocates are trained to interpret the bills and medical records and give factual findings. Since providers typically know when they ve broken the law, auditors who identify and present the facts establishing the illegal conduct, and then indicate that their findings will be turned over to an attorney for possible legal action if not corrected are safe, and usually just as effective as those who cite a statute or case and threaten to take legal action. The latter is arguably UPL, while the former is not. When it comes to UPL, always be sure to 1) disclose in writing to your client that you are not a lawyer and cannot threaten or take legal action against a provider, 2) stick to the facts and avoid the law, and perhaps most importantly 256 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

257 3) always have a lawyer in your rolodex who you can call about the legal issues you encounter, and whom you can send clients to if they request or require legal advice or services A- 5 INTERACTION & COMMUNICATION REGULATORY AUDITORS There are several aspects in which an auditor may communicate within the regulatory process. As discussed under Sarbanes- Oxley (SOX) the larger corporation will be required to have an audit committee. This committee generally contains a compliance officer, independent auditors and executive staff. As such, the auditor will need to ensure independence and follow all regulatory rules. Therefore, the interaction with the regulatory body will be as an independent auditor reporting to an audit committee. This is generally the case for independent audit firms. Auditors may also come into contact with regulatory bodies when working with denials, RACs, MICs, MIPs, the OIG or Department of Justice. In these cases, the auditor may be comparing results, defending a client or appealing a denial. Each of these affords a different method of interaction. However, no matter whom the regulatory body the basics of communication remain. The communications, which are verbal, will need to be tested to ensure accurate reception by using open ended validating questions. If the communications are written, they must be clear, stating the issue, the objective of the written communication, expectations of the recipient and any time frame. CORE DOMAIN 3B: SPECIFIC KNOWLEDGE SKILL SET 3B- 1- A: ACCOUNTING / FINANCE BASIC OVERVIEW Accounting begins with the understanding that everything balances. Every entry is really two entries consisting of a debit and a credit. Definitions: Revenue: are inflows of cash or other properties received in exchange for goods or services. 128 Expense: are goods and services consumed in operating a business or other economic unit Michael D. Walrath, Esq., Medical Bill Clinic P.A., Miami, Florida 128 Fundamental Accounting Principles, Pyle & White: Irwin Publishing, 7 th Ed; p Fundamental Accounting Principles, Pyle & White: Irwin Publishing, 7 th Ed; p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

258 In accounting there are a series of documents used to present a picture of the financial status of an entity. Two of the most prevalent documents are the balance sheet and the income statement. The income statement shows whether or not a business achieved or failed to achieve its primary objective which is earning profit or revenues. 130 The other document is the balance sheet. The balance sheet s purpose is to show the financial position of a business on a particular date...financial position is shown by listing the assets of the business, its liabilities or debs and the equity of the owner or owners....the two sides of the balance sheet are always equal. 131 In other words Assets = Liabilities + Owners Equity. In maintaining the books in a double entry system each account is conducted like a T. The left side of the T is for debits and the right side represents credits. The debit and credit are used in one of the five transactions of accounting. These are: 1. Assets a. Owned resources b. Money belonging to an individual / business c. Two major asset classes are tangible assets and intangible assets. Tangible assets contain various subclasses, including current assets and fixed assets. Current assets include inventory, while fixed assets include such items as buildings and equipment Intangible assets are nonphysical resources and rights that have a value to the firm because they give the firm some kind of advantage in the market place. Examples of intangible assets are goodwill, copyrights, trademarks, patents and computer programs and financial assets, including such items as accounts receivable, stocks and bonds. 132 d. The following is a quotation from the IFRS Framework: "An asset is a resource controlled by the enterprise as a result of past events and from which future economic benefits are expected to flow to the enterprise. 133 e. An asset is increased with a debit transaction and decreased by a credit transaction 130 Fundamental Accounting Principles, Pyle & White: Irwin Publishing, 7 th Ed; p Fundamental Accounting Principles, Pyle & White: Irwin Publishing, 7 th Ed; p International Accounting Standards Board 258 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

259 2. Liabilities: a. A liability is defined as an obligation of an entity arising from past transactions or events, the settlement of which may result in the transfer or use of assets, provision of services or other yielding of economic benefits in the future. A liability is defined by the following characteristics: i. Any type of borrowing from persons or banks for improving a business or personal income that is payable during short or long time; ii. A duty or responsibility to others that entails settlement by future transfer or use of assets, provision of services, or other transaction yielding an economic benefit, at a specified or determinable date, on occurrence of a specified event, or on demand; iii. A duty or responsibility that obligates the entity to another, leaving it little or no discretion to avoid settlement; and, iv. A transaction or event obligating the entity that has already occurred. 134 b. A liability is increased by crediting it and is decreased by debit transaction and matches the owners equity 3. Income a. Income accounts are increased by a credit transaction and decreased by a debit transaction. b. Income is defined under GAAP as revenues less expenses c. From an accounting standpoint net income is also known as net revenues 4. Expenses a. Expenses are increased by a debit transaction and decreased by a credit transaction b. 5. Equity Debits and Credits increase or decrease one of these five (5) elements. The increases and decreases occur in the following scheme: Account Increased Account Decreased Debit Credit Debit Credit Asset X Asset X Liability X Liability X Income X Income X Expense X Expense X Equity X Equity X Copyright 2012 William L. Malm, ND, CMAS & AAMAS

260 In auditing these basic accounting principles apply. For example you have a claim in which there are overpayments and underpayments. This represents liabilities and assets to the facility, provider or payer. In essence each claim is a mini income statement. Example #1: Mary RN is auditing an outpatient Medicare claim. She finds in her review that the total charges are for $5600 dollars for a combination of CT scan, Chest X- ray and EKG as a result of a diagnosis of dizziness and giddiness. You review the physicians order and see that there is no medical necessity, provided for the CT scan in his prescription. The separate prescriptions for the Chest X- Ray and EKG are complete including the name of the test and diagnosis to support the medical necessity. Since the patient did not sign an ABN the CT scan will become provider liability and may not be submitted to the payer. The charge for the CT scan is $5,000. Therefore, your reconciliation would have you reduce your asset (earned revenue) by credit to cash of $5000. Your new total would be $600. In patient charges to submit to the payer. In order to understand this better you might consider the accounting concept of a General Journal or bookkeepers ledger. The General Journal is the most flexible type of journal... It provides for each transaction place for recording (1) the transaction date, (2) the names of the accounts involved, (3) an explanation of the transaction (4) the account numbers of the accounts to which the transaction s debit and credit information is copied and (5) the transaction s debit and credit effect on the accounts named. 135 Date Account Titles and Explanation Adds Subtract 05/01/2010 Total Charges - A/R /12/2010 CT Scan - Failed Med Nec 5000 New Account Balance 600 Or in a General Journal Example of this complex transaction: Date Account Titles and Explanation Debit Credit 05/01/2010 CT Scan /12/2010 Provider Liability /01/2010 X- ray /01/2010 EKG /01/2010 Accounts Receivable Fundamental Accounting Principles, Pyle & White: Irwin Publishing, 7 th Ed; p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

261 Other examples of accounting in auditing are in the calculation of contracted rates, stoploss and carve outs. Example # 2: Contract states that total billed charges are to be paid at 49% excluding any implants within the revenue code ranges of Implants will be paid at 75%. How will the following be paid? Rev Code Description Total Charges Multiplier Reimb 200 Room and Board $4, $1, Drugs $1, $ Supply $1, $ Implant $6, $4, Lab $ $ OR $2, $ Recovery $1, $ Total $8, In summary, accounting is a necessary component to any audit and the concepts of accounting including the balance of debits and credits is essential in performing an effective audit. 3B- 1- B: ACCOUNTING / FINANCE IN- DEPTH Detailed Accounting and Finance is outside the scope of this manuscript. However, it is incumbent upon the auditor to understand several important concepts such as: Cash Basis Accrual Basis Profit Expense Assets Liabilities Owners / Shareholders Equity Cash Flow All of these concepts can be obtained by taking a structured accounting course of study. One concept that needs to be addressed is the auditor s ability to reconcile the claim. This will require the auditor to 261 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

262 manage over and underpayments and present a report that demonstrates the net changes. A very basic example follows: The claim total charges are $10, for services rendered. The auditor reviews the itemised claim and the medical record and finds three charges that are suspect and lack documentation. These three charges total $1000 and constitute overpayments. When reviewing the record the auditor finds a procedure that was performed by not charged. Upon consultation with the charge master staff this would be $4,500 total charge. The auditor reconciles the claim as follows: $10,000 - $1000 (overpayments) (underpayment) = $13,500 AAMAS offers a webinar formatted accounting course for the new auditor or experienced auditor needing a review. 3B- 2: PROBLEM SOLVING Most young students today learn the very basic steps of problem solving. These steps, while acquired children or young adults still transcribe over to auditing principles. It is important to understand that as an auditor one of the challenges is to overcome obstacles and find realistic solutions to identified concerns. The Scientific Method of Problem Solving taught within the Ohio curriculum is as follows: State the Problem - A problem can't be solved if it isn't understood. Form a Hypothesis - This is a possible solution to the problem formed after gathering information about the problem. The term "research" is properly applied here. Test the Hypothesis - An experiment is performed to determine if the hypothesis solves the problem or not. Experiments are done to gather data. It is very important that good observations and records are made during an experiment. Collect the Data - This is where you record your observations, measurements, or information from experiment. Analyze the Data - Just what does all that data indicate about answering the problem you are solving? Draw Conclusions - After examining the data from the experiment, conclusions can be drawn. In it's simplest form, the conclusion will be "yes" the hypothesis was correct, or "no" the hypothesis was not correct 136 Common examples of problem solving scenarios in auditing pharmaceuticals and supplies. The identified problem is to see that all pharmaceuticals and supplies charged are documented. To do this the auditor must collect the data from the record and claim, analyze the data, and draw a conclusion on whether all charges were legitimate. Other examples of problem solving are seen within medical record Copyright 2012 William L. Malm, ND, CMAS & AAMAS

263 and nursing care plans. Nursing may still use the SOAP method documentation which documents the subjective and objective data regarding an identified problem, assesses the data and plans a course of nursing interventions to treat the identified concern. Lets take a real example auditing the CDM. If we use the steps above it would be approached as follows. The problem is that the chargemaster is inaccurately charging services for chest x- ray (statement of the problem step 1) Our hypothesis is that because the chest ray is accurately charged in RIS but inaccurately represented on the claim that the mapping between RIS and the chargemaster is flawed We reviewed 50 claims and the corresponding orders and charge entry data from RIS and the CDM. We further reviewed the mapping between RIS and the CDM on all 50 claims. Our analysis found that for all 50 claims a two view chest x- ray was ordered, was accurately charged in the RIS as a 2VCXR and that all 50 claims represented CPT code which is a single view Chest X- Ray. We found that the CDM had accurate information for the CDM line representing the 2 View Chest X- ray. In reviewing the mapping between RIS and the CDM we found that the 2VCXR was in fact erroneously mapped to the single view CXR in the CDM. Our conclusion is that the mapping was flawed and resulted in underpayments on all tested claims based on order, documentation, results and billed charges. Another real example is published by the OIG in March of 2012 as Audit Report (A ). This is the Medicare Compliance Review of Brigham and Women s Hospital for Calendar Years 2009 and This report starts with an executive summary (definition of the problem), reviews the data, analyzes the data, and comes to a hypothesis and conclusion. This example of a formal report serves as a good template for auditing. 3B- 3: STATISTICS Merriman s dictionary defines statistics as a branch of mathematics dealing with the collection, analysis, interpretation, and presentation of masses of numerical data 138 This is the core of all auditing whether it be clinical quality, outcome measurement, chart and bill audit or financial audits. Every auditor reviews a collection of data, analyses it and comes up with a presentation of their interpretation of the data. The U.S. National Library of Medicine at the National Institute of Health has many reports, created by auditors using the statistical method to create an impression. For example, the report on who used the Emergency Department in Another example of statistical analysis of data can be found through the reports issued by the OIG at webster.com/dictionary/statistics Copyright 2012 William L. Malm, ND, CMAS & AAMAS

264 Recovery Audit Contractors (RACs), MACs and other federal and non- federal auditors use statistical sampling to create an overpayment / underpayment report. In this method, a small sample of the universe of claims is selected, audited, results constructed then extrapolated across the universe of claims to find a total under/overpayment amounts. This is hotly debated currently within the RAC programme. Steven Skwara, in his publication Statistical Sampling in Health Care Fraud Litigation for the BCBSA National Anti- Fraud Conference 2008 points out how many different courts have taken differing views on extrapolation in healthcare audits. 140 CMS (then HCFA) published in 2001 in the Carriers Manual minimum criteria for sampling. This was provided through Transmittal B ( In this transmittal they specified the statistical sampling method to be used in auditing claims for Part B. In this document they discussed some of the steps to ensure accurate sampling and statistics such as: Use of Statistical Sampling Statistical Sampling Steps. - - The major steps in conducting statistical sampling are: o 1) Selecting the physician or supplier; o 2) Selecting the period to be reviewed; o 3) Defining the universe, the sampling unit, and the sampling frame; o 4) Designing the sampling plan and selecting the sample; o 5) Reviewing each of the claims (or portions thereof), and determining if there was an overpayment, or, for administrative reviews, an underpayment; and, as applicable, o 6) Estimating the overpayment. Where an overpayment has been determined to exist, follow applicable instructions for notification and collection of the overpayment (see VII). When Statistical Sampling is Appropriate. - - You may use statistical sampling to project overpayments to physicians and suppliers when erroneous billing or reimbursement, or overutilization is suspected, and when a case- by- case review is not administratively feasible or practical. 141 While auditors may be required to use statistics and understand them as part of their role it is uncommon for an auditor to create the statistical analysis. This role is best reserved for trained statisticians within the audit organisation or as an external consultant. In order to provide a solid conclusion the statistical analysis of the data must be performed by trained personnel and therefore a statistician who is credentialed may be required. 3B- 4: QUANTITATIVE AND QUALITATIVE ANALYSIS This core domain was fully discussed previously and we refer you to core domain 2H- 3. This core domain does review the specifics of performing the quantitative and qualitative analysis. In reference to Copyright 2012 William L. Malm, ND, CMAS & AAMAS

265 this core domain the auditor would write an audit scope based on a concern that might have been documented through a qualitative analysis. For example, a new programme was established in the radiology department. This required capital equipment and specialised staffing. Patient adoption has not been the best and a qualitative analysis of patient perception and satisfaction indicates a concern. To evaluate the degree in which the programme has differed from the proforma a quantitative analysis is performed. In this analysis, objective criteria such as patient visits, procedures performed, revenue charged, reimbursement collected and failures such as medical necessity will be audited. Once the audit is completed it will need to be evaluated against the target (proforma) and adjustments can be recommended to ensure that the results intended are achieved. Qualitative and quantitative analysis is an essential skill for any auditor no matter the setting. 3B- 5: THE NURSING PROCESS According to Wikipedia, the Nursing Process consists of distinct processes used within the delivery of nursing care. These processes are: Assessment Diagnosis (nursing diagnosis not medical) Outcome Identification Plan Implement the Plan and Evaluation of the Implemented Plan 142 During the assessment phase of the process the nurse will review a health history, obtain a family and personal medical history, perform a physical examination, observe the patient and obtain / review clinical data such as laboratory results, outside documentation and other pertinent data to ensure appropriate clinical outcomes. Based upon the assessment the nursing diagnosis will occur. It is important to note that while a nursing diagnosis will incorporate medical diagnosis it is separate and distinct from that which would be provided by a physician. The nursing diagnosis will be focused on potential health problems or life issues for which a nursing intervention will be instrumental in attaining or regaining optimum levels of health seeking behaviour. Upon completion of the assessment and diagnosis the nurse will need to identify the optimal health seeking behaviour and determine a plan of action. The outcome identification is evidence based and utilises the Nursing Interventions Classification. This classification system is recognized by the American Nurses Association and includes hundreds of nursing interventions that can be implemented. The nursing process continues with the development of a plan of action also known as a care plan These care plans can be instrumental to the auditor as they provide a framework to audit the nursing Copyright 2012 William L. Malm, ND, CMAS & AAMAS

266 service charges and documentation within the medical record. From the care plan the nurse will implement the nursing actions, which are deemed appropriate to improve the patient s condition and achieve optimal level of health. After the plan is implemented there is a feedback loop known as the Evaluation of the Implemented Plan. The nursing process is evidenced based and measurable which can assist in the overall audit process. Nursing documentation can detail supplies utilised, medications administered and overall medical necessity for the actions and charges on a detailed claim. 3B- 6: CLINICAL JUDGEMENT Specific to nursing audits, an elements of nursing, medical and billing knowledge is required to assess the medical record and ensure that all elements of the claim are in fact contained within the medical record. Judgement is defined as The act or process of judging; the formation of an opinion after consideration or deliberation. 143 Clinical judgment is utilizing knowledge obtained through training and experience to form an opinion as to whether something did or did not occur. The same type of judgment is required in the audit process. The auditor will take the medical record and form an opinion of the series of events and conditions afflicting the patient. They will then determine reasonability that certain tests, procedures, or services were necessary for the treatment of the patient. They will further review the claim to identify any deviation between the diagnosis and procedure codes submitted for payment and the documentation within the medical record. In some cases, the nurse may determine a particular item charged was unreasonable and not documented in the record. Using this clinical judgment, the auditor will state the charge constitutes an overcharge. Alternatively, the evaluation of the record might suggest that a service was rendered, documented, but not charged resulting in an underpayment. In either case, only a person clinically trained and having experience in the clinical practice would be able to make these determinations. 3B- 7: PROJECT MANAGEMENT Project management and project management tools have been discussed in prior core domains. Within this core domain we need to discuss how the auditor actually manages a project. The project begins Copyright 2012 William L. Malm, ND, CMAS & AAMAS

267 with a contract or specified scope. For example, the auditor is to review 30 outpatient medical records for accuracy. Therefore, the auditor will need to determine: Scope and timing What data will be required What staffing and expertise will be required What additional resources such as internet, phone, security is required What the deliverable will be and how it will be presented. In short, how will the audit be planned, decided and acted upon. Auditors will need to carefully identify the objectives and scope according to the department requirement or the statement of scope in the contract. There is always a pre- planning phase in which data is requested formally and a designate a date and time in which the audit will begin. The auditor will need to match the appropriate expertise to ensure the results are accurate. Once on site, a written audit plan will need to be followed and appropriate deviations from the prescribed is documented. An exit interview will be required and finally the report. This core domain follows the auditors skill set to perform. As such, learning these techniques will be required in order to possess the skills to accurately and efficiently conduct an audit. 3B- 8: PROGRAMMING AND CONFIGURATION This core domain is specific to auditors who perform systems audits as part of their role. As a systems auditor working for a provider or insurer configuration of fees and contracts in the system are the primary requirement. Many managed care contracts, within a hospital, are entered into the system with all the contract requirements. Conversely, if the auditor is not responsible for the data input from contract to system they more than likely will need to audit that the claims meet the contracts. Knowledge of NCCI and bundling are requirements for both types of auditors. In this domain the auditor will be required to have knowledge of the requirements specified in the contract and if the contract is silent all Medicare rules and regulations. The auditor will need to review mapping between clinical, charging and billing modules to ensure that charges are accurately represented. The auditor who is involved in programming and configuration will also be required to understand the system and the processes with the system to ensure accuracy in the programs. In most cases, this auditor will be employed within the information systems department of the institution or payer. This auditor tends to be versed in systems engineering and programming. 3B- 9: HEALTH INFORMATION MANAGEMENT PRINCIPLES As a general statement, HIM principles are outside the scope of the normal auditing process. The skill that the auditor must possess is the knowledge of how these principles interact with the audit process. 267 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

268 For example, record retention, coding practices, software utilised are elements that the auditor must understand and integrate into the audit process. Beyond these concepts there should be a good understanding of the role(s) HIM plays in the claim process and how to reach out to HIM for specifics such as understanding the specifics of a particular CPT / HCPCS code. 3B- 10: PROPOSAL WRITING According to Emory University there are several elements required in a proposal. These are as follow: Introduction and Theoretical Framework Statement of the Problem Purpose of the Study Review of Literature Questions and Hypothesis Design Methods and Procedures Limitations and Delimitations Significance of the Study Resources 144 An auditor s proposal may not always be of a scientific nature but more of a business nature. In a business proposal these elements are more fitting: Statement of Purpose / Executive Summary of Concern Scope of the Audit Procedures and Methodology Timeframe Fees The proposal should be fitting of the audit being undertaken and provide rationale why the audit will be productive in answering the concern of the client. 3B- 11: RESEARCH Copyright 2012 William L. Malm, ND, CMAS & AAMAS

269 Research is a necessary skill of every auditor. This skill would include researching evidence based medicine procedures, medical necessity, community medical standards, contract language and any other source authority to provide defence to the audit findings. Research should be based upon: Defined issue or scope of practice Time period (claim dates) for the audit Governmental versus non- governmental Quality standards Prior legal challenges and successful defences. Every audit should have source information to support the conclusion. Research is significantly easier with the advent of internet tools. Google, Bing, and proprietary sources such as Lexis serve as excellent sources for healthcare auditing. In a presentation made by the Veterans administration they detail various techniques as they apply to government standards. As such, a complete website is dedicated to this important subject. This can be found at: Additionally, there are many policies and procedures that can be utilised to assist in government versus non- government audits. For further information we recommend the following site. ( No matter the audit, the research must be germane to the conclusion and provide relevant supporting documentation. Research is also very helpful in taking a very grey area of the audit and rooting it in evidence that supports the conclusions. 3B- 12: NEGOTIATING One skill required of every auditor is the art of negotiating. The Merriman- Webster Dictionary defines negotiation as : a formal discussion between people who are trying to reach an agreement: an act of negotiating. 145 Some of the requirements for negotiation within the audit process are during the proposal period where the auditor is matching work to fees. Other times when negotiation is required is during the exit interview or after draft report is issued and there is a disagreement on some of the findings. The auditor and the client will need to negotiate until a mutually acceptable conclusion is reached. In some fashion the auditor may be required to negotiate with the departmental staff. An example of this is when a department states to the auditor that they cannot produce 10 records. The auditor can negotiate to select another 10 representative records to replace those that cannot be located. Negotiation is a very prominent part of the audit process Copyright 2012 William L. Malm, ND, CMAS & AAMAS

270 In core domain 2F- 3 we provide a specific example of negotiating with external auditors. In that example in order to negotiate in business all the facts need to be attained prior to the negotiation. In an audit, the results, the data, the contracts must be reviewed and understood prior to negotiation. If you are an independent auditor, you may need to know what your client s bottom line would be in the negotiation. Finally, a part of negotiation, the auditor may need to know when to terminate the negotiation process. In some cases, the negotiation process may be one of a legal nature. An example would be an audit that involved a self- reporting process to Medicare in which the actual process may require an attorney to negotiate with the payor (Medicare) CORE DOMAIN 3C: LEADERSHIP AND MANAGEMENT 3C- 1: PREPARE / SUBMIT BUDGET Part of the leadership / management responsibility is fiscal responsibility. Budgeting is part of fiscal responsibility. Whether an independent auditor budgeting for the audit engagement or as a facility manager budgeting for staff and supply requirements this financial management requirement is key to success. Budgeting includes accounting for sources of revenue and matching them with expenses to ensure that revenues are in excess of expenses. Budgeting can be achieved on paper or by use of software programs of simple programs such as Excel. Independent auditors will need to budget for travel expenses, staffing, supplies, and time for staff to audit and produce the final report. The following is a very limited example of a budget for an independent auditor s engagement. Budget Job Bid Staff x 3 days Staff Housing/Food Insurance Report Creation Postage / Overnight Employee Benefits Revenue $25, Expenses $3, $3, $ $1, $75.00 $1, Total $25, $9, Profit / Loss $15, Copyright 2012 William L. Malm, ND, CMAS & AAMAS

271 As auditors taken on expanding roles, budgeting must be a skill that is within the toolkit of the auditor. 3C- 2: HIRE / RECOMMEND / TERMINATE STAFF Hiring quality audit staff is a role that either the independent auditor or audit manager must undertake. Hiring quality staff depends upon review of the potential candidate s qualifications and skills. Certainly, a CMAS certification should be considered the gold standard for auditing and definitely a point to consider during the hiring process. For facility managers hiring / terminating staff should be done according to policies and procedures set forth by human resources within the facility. The HR department can assist the manager with advertising, initial interviews, background checks and drug screening tasks, which are necessary to proper hiring. Additionally, the HR staff can be helpful during the termination process to ensure that all appropriate steps are taken to avoid litigation in the future for wrongful termination. As an independent auditor the hiring and termination process differs whether the person is a 1099 subcontractor or an employee. In either case, knowing how to hire and terminate an employee or subcontractor may require legal counsel. When hiring an employee or 1099 subcontractor a test audit should be performed along side to ensure the quality of the perspective hire is of the highest quality In any case hiring and termination is a difficult task and outside resources may be required to be successful. 3C- 3: DEVELOP PRODUCTIVITY, QUALITY CONTROL AND PROCESS IMPROVEMENT MEASURES Productivity, quality control and process improvement have been discussed in other core domains in some detail. Whether an independent auditor or manager within a facility the development of productivity standards is essential to keeping audits timely and on budget. Every audit should be evaluated upon completion to identify any concerns that affected the overall quality or outcome. With this post mortem evaluation, process improvement procedures can be created and implemented to make future audits more efficient. Many auditors are moving from a manual quality and process improvement measures to software directed process improvement. Data maintained in the software allows for the business / audit process to be evaluated in many customizable ways. Software can evaluate a specific auditors productivity based on inpatient record, outpatient record, accuracy rate, successful appeals, cost to perform and many other facets. Ultimately process improvement can be as simple as a diagram of the business process and an alternative method diagrammed to very specific data analysis. 271 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

272 3C- 4: CONDUCT PERFORMANCE APPRAISALS Performance appraisals are a necessary part of leadership. Performance appraisals must be based on agreed upon goals and measurable outcomes between the employee and the manager. The outcomes should be measured against objective benchmarks previously established. An example is John will achieve 98% accuracy when randomly reviewed. John will conduct 500 audits over the course of a calendar year. Subjective outcomes and goals are less easy to appraise. Subjective goals and outcomes should be avoided when setting future goals and objectives. The employee should rate their achievement against the established goals and objectives. This is important to be able to evaluate perceptual differences, should they exist. Performance appraisals are also instrumental in the overall process improvement of the employee. These are key times to allow the employee to understand what is required of them and how they have met these requirements. Utilising this opportunity can increase employee energy, commitment and overall productivity if used properly. Performance evaluations should not be used to recap a year s worth of failures. Setbacks should be addressed immediately upon occurrence, as should successes. Performance appraisals should not be a shock or surprise to the employee but should give a foundation to the progress they have exhibited and set goals for future performance improvement. Sadly, there are occasions when the appraisal results in a corrective action plan and even though difficult to address with the employee it should serve as a roadmap to meet goals. 3C- 5: DEVELOP DEPARTMENTAL POLICIES AND PROCEDURES Departmental policies and procedures should be based upon achieving the stated outcomes. For example, a standard curriculum for auditors would result in attaining or retaining CMAS certification. Other policies and procedures should be designed around some of the following elements: Data requests Pre- audit planning Audit checklist Communications with client Final report elements Legal requests Communicating with government officials Policies and procedures control the overall quality of the process. Other examples of policies and procedures in healthcare is evidenced based medicine whereby physicians and physician extenders follow specific proven protocols to ensure the most effective quality outcome for the patient. Auditors should be aware of these policies and procedures in evidenced based medicine to ensure they are taken into account during the audit. 272 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

273 Government auditors utilise significant numbers of policies and procedures conducting audits. For example, the RAC auditors publish their approved issues and the source authority and what they will be auditing resulting in an audit policy. National Coverage Determination / Local Coverage Determinations are more of an automated process for auditing. Financial auditors use AICPA guidelines such as GAAP and GAAS with policies and procedures. In closure all auditors depend upon very specific guidelines, policies and procedures and require these to have the most accurate outcome. 3C- 6: DEVELOP STRATEGIC PLANS, GOALS AND OBJECTIVES FOR UNIT / DEPT ASSIGNED Departments, auditing or otherwise, require plans, goals and objectives to continue to move forward. Staff will need to understand these goals and objectives along with their specific roles to achieve. For example, quality standards are becoming an increasing requirement for hospital and independent auditors alike. With the advent of proposals such as Accountable Care Organisations, bundled payments and other quality driven standards a department will now need to manage these processes. In some cases, the department s roadmap may include partnering with the Quality Management department in other roadmaps it might include training the staff on quality management. In order to achieve a strategic plan for the department, it must understand the strategic goals of the facility or corporation. The departmental goals must dovetail with that of the corporation. Therefore, if the corporation goals are to decrease adverse audit results by 10% departmental plans and objectives should be created to meet this strategic plan. Each plan will be based upon stated goals and required objectives for the department, the organisation and/or staff. 3C- 7: PARTICIPATE IN INTERNAL / EXTERNAL WORK GROUPS & COMMITTEES Prior core domains have discussed the overall goal setting and planning for success. This core domain addresses the needs to participate in workgroups and committees both internal to the workplace and externally. Auditors will need to work with the following groups to ensure successful audits: Finance Quality Management Reimbursement Billing / Patient Financial Services Clinical Staff Nursing / Medicine Chargemaster Legal Compliance Utilisation Review committee Medical Executive Committee 273 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

274 In order to work effectively it is essential that the audit programme have clearly defined goals, objectives and communications with others. The role of the auditor / audit department must be clearly communicated so that objectives from other departments can integrate fully with the audit staff. For further information on communication patterns we refer you back to Core Domain 3A. 3C- 8: SUPERVISE BILLERS / PATIENT ACCOUNTING OR CLAIMS PERSONNEL Patient Accounting staffs are an integral part of any audit programme. These people possess significant knowledge on the claim submission process. They can identify edits within the claim submission software and knowledge of governmental payer errors resulting in claim delays. Accomplished Patient Accounts managers include the ability to manage the claim submission process, oversee cash collections, and manage collections process as well as bad debt. This department is consistently challenged with the dynamic billing rules of government, commercial and managed care payers. In order to supervise billing personnel the manager must possess the skills and knowledge that they expect their staff to possess. The manager should be aware of governmental audits such as RACs, MACs, CERTs and OIG initiatives. Collections activities such as creation of early out programmes and outsourcing collection activities with a cost / benefit analysis is paramount. The manager should be able to educate their staff on rapidly changing contracts and amendments. Finally the Patient accounts manager should be able to interact with other departments and assign tasks to assist other departments in meeting their objectives as they relate to claim submission. 3C- 9: SUPERVISE CODING, MEDICAL TRANSCRIPTION OR HEALTH INFORMATION MANAGEMENT PERSONNEL As with the supervision of any other type of personnel, the manager must possess the knowledge and expertise in the tasks they need to oversee. This would be outside the role of an audit staff member or manager to supervise health information management personnel. The appropriate criteria for such a manager would include RHIT, RHIA, CCS or CPC. Auditors will depend upon the assistance of the manager for HIM / Medical Records in many ways. They may require chart abstraction, replication or coding expertise to successfully complete the audit. Ultimately this manager will manage their personnel using specialised skills obtained through specialised education processes in HIM. 3C- 10: SUPERVISE NURSING OR CLINICAL STAFF Leadership within Nursing or other clinical staff is generally delegated to someone with the proven expertise in the clinical area. Many areas look for Masters or Doctoral prepared managers who have been educated in the particular clinical area as well as proven management skills. The increasing demand for data and data management in the clinical areas seem to be moving the management to a higher level of education or experience. Some concerns within these departments could be the 274 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

275 involvement of a union or collective bargaining unit. Therefore the manager will need to be savvy in managing the special requirements set forth by these units. Nursing in particular may have management in sub- departments specialising in a particular practice. There might be a Chief Nursing Officer who has a Psychiatric Nursing Manager, ED Manager, Critical Care Manager, OB Manager, Newborn Nursery Manager, Clinic Manager etc reporting to him/her. Supervising clinical personnel will be similar to any other manager. There will be fiscal responsibility requirements through budgeting and appropriate staff management. Hiring and termination will also be part of their role. Communication, as stated in other core domains plays an important role in any management role. Nursing auditors pose a special challenge for clinical nursing managers. Nursing auditors, while clinical, approach many issues in a financial method. However, the nursing process is not very difficult from the objective approach taken by auditors. 275 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

276 CORE DOMAIN 4: MEDICAL AUDIT ENVIRONMENT, APPLICABLE LAWS AND GUIDANCE 4-1 NATIONAL BILLING AUDIT GUIDELINES These guidelines are copied and re- printed below in their entirety. These guidelines are the sole product of the American Association of Medical Audit Specialists. AAMAS DISCLAIMER AAMAS recognizes that due to the age of this document it may contain references to outdated manuals and forms. AAMAS is proactively leading an effort to update these guidelines and hopes to have a newly revised version available for publication in the very near future. That version, which you may read by clicking here, will be fully coordinated with all interested parties. GUIDELINES These guidelines are for audits that relate to the documentation or support of charges included in or omitted from a bill. Billing audits and therefore these guidelines do not address questions concerning: the level or scope of care, medical necessity, or the pricing structure of items or services delivered by providers. Providers and payers should have qualified personnel and mechanisms in place to deal with these issues DEFINITIONS Audit log: An historical record kept by a payer or provider that records the audit experience related to particular party. Bill: Any document that represents a provider s request for payment. (Also referred to as invoice or claim.) Billing audit: A process to determine whether data in a provider s health record, and/or by appropriate and referenced medical policies, documents or support services listed on a provider s bill. Providers conduct such audits either through an internal control process or by hiring and external audit firm. (These audits can be conducted on a retrospective or concurrent basis and commonly are referred to as revenue recovery audit.) Also, third party payers conduct billing audits through their employees or their agents. (Also known as chart audit or charge review.) Concurrent Audit: a billing audit conducted before the issuance of an interim or final bill. Retrospective Audit: a billing audit conducted after the issuance of an interim or final bill. 276 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

277 Health record: A compilation of data supporting and describing an individual s health care encounter including data on diagnoses, treatment, and outcomes. (Formerly known as medical record or clinical record.) Unbilled charges: The volume of services indicated on a bill is less than the volume identified in a provider s health record documentation. (Also known as undercharges.) Unsupported or undocumented charges: The volume of services indicated on a bill exceeds the total volume identified in a provider s health record documentation. (Also known as over- charge.) QUALIFICATIONS OF AUDITORS AND AUDIT COORDINATORS All persons performing billing audits as well as persons functioning as provider audit coordinators should have appropriate knowledge, experience, and/or expertise in a number of areas of health care including, but not limited to the following areas: Format and content of the health record as well as other forms of medical/clinical documentation. Generally accepted auditing principles and practices as they may apply to billing audits. Coding, including ICD- 8- CM, CPT, HCPCS, and medical terminology Billing claims forms, including the UB- 82, UB- 92, the HCFA 1500 and charging and billing procedures All state and federal regulations concerning the use, disclosure, and confidentiality of all patient records Specific critical care units, specialty areas, and/or ancillary unity involved in a particular audit Providers or payers who encounter audit personnel who do not meet these qualifications should immediately contact the auditor s firm or sponsoring party. Audit personnel should be able to work with a variety of healthcare personnel and patients. They should always conduct themselves in an acceptable, professional manner and adhere to ethical standards, confidentiality requirements, and objectivity. They should completely document their findings and problems. The auditor must document all unsupported or unbilled charges identified in the course of an audit in the audit report. Individual audit personnel should not be placed in a situation through their remuneration, benefits, contingency fee, or other instructions that would call their findings into question. In other words, compensation of audit personnel should be structured so that it does not create any incentives to produce questionable audit findings. Providers or payers who encounter an individual who appears to be involved in a conflict of interest should contact the appropriate management of the sponsoring organisation. The National Health Care Billing Audit Guidelines states: 277 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

278 Compensation of audit personnel should be structured so that it does not create incentives which could appear inappropriate or produce questionable audit findings. Providers or payers who encounter an individual who appears to be involved in a conflict of interest should contact the appropriate management of the sponsoring organization. 146 NOTIFICATION OF AUDIT Payers and providers should make every effort to resolve billing inquiries directly. To support this process, the name and contact telephone number (and/or facsimile number) of each payer or provider representative should be exchanged no later than the time of billing for a provider and the point of first inquiry by a payer. If payer and provider representatives do not achieve a satisfactory resolution of the questions surrounding the bill, then the payer may initiate a full audit process. Generally, billing audits require documentation from or review of a patient s health record and other similar medical/clinical documentation. Health records exist primarily to ensure continuity of care for a patient; therefore, the use of a patient s health record for an audit must be secondary to its use in patient care. To alleviate the potential conflict with clinical uses of the health record and to reduce the cost of conducting a necessary audit, all payer- billing audits should begin with a notification to the provider of intent to audit. Notification should occur no later than twelve months after receipt of the final bill. Once notified, the provider shall respond to the qualified billing auditor within one month with a schedule for the conduct of the audit. When there is a substantial and continuing relationship between a payer and a provider, this relationship may warrant a notification period other than twelve months. Both parties should attempt to complete the audit process as soon as possible after such a notification. Providers should conduct concurrent reviews of their bills before issuing bills to a payer. Provider retrospective audits should occur within twelve months of billing. All requests for audits, whether telephonically, electronic, or written should include the following information: The basis of the payer s intent to conduct an audit on a particular bill or group of bills. (When the intent is to audit only specific charges or portions of the bill(s) this information should be included in the notification request.) Name of patient; birth date; date of admission and discharge, or first and last dates of service; provider s account number and, patient s coverage (payer s) number Name of auditor and the name of the audit firm 146 National Health Care Billing Audit Guidelines (1 May 2009) 278 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

279 Whom to contact at the payer institution and, if applicable, at the agent institution to discuss this request and schedule the audit Auditors should conduct audits at a provider s site unless otherwise agreed. On- site audits prevent unnecessary photocopying of the health records and better ensure confidentiality of the records. In addition, on- site reviews encourage or promote mutual understanding of the records and afford both parties the opportunity to quickly and efficiently handle questions that may arise. Some audits cannot be conducted on- site. Therefore, a provider may choose to allow individual, reasonable requests for off- site audits. Such off- site audits should conform in all respects to the guidelines for billing audits set forth in this document, adjusting how the guidelines are met to recognize that the auditors are not on- site. Under some circumstances providers may charge auditors a reasonable fee to cover photocopying and other costs associated with an off- site audit. Unless otherwise agreed, auditors should make a request for an audit with providers at least 21 calendar days before the desired time for and audit. Providers should respond to such a request within one month of the request and schedule the audit on a mutually agreed date and time not later than 90 days post request. Providers who cannot accommodate an audit request that conforms to these guidelines should explain why the request couldn t be met in a reasonable period of time. Auditors should group audits to increase efficiency whenever possible. If a provider believes an auditor will have problems addressing records, the provider should notify the auditor prior to the scheduled date of audit. Providers should supply the auditor/payer with any information that could affect the efficiency of the audit once the auditor is on- site. PROVIDER AUDIT COORDINATORS Providers should designate an individual to coordinate all billing audit activities. An audit coordinator should have the same qualifications as an auditor. (See pp.3-4, Qualifications of Auditors and Audit Coordinators.) Duties of an audit coordinator included, but are not limited to, the following areas: Scheduling an audit Advising other provider personnel/departments of a pending audit Ensuring that an informed consent for the release of health information has been obtained Gathering the necessary documents for the audit Coordinating auditor requests for information, space in which to conduct an audit, and access to records and provider personnel Orienting auditors to hospital audit procedures, record documentation conventions, and billing practices 279 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

280 Acting as a liaison between the auditor and other hospital personnel Conducting an exit interview with the auditor to answer questions and review findings Reviewing the auditor s final written report and following up on any charges still in dispute Arranging for payment as applicable Arranging for any required adjustment to bills or refunds CONDITIONS AND SCHEDULING OF AUDITS In order to have a fair, efficient, and effective audit process, providers and payer auditors should adhere to the following recommendations: 1. Whatever the original intended purpose of the billing audit, all parties should agree to recognize, record or present any identified unsupported or unbilled charges discovered by the audit parties. 2. The scheduling of an audit should not preclude late billing. 3. The parties involved in the audit should mutually agree to set and adhere to a predetermined time frame for the resolution of any discrepancies, questions, or errors that surface in the audit. 4. An exit conference and a written report should be part of each audit. If the provider waives the exit conference, the auditor should note that action in the written report. The specific content of the final report should be restricted to those parties involved in the audit. 5. The provider has 60 days to contest all findings, otherwise the audit shall be considered finalized. 6. Once both parties agree to the audit findings, audit results are final. 7. All personnel involved should maintain a professional courteous manner and resolve all misunderstandings amicably. 8. At times, the audit will note on- going problems either with the billing or documentation process. When this situation occurs, and it cannot be corrected as part of the exit process, the management of the provider or payer organisation should be contacted to identify the situation and take appropriate steps to resolve the identified problem. Parties to an audit should eliminate on- going problems or questions whenever possible as part of the audit process. CONFIDENTIALITY AND AUTHORIZATION All parties to a billing audit must comply with federal and state laws and contractual agreements regarding the confidentiality of patient information. All payer, audit, and provider organisations conducting or involved with billing audits should have provisions in their codes of ethics outlining their obligation to protect the confidentiality of patient information. In addition, these organisations should have explicit policies and procedures protecting the confidentiality of all patient information in their possession and disposal of this information. 280 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

281 The release of medical records requires authorization from the patient. Such authorization shall be provided for in the condition or admission or equivalent statement procured by the hospital upon admission of the patient. If no such statement is obtained, an authorization for a billing audit shall be required. Authorization need not be specific to the insurer or auditor conducting the audit. Such authorization should be obtained by the billing audit firm or payer and shall include at least the following information: Patient s full name, address, and date of birth Purpose for releasing/obtaining the information Date that consent is signed Signature of patient or legal representative A patient s assignment of benefits shall include a presumption of authorization to review records. The audit coordinator or medical records representative shall confirm for the audit representative that a condition of admission statement is available for the particular audit that needs scheduling. The provider will inform the requester, on a timely basis, if there are any federal or state laws prohibiting or restricting review of the medical record and if there are institutional confidentiality policies and procedures affecting the review. These institutional confidentiality policies shall not be specifically oriented in order to delay an onsite audit. DOCUMENTATION Verification of charges will include the investigation of whether or not: Services were delivered by the institution in compliance with the Physician s plan of treatment (in appropriate situations, professional staff may provide supplies or follow procedures that are in accordance with established institutional policies, procedures include items that are specifically documented in a record but are referenced in medical or clinical policies. All such policies should be reviewed, approved, and documented as required by the Joint Commission Accreditation of Healthcare Organisations or other accreditation agencies. Policies should be available for review to the auditor.) Services are documented in health or other appropriate records as having been rendered to the patient Charges are reported on the bill accurately The health record documents clinical data on diagnoses, treatments and outcomes. It was not designed to be a billing document. A patient health record generally documents pertinent information related to care. The health record may not back up each individual charge on the patient bill. Other signed documentation for services provided to the patient may exist within the provider s ancillary 281 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

282 departments in the form of department treatment logs, daily charges records, individual service/order tickets, and other documents. Auditors may have to review a number of other documents to determine valid charges. Auditors must recognize that these sources of information are accepted as reasonable evidence that the services ordered by the physician were actually provided to the patient. Providers must ensure that proper policies and procedures exist to specify what documentation and authorization must be in the health record and in the ancillary records and/or logs. These procedures document that services have been properly ordered for and delivered to patients. When sources other than the health record are providing such documentation, the provider should make those sources available to the auditor. FEES AND PAYMENTS Payment of a bill should be made promptly and should not be delayed by an audit process. Payment on a submitted bill from a third- party payer should be based on amounts billed and covered by the patient s benefit plan. A payment of 95% of the insurance liability shall be an acceptable amount prior to the scheduling of an audit. Based on 95% of payment by the payer, all hospital audit fees shall be waived. A payment of less than 95% is appropriate when state and federal regulations apply. The audit parties should settle any payment identified in the audit results, which is owed to either party by the other, within a reasonable period of time, not to exceed 30 days after the audit unless the two parties agree otherwise. 4-2 FEDERAL AND STATE MANDATED LAWS Federal healthcare law is found in Public Law as follows: 1960 PL Social Security Amendments of 1960 (Kerr- Mills aid) 1965 PL Social Security Act of 1965, Establishing Medicare Benefits 1980 Medicare Secondary Payer Act of 1980, prescription drugs coverage added 1988 PL Medicare Catastrophic Coverage Act of Medicare Catastrophic Coverage Repeal Act of PL Balanced Budget Act of PL Medicare Prescription Drug, Improvement, and Modernization Act 282 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

283 2010 Patient Protection and Affordable Care Act and Health Care and Education Reconciliation Act of Other federal mandated laws emanate from the Social Security Act (SSA), which is the highest authority. The Social Security Act Amendments of 1965 created Medicare and Medicaid programs. All of Medicare mandated law is incorporated into SSA Title XVIII. The following weblink directs you to the full law. The following is the full table of contents provided solely as a reference for the auditor to use should research be required. TITLE XVIII HEALTH INSURANCE FOR THE AGED AND DISABLED Sec Prohibition against any Federal interference Sec Free choice by patient guaranteed Sec Option to individuals to obtain other health insurance protection Sec Notice of medicare benefits: medicare and medigap information Sec Medicare payment advisory commission Sec Explanation of medicare benefits Sec Chronic care improvement Sec Provisions relating to administration Sec Addressing health care disparities Part A Hospital Insurance Benefits for the Aged and Disabled Sec Description of program Sec Scope of benefits Sec Deductibles and coinsurance Copyright 2012 William L. Malm, ND, CMAS & AAMAS

284 Sec Conditions of and limitations on payment for services Sec Payment to providers of services Sec Provisions relating to the administration of Part A Sec Federal hospital insurance trust fund Sec Hospital insurance benefits for uninsured elderly individuals not otherwise eligible Sec. 1818A. Hospital insurance benefits for disabled individuals who have exhausted other entitlement Sec Requirements for, and assuring quality of care in, skilled nursing facilities Sec Medicare rural hospital flexibility program Sec Conditions for coverage of religious nonmedical health care institutional services Part B Supplementary Medical Insurance Benefits for the Aged and Disabled Sec Establishment of supplementary medical insurance program for the aged and the disabled Sec Scope of benefits Sec Payment of benefits Sec Special payment rules for particular items and services Sec Procedure for payment of claims of providers of services Sec Eligible individuals Sec Enrollment periods Sec Coverage period Sec Amounts of premiums Sec Payment of premiums Sec Federal supplementary medical insurance trust fund Sec Provisions relating to the administration of Part B 2 84 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

285 Sec State agreements for coverage of eligible individuals who are receiving money payments under public assistance programs or are eligible for medical assistance Sec Appropriations to cover Government contributions and contingency reserve [Sec Repealed.] Sec Intermediate sanctions for providers or suppliers of clinical diagnostic laboratory tests Sec Competitive acquisition of certain items and services Sec. 1847A. Use of average sales price payment methodology Sec. 1847B. Competitive acquisition of outpatient drugs and biologicals Sec Payment for physicians services Sec Eligibility, election, and enrollment Sec Benefits and beneficiary protections Part C MEDICARE+CHOICE PROGRAM Sec Payments to Medicare+Choice organizations Sec Premiums and Premium Amounts Sec Organizational and financial requirements for Medicare+Choice organizations; provider sponsored organizations Sec Establishment of standards Sec Contracts with Medicare+Choice organizations Sec Special Rules for MA Regional Plans Sec Definitions; miscellaneous provisions [Sec. 1860C-1. Repealed.] Part D Voluntary Prescription Drug Benefit Program Subpart 1 Part D Eligible Individuals and Prescription Drug Benefits Sec. 1860D-1. Eligibility, enrollment, and information 285 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

286 Sec. 1860D-2. Prescription drug benefits Sec. 1860D-3. Access to a choice of qualified prescription drug coverage Sec. 1860D-4. Beneficiary protections for qualified prescription drug coverage Subpart 2 Prescription Drug Plans; PDP Sponsors; Financing Sec. 1860D-11. PDP regions; submission of bids; plan approval Sec. 1860D-12. Requirements for and contracts with prescription drug plan (PDP) sponsors Sec. 1860D-13. Premiums; late enrollment penalty Sec. 1860D-14. Premium and cost-sharing subsidies for low-income individuals Sec. 1860D-14A. Medicare coverage gap discount program Sec. 1860D-15. Subsidies for Part D eligible individuals for qualified prescription drug coverage Sec. 1860D-16. Medicare prescription drug account in the federal supplementary medical insurance trust fund Subpart 3 Application to Medicare Advantage Program and Treatment of Employer-Sponsored Programs and Other Prescription Drug Plans Sec. 1860D-21. Application to medicare advantage program and related managed care programs Sec. 1860D-22. Special rules for employer-sponsored programs Sec. 1860D-23. State pharmaceutical assistance programs Sec. 1860D-24. Coordination requirements for plans providing prescription drug coverage Subpart 4 Medicare Prescription Drug Discount Card and Transitional Assistance Program Sec. 1860D-31. Medicare prescription drug discount card and transitional assistance program Subpart 5 Definitions and Miscellaneous Provisions Sec. 1860D-41. Definitions; treatment of references to provisions in Part C Sec. 1860D-42. Miscellaneous provisions Sec. 1860D-43. Condition for Coverage of Drugs Under This Part 286 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

287 Part E Miscellaneous Provisions Sec Definitions of services, institutions, etc. Sec Exclusions from coverage and medicare as secondary payer Sec Consultation with State agencies and other organizations to develop conditions of participation for providers of services Sec Use of State agencies to determine compliance by providers of services with conditions of participation Sec Effect of accreditation Sec Agreements with providers of services; enrollment processes Sec. 1866A. Demonstration of application of physician volume increases to group practices Sec. 1866B. Provisions for administration of demonstration program Sec. 1866C. Health care quality demonstration program Sec. 1866D. National pilot program on payment bundling Sec. 1866E. Independence at home medical practice demonstration program Sec Examination and treatment for emergency medical conditions and women in labor Sec Practicing physicians advisory council; council for technology and innovation Sec Determinations; Appeals Sec Overpayment on behalf of individuals and settlement of claims for benefits on behalf of deceased individuals Sec Regulations Sec Application of certain provisions of Title II Sec Designation of organization or publication by name Sec Administration Sec. 1874A. Contracts with medicare administrative contractors 287 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

288 Sec Studies and recommendations Sec Payments to health maintenance organizations and competitive medical plans Sec Limitation on certain physician referrals Sec Provider reimbursement review board Sec Limitation on liability of beneficiary where medicare claims are disallowed Sec Indian health service facilities Sec Medicare coverage for end stage renal disease patients Sec Certification of medicare supplemental health insurance policies Sec Hospital providers of extended care services Sec Payments to promote closing and conversion of underutilized hospital facilities Sec Withholding of payments for certain medicaid providers Sec Payment to hospitals for inpatient hospital services Sec Payment of provider based physicians and payment under certain percentage arrangements Sec Payment to skilled nursing facilities for routine service costs Sec Provider education and technical assistance Sec Contract with a consensus-based entity regarding performance measurement Sec. 1890A. Quality Measurement Sec Conditions of participation for home health agencies; Home health quality Sec Offset of payments to individuals to collect past-due obligations arising from breach of scholarship and loan contract Sec Medicare integrity program Sec Payments to, and coverage of benefits under, programs of all inclusive care for the elderly (PACE) 288 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

289 Sec Prospective payment for home health services Sec Medicare subvention for military retirees Sec Health care infrastructure improvement program Sec Medicare improvement fund Sec Shared savings program Sec. 1899A. Independent medicare advisory board 148 Similar to Medicare, the Social Security Act is the authority for Medicaid Law. This is known as Title XVIX. This title is provided in its entirety again to provide a reference for the auditor. Like the Medicare program the eligibility requirements, coverage requirements and integrity programs. Unlike Medicare, Medicaid also is compounded by State statutes and administrative laws that provide further guidance, eligibility and medical necessity. The auditor must always review both Federal and State Laws regarding Medicaid to ensure that a complete audit has been performed. TITLE XIX GRANTS TO STATES FOR MEDICAL ASSISTANCE PROGRAMS Sec Medicaid and CHIP Payment and Access Commission Sec Appropriation Sec State plans for medical assistance Sec Payment to States Sec Operation of State plans Sec Definitions Sec Enrollment of individuals under group health plans Sec. 1906A. Premium assistance option for children Sec Observance of religious beliefs Sec State programs for licensing of administrators of nursing homes Copyright 2012 William L. Malm, ND, CMAS & AAMAS

290 Sec. 1908A. Required laws relating to medical child support Sec State false claims act requirements for increased state share of recoveries Sec Certification and approval of rural health clinics and intermediate care facilities for the mentally retarded Sec Indian Health Service facilities Sec Assignment of rights of payment Sec Hospital providers of nursing facility services Sec Withholding of Federal share of payments for certain medicare providers Sec Provisions respecting inapplicability and waiver of certain requirements of this title Sec Use of enrollment fees, premiums, deductions, cost sharing, and similar charges Sec. 1916A. State option for alternative premiums and cost sharing Sec Liens, adjustments and recoveries, and transfers of assets Sec Application of provisions of Title II to subpoenas Sec Requirements for nursing facilities Sec Presumptive eligibility for pregnant women Sec. 1920A. Presumptive eligibility for children Sec. 1920B. Presumptive eligibility for certain breast or cervical cancer patients Sec. 1920C. Presumptive eligibility for family planning services Sec Information concerning sanctions taken by State licensing authorities against health care practitioners and providers Sec Correction and reduction plans for intermediate care facilities for the mentally retarded Sec Adjustment in payment for inpatient hospital services furnished by disproportionate share hospitals Sec Treatment of income and resources for certain institutionalized spouses 290 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

291 Sec Extension of eligibility for medical assistance [Sec Repealed.] Sec Payment for covered outpatient drugs Sec Program for distribution of pediatric vaccines Sec Home and community care for functionally disabled elderly individuals Sec Community supported living arrangements services Sec Assuring coverage for certain low-income families Sec Provisions relating to managed care Sec State coverage of medicare cost-sharing for additional low-income medicare beneficiaries Sec Program of all-inclusive care for the elderly (PACE) Sec Special provisions relating to medicare prescription drug benefit Sec Medicaid integrity program Sec State flexibility in benefit packages Sec Health opportunity accounts Sec References to laws directly affecting medicaid program Sec Asset verification through access to information held by financial institutions Sec Medicaid improvement fund Sec Authorization to receive relevant information Sec Enrollment simplification and coordination with State health insurance exchanges Sec State option to provide coordinated care through a health home for individuals with chronic conditions 291 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

292 Sec Addressing health care disparities CODE OF FEDERAL REGULATIONS (CFR) In addition to the Social Security Act, the Code of Federal Regulations (Section 42) provides additional guidance for Medicare / Medicaid programs. 42 CFR provides additional authoritative guidance through statutes for public law. idx?c=ecfr&tpl=/ecfrbrowse/title42/42tab_02.tpl MANUALS, TRANSMITTALS AND OTHER GUIDANCE Weekly Medicare provides transmittals and guidance which ultimately becomes one of the manuals. Medicare offers two types of manuals, printed and internet- only. These manuals can be found at or MEDICAID REGULATIONS Medicaid is a different in that while there are a Federal regulations and State regulations that together form the mandated laws. From the Federal standpoint the Medicaid laws are represented in the following website Copyright 2012 William L. Malm, ND, CMAS & AAMAS

293 Generally, the state laws can be found by looking at the specific state s Department of Health website. This can be done by utilizing a search engine such as Google or Bing. The description could be Medicaid + state name + department of health For example: State law for Medicaid is usually part of the State s administrative code. The eligibility, coding, reimbursement regulations are provided within. The auditor will need to incorporate the states as well as federal regulations into the audit. One particular area of Medicaid that generally differs from Medicare or commercial payer guidelines is the coding aspect. As a general rule CPT remains the same however, many CPT codes are not covered by the program. However, the actual difference comes in the HCPCS Level II coding aspect. While Level III (Local Codes) has been discontinued several years ago through Federal regulations many states still maintain these codes. Generally these are found in the HCPCS code ranges beginning with the alpha characters of W, X, Y and Z. One state where this is clearly evident is in California within the Midi- Cal program. Auditors will need to make sure that they possess the appropriate coding tools for the audit being undertaken. 4-3 OFFICE OF INSPECTOR GENERAL (OIG) COMPLIANCE GUIDANCE The Office of Inspector General (OIG) is divided into several divisions. The one pertinent to auditing for healthcare venues is the healthcare division. Per the OIG website the following describes their functions. The mission of the Office of Inspector General (OIG), as mandated by Public Law (as amended), is to protect the integrity of Department of Health and Human Services (HHS) programs, as well as the health and welfare of the beneficiaries of those programs. OIG has a responsibility to report both to the Secretary and to the Congress program and management problems and recommendations to correct them. OIG's duties are carried out through a nationwide network of audits, investigations, evaluations and other mission- related functions performed by OIG components. 150 The OIG offers many different publications including a yearly workplan detailing audits and enforcement activities. One of the more specific publications is compliance guidance for multiple types of healthcare entities. The most commonly recognized is the OIG Compliance Guidance for Hospitals. However, there are many others that will impact auditors within healthcare venues. These can be Copyright 2012 William L. Malm, ND, CMAS & AAMAS

294 accessed at the following website: While there are several publications we will focus, within this section, on the Compliance Guidance. After arriving at the main website and selecting the compliance guidance the publications will appear as below. The OIG website provides the compliance guidance according to year of issuance. When an updated version, such as the Hospital Compliance Guidance, exists then the original version is noted below the latest version. To access these original documents please consult: OIG Supplemental Compliance Program Guidance for Nursing Facilities: Federal Register Notice (PDF) [Original Compliance Program Guidance for Nursing Facilities (PDF) (65 FR 14289; March 16, 2000)] Draft OIG Compliance Program Guidance for Recipients of PHS Research Awards (PDF) [NSTC Launches Government- Wide Initiative Based on OIG Draft Guidance for HHS Research Grants (PDF) (June 7, 2006)] Supplemental Compliance Program Guidance for Hospitals (PDF) o [Original Compliance Program Guidance for Hospitals (PDF) (February 23, 1998)] Final Compliance Program Guidance for Pharmaceutical Manufacturers (PDF) Final Compliance Program Guidance for Ambulance Suppliers (PDF) Final Compliance Program Guidance for Individual and Small Group Physician Practices (PDF) (65 FR 59434; October 5, 2000) 294 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

295 Final Compliance Program Guidance for Nursing Facilities (PDF) (65 FR 14289; March 16, 2000) Final Compliance Program Guidance for Medicare+Choice Organizations (PDF) (64 FR 61893;November 15, 1999) Compliance Program Guidance for Hospices (PDF) (64 FR 54031; October 5, 1999) Compliance Program Guidance for the Durable Medical Equipment Prosthetics, Orthotics, and Supply Industry (PDF) (64 FR 36368; July 6, 1999) Compliance Program Guidance for Third- Party Medical Billing Companies (PDF) (63 FR 70138; December 18, 1998) Compliance Program Guidance for Clinical Laboratories (PDF) (63 FR 45076; August 24, 1998) Compliance Program Guidance for Home Health Agencies (PDF) (63 FR 42410; August 7, 1998) IG Remarks Compliance Program Guidance for Hospitals (PDF) (63 FR 8987; February 23, 1998) [Supplemental Compliance Program Guidance for Hospitals (PDF) (January 27, 2005)] Each of these guidance documents are published in the Federal Register and provide authoritative information on creating, implementing and auditing a compliance program. Auditors should select the compliance guidance that best suits the type of auditing they are conducting. For example, if the auditor works within the laboratory he/she should select the Compliance Guidance for Clinical Laboratories. Alternatively, if the auditor is employed by a Medicare+Choice organisation then they should choose the Compliance Guidance for Medicare+Choice organisations etc... The Compliance Guidance Program Guidance for Hospitals is one document that is frequently used by many auditors payer and hospital alike. As such, we will dissect a portion of this document as it mirrors, in design, many of the other guidance documents. 1. Introduction this section generally talks about the reasons for the guidance, benefits of a plan created from the guidance, application of compliance guidance etc Fraud and Abuse Areas this section goes into details about areas that the OIG feel are risk areas to be aware of. Specific to the hospital guidance they mention claim submission, the chargemaster, inaccurate coding, submitting duplicate claims, Stark Law etc Compliance Program Effectiveness this section discusses what elements are essential for program effectiveness. Some elements specific to the hospital guidance are a code of conduct, designation of a compliance officer, self- reporting requirements, and other cultural expectations. 4. Conclusion this summary reviews key elements of the document. 295 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

296 4-4 GENERALLY ACCEPTED ACCOUNTING PRINCIPLES The American Institute of Certified Public Accountants (AICPA) provides the definition and regulations for Generally Accepted Accounting Principles (GAAP). The following is taken directly from their website. The term "generally accepted accounting principles" has a specific meaning for accountants and auditors. The AICPA Code of Professional Conduct prohibits members from expressing an opinion or stating affirmatively that financial statements or other financial data "present fairly... in conformity with generally accepted accounting principles," if such information contains any departures from accounting principles promulgated by a body designated by the AICPA Council to establish such principles. The AICPA Council designated FASAB as the body that establishes generally accepted accounting principles (GAAP) for federal reporting entities. As such, the FASAB is responsible for identifying the GAAP hierarchy for federal reporting entities. The GAAP hierarchy consists of the sources of accounting principles used in the preparation of financial statements of federal reporting entities that are presented in conformity with GAAP and the framework for selecting those principles. The hierarchy lists the priority sequence of sources that an entity should look to for accounting and reporting guidance and is discussed in SFFAS 34, The Hierarchy of Generally Accepted Accounting Principles for Federal Entities, and Including the Application of Standards Issued by the Financial Accounting Standards Board. The sources of accounting principles that are generally accepted are categorized in descending order of authority as follows: a. Officially established accounting principles consist of FASAB Statements of Federal Financial Accounting Standards (Standards) and Interpretations. FASAB Standards and Interpretations will be periodically incorporated in a publication by the FASAB. b. FASAB Technical Bulletins and, if specifically made applicable to federal reporting entities by the AICPA and cleared by the FASAB, AICPA Industry Audit and Accounting Guides. c. Technical Releases of the Accounting and Auditing Policy Committee of the FASAB. d. Implementation guides published by the FASAB staff, as well as practices that are widely recognized and prevalent in the federal government. 151 The Hierarchy of Generally Accepted Accounting Principles, Including the Application of Standards issued by the Financial Accounting Standards Board is known as SFFAS 34. The complete document is essential to overall reporting with federal standards. The SFFAS 34 document can be found at: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

297 FASAB (Federal Accounting Standards Advisory Board) and the AAPC (Accounting and Auditing Policy Committee) have issued many documents providing guidance on accounting and auditing. The listing of these documents can be found at: For further information regarding FASAB we recommend consulting their website at: MEDICARE / MEDICAID POLICIES Medicare and Medicaid policies stem from government regulations. We will separate this into two components Medicare and Medicaid. In general both payers behave similarly in that they provide guidance through transmittals, medical necessity decisions and billing guidance. MEDICARE POLICIES Medicare policies and procedures are issued through changes to the Social Security Act, 42 CFR, transmittals and Medicare Administrative Contractors (MAC). The policies and procedures have a hierarchy with the highest part of the hierarchy being the Social Security Act. The lowest component is the MAC. Weekly, usually on Fridays, CMS issues transmittals to the provider / supplier community. These are then placed into the appropriate manuals. Transmittals can be found at: Along the left side of the website there are the calendar years from which to choose. 297 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

298 The transmittal will be ordered according to most recent however there is a search function as well. An example of a transmittal providing this guidance is as follows: Note that there is a download into Excel function (red arrow) that will allow the auditor to have all the current year s transmittals with their links readily available. The transmittal provides source authority regulatory guidance. 298 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

299 The transmittal is available for download and in many cases a Medlearn Matters that provides the condensed version of the transmittal and provides immediate guidance on how to implement the transmittal accompanies the transmittal. The MAC provides other guidance on a regional basis. Again, the policies and procedures are provided on their specific websites. Noridian Administrative Services, LLC is one such MAC. The website is divided into Part A, Part B, DME and other functions. Policies and procedures are found by clicking one of these functions. Some MAC sites are: Noridian Administrative Services: Trailblazer: National Government Services: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

300 Palmetto GBA: NHIC: Wisconsin Physician Services: First Coast Options: MEDICAID POLICIES Medicaid, unlike Medicare, issues policies at the State and not the Federal level. Each state is responsible for the implementation of their Medicaid program and in some cases there are wide variances between the state policies. For example, Ohio Medicaid provides this on their website: 300 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

301 Each state will publish their medical necessity policies, billing policies, eligibility requirements and necessary documentation requirements to support a charge. Additionally, these policies will define the type of reimbursement model being used such as fee schedule, APG, APR- DRG etc... Medicaid and Medicare share common threads in that most of the payment systems for hospitals and policies for billing are of a prospective payment methodology rather than fee schedule. In any case, the auditor must follow policies and procedures set forth by the Medicaid system. In order to find these policies use Google as follow: State name + Medicaid + policies + procedures. 4-6 NATIONAL AND LOCAL COVERAGE DETERMINATIONS National and Local Coverage Determinations are Medicare concepts. Both of assist the contractor, facility, physician, non- physician practitioner and the patient important information as to whether their services will be covered based on the diagnosis provided. National coverage determinations apply to all states and all Medicare providers while the local coverage determinations are applicable only the Jurisdiction in which they are issued. All of the Local Coverage Determinations (LCD) and National Coverage Determinations (NCD) are published on the Medicare Coverage Website at: The Medicare Coverage Database (MCD) contains all National Coverage Determinations (NCDs) and Local Coverage Determinations (LCDs), local articles, and proposed NCD decisions. The database also includes several other types of National Coverage policy related documents, including National Coverage Analyses (NCAs), Coding Analyses for Labs (CALs), 301 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

302 Medicare Evidence Development & Coverage Advisory Committee (MEDCAC) proceedings, and Medicare coverage guidance documents. 152 NATIONAL COVERAGE DETERMINATIONS NCDs are published in detail within the Medicare National Coverage Determinations Manual and electronically on the CMS website. On the website individual NCDs can be obtained and researched as if utilizing the manual. The NCDs are divided into two subsections the general NCDs (or non- lab NCDs) and the Laboratory NCDs. The website appears as below: NCDs can be found at: coverage- database/indexes/national- and- local- indexes.aspx The NCDs are listed alphabetically and there are 319 total NCDs. A complete listing can be found in Appendix B of this document. NATIONAL COVERAGE DETERMINATIONS MANUAL National Coverage Determinations (NCD s) are published by Medicare in the Internet Only Manual &sortByDID=1&sortOrder=ascending&itemID=CMS014961&intNumPerPage=10 The forward within the Medicare National Coverage Determinations Manual (100-03) describes the focus of the manual coverage- database/overview- and- quick- search.aspx 302 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

303 The statutory and policy framework within which National Coverage Decisions are made may be found in title XVIII of the Social Security Act (the Act), and in Medicare regulations and rulings. The National Coverage Determinations Manual describes whether specific medical items, services, treatment procedures, or technologies can be paid for under Medicare All decisions that items, services, etc. are not covered are based on 1862(a) (1) of the Act (the not reasonable and necessary exclusion) unless otherwise specifically noted. Where another statutory authority for denial is indicated, that is the sole authority for denial. Where an item, service, etc. is stated to be covered, but such coverage is explicitly limited to specified indications or specified circumstances, all limitations on coverage of the items or services because they do not meet those specified indications or circumstances are based on 1862(a)(1) of the Act. Where coverage of an item or service is provided for specified indications or circumstances but is not explicitly excluded for others, or where the item or service is not mentioned at all in the CMS Manual System the Medicare contractor is to make the coverage decision, in consultation with its medical staff, and with CMS when appropriate, based on the law, regulations, rulings and general program instructions. 153 Chapter 13 of the Medicare Program Integrity Manual provides further information regarding the NCD process. The following is taken directly from the Medicare Program Integrity Manual, Section National Coverage Determinations (NCDs) (Rev. 71, ) The NCDs are developed by CMS to describe the circumstances for Medicare coverage nationwide for a specific medical service procedure or device. NCDs generally outline the conditions for which a service is considered to be covered (or not covered) under 1862(a) (1) of the Act or other applicable provisions of the Act. NCDs are usually issued as a program instruction. Once published in a CMS program instruction, an NCD is binding on all Medicare carriers/dmercs, FIs, Quality Improvement Organisations (QIOs, formerly known as Peer Review Organisations or PROs), Program Safeguard Contractors (PSCs) and beginning 10/1/01 are binding for Medicare+Choice organisations. NCDs made under 1862(a) (1) of the Act are binding on Administrative Law Judges (ALJ) during the claim appeal process. (See 42 CFR and 42 CFR ). An example of a NCD can be found at When a new NCD is published, the contractor shall notify the provider community as soon as possible of the change and corresponding effective date. This is a Provider Communications (PCOM) activity. Within 30 calendar days after an NCD is issued by CMS, contractors shall either publish the NCD on the contractor Web site or link to the MCD from the contractor Web site. The contractor shall not solicit comments on national coverage decisions. Contractors shall amend affected LCDs in accordance with 13.4C of this chapter. Since ALJs are bound by NCDs but not Copyright 2012 William L. Malm, ND, CMAS & AAMAS

304 LCDs, simply repeating an NCD as an LCD will cause confusion as to the standing of the policy. If a contractor is clarifying a national reasonable and necessary policy, the contractor shall reference that national policy in the CMS National Coverage Policy section of the LCD. 154 The contractor shall apply NCDs when reviewing claims for services addressed by NCDs. When making individual claim determinations, contractors have no authority to deviate from NCD if absolute words such as "never" or "only if" are used in the policy. LABORATORY NATIONAL COVERAGE DETERMINATIONS Currently there are 23 NCDs specific to Laboratory tests and services. All of these are listed on the CMS Coverage Database under Laboratory NCD s. ( coverage- database/indexes/lab- ncd- index.aspx?bc=baaaaaaaaaaa&) NCD Alpha- fetoprotein Blood Counts Blood Glucose Testing Carcinoembryonic Antigen Collagen Crosslinks, any Method Digoxin Therapeutic Drug Assay Fecal Occult Blood Test Gamma Glutamyl Transferase Glycated Haemoglobin/Gyrated Protein Hepatitis Panel/Acute Hepatitis Panel Human Chorionic Gonadotropin NCD Title Human Immunodeficiency Virus (HIV) Testing (Diagnosis) Human Immunodeficiency Virus (HIV) Testing (Prognosis Including Monitoring) Lipid Testing Partial ThromboplastinTime (PTT) Prostate Specific Antigen Prothrombin Time (PT) Serum Iron Studies Thyroid Testing Tumour Antigen by Immunoassay - CA Tumour Antigen by Immunoassay - CA 15-3/CA Tumour Antigen by Immunoassay - CA Urine Culture, Bacterial Copyright 2012 William L. Malm, ND, CMAS & AAMAS

305 For Medicare patients, these NCDs are frequent sources of charging / billing errors especially in departments such as Emergency Services. These determine the overall medical necessity for the test. If the physician fails to order the test with an accompanying diagnosis that supports the test (according to the NCD) then the test will lack medical necessity resulting in provider liability. Continued provider liability can cause operating margin reductions and financial distress to a facility. As an auditor, your report back to the departments, physicians and compliance will serve as essential education tools. Within the report there should be specific notations to any Laboratory NCD in which there was an adverse finding. Additionally, a detailed explanation of the error and potential corrective action steps should be included within the report. Your expertise may be required to perform some in- depth education for physicians and non- physician providers who order these tests. Some common high volume tests that fail medical necessity are: Blood Glucose Gyrated Haemoglobin Lipid Testing Prostate Specific Antigen Partial Thromboplastin Time Prothrombin Time Urine Culture, Bacterial The laboratory diagnosis and coverage are published in a manual quarterly. The download can be found at: An example of the April 2012 Manual : LOCAL COVERAGE DETERMINATIONS Section 522 of the Benefits Improvement and Protection Act (BIPA) defines an LCD as a decision by a fiscal intermediary (FI) or carrier whether to cover a particular service on an intermediary- wide or carrier- wide basis in accordance with Section 1862(a) (1) (A) of the Social Security Act (e.g., a determination as to whether the service or item is reasonable and necessary). FIs, Carriers, and Medicare Administrative Contractors (MACs) are Medicare contractors that develop and/or adopt LCDs. Medicare contractors develop LCDs when there is no National Coverage Determination (NCD) or when there is a need to further define an NCD. The guidelines for LCD development are provided in Chapter 13 of the Medicare Program Integrity Manual. A local policy may consist of two separate, though closely related documents: the LCD and an associated article. The LCD only contains reasonable and necessary language. Any non- reasonable and necessary language a Medicare contractor wishes to communicate to providers may be done through the article. At the end of an LCD that has an associated article, there is a link to the related article and vice versa coverage- database/#mcdvsmedicare 305 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

306 As stated above, Chapter 13 of the Medicare Program Integrity Manual provides guidance on the LCD development process. Codes describing what is covered and what is not covered can be part of the LCD. This includes, for example, lists of HCPCs codes that spell out which services the LCD applies to, lists of ICD- 9- CM codes for which the service is covered, lists of ICD- 9 codes for which the service is not considered reasonable and necessary, etc. These coding descriptions should only be included if they are integral to the discussion of medical necessity. Coding guidelines are not elements of LCDs and should be published in articles or deleted. Inclusion in LCDs may mislead the public that they can be challenged under the 522 provisions. The following are examples of coding guidelines: A provision stating that a 4- inch thick mattress should be billed using code XXYYZ. A statement that in order to be correctly coded a level X visits shall include complex medical decision- making and a review of systems. The LCDs specify under what clinical circumstances a service is considered to be reasonable and necessary. They are administrative and educational tools to assist providers in submitting correct claims for payment. Contractors publish LCDs to provide guidance to the public and medical community within their jurisdictions. Contractors develop LCDs by considering medical literature, the advice of local medical societies and medical consultants, public comments, and comments from the provider community. (See section of this chapter.) 156 The contractor should adopt LCDs that have been developed individually or collaboratively with other contractors. The contractor shall ensure that all LCDs are consistent with all statutes, rulings, regulations, and national coverage, payment, and coding policies. ANATOMY OF AN NCD OR LCD The NCD and LCD have elements in common that led to ease of understanding and can act as an educational tool for facilities, physicians and non- physician practitioners. NCD: The NCD consists of several components: Tracking Information Description Information Transmittal Information Revision History The following depicts an actual NCD Copyright 2012 William L. Malm, ND, CMAS & AAMAS

307 307 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

308 157 LCD: The LCD is organized slightly differently from the NCD. The LCD reflects the medical review and determinations by the FI/MAC or Carrier issuing it. The following is a characteristic LCD taken from Noridian Administrative Services (Medicare MAC, Part A) for Chest X- ray. This is LCD # L24415 Like the NCD, the LCD will reflect basic information providing the contractor information regarding the LCD. This incorporates many individual components seen within the NCD; however it may appear in a different sequence coverage- database/details/ncd- details.aspx?ncdid=154&ncdver=1&bc=baabaaaaaaaa& 308 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

309 309 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

310 310 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

311 158 As noted in the Noridian Administrative Services LCD for Chest X- ray there is more coding details than are present within the NCDs. In general, but not always, there is a listing of the Type of Bill (TOB), Revenue Code, CPT/HCPCS code, ICD- 9 diagnosis codes that support the test or service and occasionally a listing of ICD- 9 diagnosis codes that do not support medical necessity. One area that is very important from an audit standpoint is the Documentation Requirements that most MAC/FI/Carriers place in their LCDs. In the case above the documentation requirements are clearly spelled out and easy to audit coverage- database/details/lcd- details.aspx?contrnum=03501&contrtypeid=8&lcdid=24415&ver=24&contrid=127&cntrctr=127&name=noridia n+administrative+services%2c+llc+(03501%2c+mac+- +Part+A)&LCntrctr=142%7c124%7c125%7c126%7c127%7c128&bc=BAAEAAEAAAAA& 311 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

312 In this case, the documentation requirements have to do with the frequency limitation and the LCD states Hospital, outpatient, nursing facility or office records should clearly document the reason(s) for examination. Therefore, the physicians order should include either a narrative or ICD- 9 diagnosis code to provide the documentation necessary to support the medical necessity. Without this component the test, service, procedure or supply could be considered non- medically necessary and a denial would occur. If an ABN were not obtained this would result in additional provider liability, as, for Medicare, it could not be billed to the patient. AUDIT CONSIDERATIONS FOR NCD/LCD Clearly the NCD or LCD materials are germane to any billing audit. Every CPT / HCPCS code on the claim should be evaluated in terms of the NCD and/or LCD pertinent to that procedure code. Therefore, the auditor will need to have a current library of LCDs and NCDs for the regions in which they practice. The auditor s main tool in conducting the medical necessity audit for Medicare would be the use of the CMS Medicare Coverage Database found at: coverage- database/overview- and- quick- search.aspx When conducting the audit each and every procedure code (CPT/HCPCS) code should be evaluated to determine if there is an NCD or LCD pertaining to that specific code. If the code is present on the claim then the medical record should be evaluated to ensure that the medical necessity is completely and properly documented within the record. Finally, if the NCD or LCD specifies a frequency limit, or in other words the number of times the code may be used within a specified time period, then that should be the final step of the audit. Should the claim ever result in an ADR (automated data request) or denial, the NCD / LCDs should be meticulously audited. Many times, proprietary bill scrubbers may reject or fail the claim for reasons 312 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

313 relating to medical necessity. As such, the auditor should review the concern manually as it may be a case of the proprietary scrubber not being up to date. In any case, the NCD / LCD provide essential information to assist the client in ensuring their services have met medical necessity. Failure to do so may result in provider liability. Auditors frequently find missing diagnosis codes that are essential in determining medical necessity. An example of the form that could be used during audit is provided below Provided by Bonnie Arp, Alegent Health Community Memorial Hospital Nurse Auditor 313 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

314 4-7 NATIONAL COMMITTEE FOR QUALITY ASSURANCE The National Committee for Quality Assurance is an organisation dedicated to health care quality. The organisation presents the following explanation of their mission on their website. We present their comments in their entirety. The following is copyrighted by the organisation. The National Committee for Quality Assurance is a private, 501(c) (3) not- for- profit organisation dedicated to improving health care quality. Since its founding in 1990, NCQA has been a central figure in driving improvement throughout the health care system, helping to elevate the issue of health care quality to the top of the national agenda. The NCQA seal is a widely recognized symbol of quality. Organisations incorporating the seal into advertising and marketing materials must first pass a rigorous, comprehensive review and must annually report on their performance. For consumers and employers, the seal is a reliable indicator that an organisation is well managed and delivers high quality care and service. NCQA has helped to build consensus around important health care quality issues by working with large employers, policymakers, doctors, patients and health plans to decide what s important, how to measure it, and how to promote improvement. That consensus is invaluable transforming our health care system requires the collected will and resources of all these constituencies and more. NCQA s programs and services reflect a straightforward formula for improvement: Measure. Analyze. Improve. Repeat. NCQA makes this process possible in health care by developing quality standards and performance measures for a broad range of health care entities. These measures and standards are the tools that organisations and individuals can use to identify opportunities for improvement. The annual reporting of performance against such measures has become a focal point for the media, consumers, and health plans, which use these results to set their improvement agendas for the following year. NCQA s contribution to the health care system is regularly measured in the form of statistics that track the quality of care delivered by the nation s health plans. Every year for the past five years, these numbers have improved; health care protocols have been refined, doctors have learned new ways to practice, and patients have become more engaged in their care. Those improvements in quality care translate into lives saved, illnesses avoided and costs reduced. For instance, for every additional person who receives beta- blockers after a heart attack, chances of suffering a second, perhaps fatal, heart attack are reduced by up to 40%. NCQA consistently raises the bar. Accredited health plans today face a rigorous set of more than 60 standards and must report on their performance in more than 40 areas in order to earn NCQA s seal of approval. And even more stringent standards are being developed today. These 314 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

315 standards will promote the adoption of strategies that we believe will improve care, enhance service and reduce costs, such as paying providers based on performance, leveraging the Web to give consumers more information, disease management and physician- level measurement. Health plans in every state; the District of Columbia and Puerto Rico is NCQA Accredited. These plans cover 109 million Americans or 70.5 percent of all Americans enrolled in health plans. 160 NCQA defines what quality healthcare is. As such they have several programs such as the report card program, compliance certification program and HEDIS and quality measurement programs. We will touch upon a few of these exceptional programs offered by NCQA. Report Cards on Health Plans, Provider Quality, and Other Measures: NCQA provides free report cards that help patients select a health plan or physician that provides quality care. This list is kept current and updated monthly. Other report cards include the Physician and Hospital Quality Certification Program. This certification program is an impartial third party measurement of quality /quality and cost together. Finally there is the physician recognition program, which recognizes physicians who have met the highest standards of quality in the categories of heart/stroke care, diabetes, back pain, and systematic processes. HEDIS and Quality Measurement: Healthcare Effectiveness Data and Information Set (HEDIS) is a tool developed by NCQA and is used by greater than 90% of all U.S. health plans measuring performance on the dimensions of care and service. HEDIS offers three separate certification programs: (1) HEDIS Survey Vendor Certification; (2) HEDIS Compliance Audit and (3) Software Certification. 1. The HEDIS Survey Vendor Certification carries out the survey data collection. NCQA trains and certifies vendors to collect the HEDIS survey results from health plans according HEDIS protocols. These certified vendors can enter into contracts with health plans to survey the health plans members. 2. HEDIS Compliance Audit consists of HEDIS licensing organisations and certifying specific employees of these licensed organisations to conduct audits utilizing NCQA standards of audit methodology. Auditors use the first half of the audit, the overall IS review, to identify data areas to focus on during the second half of the review (HEDIS Compliance Standards). This allows for customization of each audit depending on the individual health plan's strengths and Copyright 2012 William L. Malm, ND, CMAS & AAMAS

316 weaknesses. The audit adds a higher degree of integrity to HEDIS data, and enables MCOs to provide consumers and purchasers with consistent and comparable HEDIS reports Software certification is another function of HEDIS / NCQA. The following is an overview of the software certification by NCQA. NCQA, the leader in quality and performance measurement, has a Software Certification program that ensures the integrity of commercial software products that produce HEDIS and P4P results. By becoming NCQA- Certified, you can help improve the accuracy of reporting measures and produce more reliable and comparable results while gaining an advantage over your competitors. 162 Finally, NCQA provides a functional tool called the Quality Dividend Calculator. This calculator can be used by businesses and employer demographics to calculate the productivity and revenue when selecting an accredit plan. Quality health care keeps employees healthy and on the job. Bad health care can do just the opposite. The NCQA s Quality Dividend Calculator TM 2010 (QDC) to estimate the "quality dividend" your organisation receives for providing high quality care to employees. This new version of the QDC lets you make direct plan- to- plan comparisons and see how each plan will impact the absenteeism and productivity of your workforce HEALTH INFORMATION PORTABILITY AND ACCOUNTABILITY ACT OF 1996 The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes. The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information. 164 The United States Department of Health and Human Services (HHS) has published an overview document encompassing all aspects of HIPAA. This document is called Summary of HIPAA Privacy Rule and can be found at: The Office of Civil Rights (OCR) has many essential tools for ensuring that a covered entity meets all the regulatory standards set forth in the Law. Some of the components in the following paragraphs were taken directly from the Office of Civil Rights guidance. The Privacy Rule, as well as all the Copyright 2012 William L. Malm, ND, CMAS & AAMAS

317 Administrative Simplification rules, apply to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA (the covered entities ). 165 WHO IS COVERED Health Plans: Individual and group plans that provide or pay the cost of medical care are covered entities.4 Health plans include health, dental, vision, and prescription drug insurers, health maintenance organisations ( HMOs ), Medicare, Medicaid, Medicare+Choice and Medicare supplement insurers, and long- term care insurers (excluding nursing home fixed- indemnity policies). Health plans also include employer- sponsored group health plans, government and church- sponsored health plans, and multi- employer health plans. 166 Exceptions to these requirements are: Group health plan with less than 50 employees administered solely by the employer that established and maintains the plan Two types of government funded programs o Whose principle purpose is not providing or paying the cost of healthcare (i.e. food stamp program) o Programs whose principal activity is directly providing health care. Examples of these are community health centres, grants to fund the direct provision of healthcare Additionally, some insurance entities that provide workers compensation, auto insurance and property /casualty insurance. Health Care Providers: These include all providers of services (e.g. Hospitals) and providers of medical or health services (physicians, dentists and other non- institutional providers). 167 Every health care provider who transmits electronic health information is a covered entity. Transactions include claims, benefit eligibility enquiries, referrals and other transactions under HIPAA transactions rule. The rule covers a health care provider whether it electronically transmits these transactions directly or uses a billing service or other third party to do so on its behalf. 168 Health Care Clearinghouses: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

318 These are entities that process non- standard information received from another entity into a standard format or data content. Clearinghouses will receive individually identifiable health information only when they are providing processing services to a health plan or provider as a business associate. 169 To summarize the health care plan, the health care provider (institutional and non- institutional) and health care clearinghouses are the entities considered covered. We will now move into a discussion of the business associate BUSINESS ASSOCIATE A business associate is a person or company or organisation outside of the covered entity s personnel. This associate performs duties, on behalf of the covered entity, and utilizes individually identifiable health information in the course of this business. Some examples of services rendered by the business associate are: Claims processing Data analysis Utilization Review Billing Services Pricing Services Data management Accreditation Accounting and Financial Services 170 It is important to note one covered entity can be the business associate of another covered entity. 171 A business associate s contract is required when the covered entity utilizes an outside contractor as defined above. This type of contract must include written specific provisions such as defining the safeguards to be used to protect identifiable health information that might be utilized or disclosed by the business associate. In other word, the business associate must ensure the confidentiality of this information and disclose only to appropriate persons or organisations as required by business or law. Additional information on the business associate and agreements can be found at: Additionally, sample business associate contract language can be found at: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

319 WHAT IS CONSIDERED PROTECTED INFORMATION Individually identifiable health information is information, including demographic data, that relates to: the individual s past, present or future physical or mental health or condition, the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual, and that identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number). The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. 1232g. 172 Permitted Uses and/or Disclosures: The covered entity may use and disclose protected health information, without notifying the individual, in the following situations: To the individual (unless required for access or accounting disclosures) Treatment, Payment and Health Care Operations Opportunity to Agree or Object Incident to an otherwise permitted used and disclosure Public Interest and Benefit Activities Limited Data Set for the purposes of research, public health or health care operations 173 It is up to the covered entity to determine based on professional ethics and best judgment which disclosure to make. Authorization: The covered entity must obtain the individual s written authorization for any use or disclosure of protected health information not used for treatment, payment or otherwise permitted by the Privacy Rule. 174 Furthermore, the entity cannot make the authorization a condition of treatment, payment or eligibility. The authorization must be in plain language, contain specific language stating the information to be disclosed and to whom. The rule allows for expiration date revocation should the individual change their mind. Examples of disclosures are for life insurance coverage, pre- employment physicals, C.F.R (a)(1) C.F.R Copyright 2012 William L. Malm, ND, CMAS & AAMAS

320 etc Psychotherapy notes follow much stricter authorization criteria. For psychotherapy the covered entity must obtain an individual s written authorization except: The covered entity who originated the notes may use them for treatment For its own internal training and to defend itself in legal proceeding brought by the individual HHS during an investigation as to the covered entity s compliance with Privacy Rules Avert a serious / imminent threat to public health, safety Health oversight agency for lawful oversight of the originator of the psychotherapy notes Lawful activity of a coroner As required by Law 175 Minimum Necessary: This is a key principle of the regulation and relates to the use and disclosure of information. A covered entity must make reasonable efforts to use, disclose, and request only the minimum amount of protected health information needed to accomplish the intended purpose of the use, disclosure, or request. A covered entity must develop and implement policies and procedures to reasonably limit uses and disclosures to the minimum necessary. When the minimum necessary standard applies to a use or disclosure, a covered entity may not use, disclose, or request the entire medical record for a particular purpose, unless it can specifically justify the whole record as the amount reasonably needed for the purpose. 176 There are exceptions to this requirement such as: Request by a healthcare provider for treatment Disclosure to the individual or their personal representative Disclosure to the government (HHS) as a result of a compliance investigation Disclosure required by law Disclosure required to remain in compliance with HIPAA Transaction rules. Privacy Notices: As part of the regulation, Privacy Notices must be issued. These notices must state the entity s duties to protect privacy provide notices and abide by the terms of the current notice. These notices must describe the individual s rights, the right to complain to HHS and to the covered entity if the person feels their rights have been violated. Additionally, the notice must include a point of contract for additional information or where to make a complaint. Other Matters: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

321 In addition to the documentation provided above on HIPAA there are other requirements such as accounting for disclosures, access to records, administrative simplification and many other minor points. For further information on all aspects of HIPAA we recommend reviewing materials offered by the U.S. Government at: COMPLIANCE WITH HIPPA HHS provides technical assistance for covered entities to ensure compliance with the regulation. However, there are penalties for infractions to the regulation. There are civil monetary penalties for such infractions. HHS may impose civil money penalties on a covered entity of $100 per failure to comply with a Privacy Rule requirement. That penalty may not exceed $25,000 per year for multiple violations of the identical Privacy Rule requirement in a calendar year. HHS may not impose a civil money penalty under specific circumstances, such as when a violation is due to reasonable cause and did not involve wilful neglect and the covered entity corrected the violation within 30 days of when it knew or should have known of the violation. 177 In addition to the civil monetary penalties, criminal penalties can be assessed. A person who knowingly obtains or discloses individually identifiable health information in violation of HIPAA faces a fine of $50,000 and up to one- year imprisonment. The criminal penalties increase to $100,000 and up to five years imprisonment if the wrongful conduct involves false pretences, and to $250,000 and up to ten years imprisonment if the wrongful conduct involves the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm. Criminal sanctions will be enforced by the Department of Justice. 178 HIPAA AND AAMAS As stated in the National Health Care Billing Audit Guidelines, AAMAS has published the following guidance for auditors. The following is a complete replication of that statement. All parties to a billing audit must comply with the federal HIPAA Privacy Rules as regards to confidentiality of patient information. State and/or contractual agreements will only supersede the HIPAA regulations if their confidentiality requirements are more stringent or limiting in disclosure than the HIPAA. All payer and provider organizations (covered entities) and all audit organizations, their employees, and sub- contractors (business associates) conducting or involved with billing audits must maintain policies and procedures Copyright 2012 William L. Malm, ND, CMAS & AAMAS

322 ensuring the confidentiality of patient protected health information (PHI) in their possession and the proper disposal of this information. A separate patient authorization is not required for the performance of payment activities including review of the health care services for justification of charges. The HIPAA Privacy Rule (45 CFR ) permits a covered entity to use and disclose protected health information, with certain limits and protections, for treatment, payment and health care operation activities. Occasionally there are circumstances that require a separate patient authorization. Some examples of these circumstances are mental health illness, HIV, genetic testing, and substance abuse. In these circumstances, the patient authorization shall include at least the following information: Patient s full name, address, and date of birth Purpose for releasing/obtaining the information Date the consent was signed Signature of patient or legal representative It is the responsibility of the audit coordinator or Health Information Management (HIM) representative to inform the requestor in a timely manner if a separate authorization will be required 179 HIPAA SUMMATION This rule is complex and contains many fine points that the auditor will need to understand in order to comply and audit. The entire Privacy Rule, as well as guidance and additional materials, may be found on the HHS website at: Additionally, the auditor should take into account the documentation provided within the National Health Care Billing Audit Guidelines 4-9 MEDICARE INTEGRITY PROGRAM The Health Insurance Portability and Accountability Act (also known as the Kassebaum- Kennedy legislation) includes a provision establishing the "Medicare Integrity Program. That provision gives the Centers for Medicare and Medicaid Services (CMS) specific contracting authority, consistent with 179 National Health Care Billing Audit Guidelines as amended by AAMAS; 1 May Copyright 2012 William L. Malm, ND, CMAS & AAMAS

323 Federal Acquisition Regulations, to enter into contracts with entities to promote the integrity of the Medicare program. Pursuant to MIP authority, CMS awarded twelve Indefinite Delivery- Indefinite Quantity (IDIQ) contracts for the Program Safeguard contractor (PSC) effort in May The Whitehouse provides the following message in their website ExpectMore. The Medicare Integrity Program is the Centers for Medicare & Medicaid Services primary program for safeguarding the Medicare Trust Funds against fraud, waste and abuse. The program conducts reviews and investigations of Medicare expenditures to ensure Trust Fund resources are properly utilized for the program's mission The program relies on performance measures, such as the Medicare error rate, that are directly relevant to its purpose. The Medicare Modernization Act significantly expanded CMS's responsibilities and will require an additional program integrity activity. The program has established quantitative performance measures and baseline against which performance is measured. Prior to contracting reform, CMS claims processing contractors' payment did not include incentives to reduce payment errors. Thus, contractors' reimbursement is on a cost basis and is unaffected by the number of claims payment errors made. 181 The actual law is contained within 42 USC 1395ddd. The following is the significant components of the regulation. Reference can be found at: Provides for the U.S. government to contract with entities to carry out the following activities: o Review the activities of providers furnishing items and services for which payment may be made, including medical and utilization review and fraud review. Will employ similar standards, processes and technologies used by private health plans to include equipment and software which surpass the capability of the equipment / technology used to review claims under this title at the time of the enactment. 182 o o o Audit cost reports Make determinations as to whether payment should be made, should not have been made and whether recovery of payments in error have been made (see 1862(b)) Education of providers, beneficiaries with respect to payment integrity and benefit quality assurance issues Copyright 2012 William L. Malm, ND, CMAS & AAMAS

324 o o Developing a list of items of durable medical equipment which are subject to prior authorization (see1834(a)(15)) Review the Medicare- Medicaid Data Match Program In order to perform these activities, the entity must be considered an eligible entity. The regulation provides the following guidance on what the eligible entity must contain. Entity has demonstrated capability to carry out the activities stated above Entity agrees to cooperate with the OIG, Department of Health and Human Services (DHHS), the Attorney General and law enforcement. The cooperation is in relation to investigations and deterrence of fraud and abuse arising out of provider activities Entity complies with conflict of interest standards as applicable to Federal acquisition and procurement Other requirements as per the Secretary (DHHS) Key to the Medicare Integrity Program (MIP) is activities regarding recoupment.. The regulation provides great detail on the repayment plan, which is too exhaustive to describe here. We recommend that the auditor review the entire regulation as provided under the Social Security Act website at: Auditing is an essential function of the MIP contractor in order to expose potential overpayments, fraud, and/or abuse. The regulation provides further understanding on what is required of the contractor. The following applies: The contractor must provide written notice for any post- payment audit. This notice may be hardcopy or in electronic form and must provide the intent to conduct such an audit. Explanation of findings o Issue the provider of services and/or supplier a full review and explanation of the findings of the audit o The notice must provide the review in a fashion that is understandable to the provider and will allow for the development of the corrective action plan o Inform the provider of their appeal rights as well as any consent settlement options o Allow the provider or supplier an opportunity to provide additional information to the contractor o Include all information provided within the time frame allowed (a timely submission ) o There are exceptions to these requirements by the contractor which are: If the provision of notice or findings would comprise pending law enforcement activities (criminal or civil) or reveal findings of law enforcement audits. Sampling has a standard methodology. The Secretary must establish this standard methodology for Medicare contractors to use in selecting the sample of claims for review in the event of an abnormal billing pattern. 324 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

325 The Medicare Medicaid Data Match Program: This component of the Act pertains to what is commonly referred to as the Medi- Medi Program. This component is established for several purposes as follow: To identify program vulnerabilities between the Medicare and Medicaid programs. o Utilize computer algorithms to look for payment abnormalities (including billing or billing patterns identified with respect to service, time, or patient that appear to be suspect or otherwise implausible) 183 To work with the States, the OIG, Health and Human Services, the Attorney General and other entities to coordinate action to protect both the State and Federal programs Increasing effectiveness of both programs through recoupment of fraudulent or wasteful expenditures The Secretary has a quarterly reporting requirement, under the Act, to provide data and statistical information collected to the Attorney General, Director of the FBI, the OIG and the states fraud and abuse control units. The Use of Recovery Audit Contractors (RACs): 184 Under the MIP, the Secretary shall conduct contracts with RACs in order to identify underpayments and overpayments and recouping overpayments where payment is made under Part A or Part B. As such payment to the contractor will only be made only contingency for collecting overpayments and on the amount recovered. Additionally it may be made in the amount specified by the Secretary for underpayments. Finally, from the amount recovered a portion will remain available to the program management account at CMS for activities conducted under the RAC program. Any additional amounts collected not disposed to either the RAC or the program shall be placed back into the Medicare fund to defray expenses within the Part A or Part B programs. The contractor will be considered a qualified RAC only if it has the staff and appropriate clinical knowledge, expertise in both clinical and payment rules / regulations to conduct the process. A contractor is considered ineligible if the contractor is a fiscal intermediary (FI) or Medicare Administrative Contractor (MAC). Preference will be given to those entities with greater than three (3) years expertise and proficiency for cost control and recovery audits with other private insurers, health See Vol. II, P.L , 302(b), with respect to a demonstration project for use of recovery audit contractors. See Vol. II, P.L , 302(b), with respect to access to the Coordination of Benefits Contractor Database. 325 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

326 plans, Medicare, Medicaid, or other health care provider. Within the Act is special notification that recovery of an overpayment by a RAC shall not prohibit the Secretary or Attorney General from investigating and prosecuting allegations of fraud originating from the overpayment. Finally, the RAC program has an annual report, which the Secretary must submit to Congress. This report must include performance as it relates to the identification of underpayment/overpayments and evaluation of contractor s and savings to the program. Note, currently this section of the Social Security Act providing guidance under MIP for RACs does not include that which was passed under the Affordable Care Act for Medicaid RACs. That language is found within that Law and change to Public Law For further information on MIPs we recommend: b : U.S. SENTENCING GUIDELINES The U.S. Sentencing Guidelines are created by the U.S. Sentencing Commission as a result of the Sentencing Reform Act of The Commission consists of seven voting and two non- voting members whose sole purpose is to establish sentencing policies and practices for the federal criminal justice system. The Commission is an independent agency within the U.S. Judicial Branch. 185 The guidelines are based on two factors: 1. Conduct that was associated with the offence (determines the offence category) 2. The Defendant s criminal history (determines the criminal history category) 186 These guidelines were created to ensure three components that were desired by Congress. These goals were: 1. Honesty in sentencing; 2. Reasonable uniformity in sentencing; and 3. Proportionality in sentencing through different sentences for criminal conduct based on differing severity of conduct Copyright 2012 William L. Malm, ND, CMAS & AAMAS

327 This resulted in 43 offence levels and six criminal history levels that come together in grids to determine the sentence length in an objective fashion. In addition to the two above named components the sentencing guidelines allow the judge some flexibility with adjustments to the guideline. Adjustments can be made upward (increasing the sentence) for matters such as hate crimes, terrorism or restraint of the victim. Conversely there are adjustments downward (decrease sentence) for defendant s assistance with other cases. Additionally, there are departures for such crimes as death, extreme psychological injury and disruption of government. The Federal Sentencing Guidelines also play a role in sentencing individuals and organisations found guilty of healthcare crime(s). Chapter 8 of the Federal Sentencing Guideline Manual provides the overview and methods attributable to organisations. A copy of the sentencing grid is taken directly from the Manual 188 and is detailed below: On the web there are several calculators that can assist an attorney in determining what the potential offence sentence might be. One such calculator can be found at: The latest publication of the Federal Sentencing Guideline Manual can be found at: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

328 4-11 THE JOINT COMMISSION (TJC) (AKA) JOINT COMMISSION ON THE ACCREDITATION OF HEALTHCARE ORGANISATIONS (JCAHO)) The Joint Commission (TJC) is a private not- for- profit organisation formerly known as the Joint Commission on Accreditation of Healthcare Organisations or JCAHO. TJC s mission is "To continuously improve health care for the public, in collaboration with other stakeholders, by evaluating health care organisations and inspiring them to excel in providing safe and effective care of the highest quality and value". 189 They achieve this mission through offering subscription services to hospitals and other healthcare entities that lead to accreditation. These surveys are generally offered every three (3) years with spot inspections that are unannounced from months after the last unannounced visit. This criterion applies to all healthcare organisations except laboratories. The U.S. Government mandates that either TJC or Medicare accredit hospitals in order to receive reimbursement from the program. Specifically, 42 U.S.C. 1395bb (a), (b), states a hospital that meets Joint Commission accreditation is deemed to meet the Medicare Conditions of Participation" (which is a requirement for Medicare). 190 Accordingly TJC is the vendor of choice for most state Medicaid programs in order to receive reimbursement under that title. With the enactment of MIPPA, the deemed status of TJC has changes. Wikipedia provides the following basic information regarding this change in Section 125 of the Medicare Improvement for Patients and Providers Act of 2008 (MIPPA) removed The Joint Commission s statutorily- guaranteed accreditation authority for hospitals, to be effective July 15, At that time, The Joint Commission s hospital accreditation program will be subject to Centers for Medicare & Medicaid (CMS) requirements for accrediting organisations seeking deeming authority. To avoid a lapse in deeming authority, The Joint Commission must submit an application for hospital deeming authority consistent with these requirements and within a time frame that will enable CMS to review and evaluate their Facts About The Joint Commission, The Joint Commission Web site Copyright 2012 William L. Malm, ND, CMAS & AAMAS

329 submission. 191 CMS will make the decision to grant deeming authority and determine the term. 192 TJC does not make its findings of the survey public, however, does provide the accreditation status, which is public. The information included is the date of accreditation as well as any standards that were cited by TJC for improvement. Many facilities have dedicated personnel within their organisation who are responsible for preparing and ensuring a successful accreditation by the TJC. Their role would be to ensure that the facility is in compliance with all TJC standards. The facility auditor should ensure that there are policies, procedures and processes in place to document and support these standards. In order to pass accreditation the facility must show these items to be in place for at least four months prior to the survey and throughout the accreditation period. 193 One of the TJC s initiatives well known to hospitals is the National Patient Safety Goals. This has been instrumental in developing such clinical concepts as time out prior to surgery, identifying the correct limb, developing standards to prevent the spread of infections and central line management. TJC is only one accreditation body. Other accreditation organisations include; The American Osteopathic Association that reviews osteopathic (DO) program and facilities, Commission on Accreditation of Rehabilitation Facilities, and the Compliance Team (accredit DME). TJC STANDARDS Standards relating to hospitals are too extensive to cover within this document. We will provide the standard categories, which are as follow. 1. Emergency Management; 2. Environment of Care; 3. Human Resources; 4. Infection / Prevention and Control; 5. Information Management; 6. Leadership; 7. Life Safety; 8. Medical Staff; hai- plan- incentives- oversight.pdf HHS Action Plan to Prevent Healthcare- Associated Infections Section 8: Incentives and Oversight - June 22, 2009 Excerpt: pages cms Copyright 2012 William L. Malm, ND, CMAS & AAMAS

330 9. Medication Management; 10. National Patient Safety Guidelines (NPSG); 11. Provision of Care, Treatment and Services; 12. Record of Care, Treatment and Services; 13. Rights and Responsibilities of the Individual; 14. Transplant Safety; and 15. Waived Testing Further information can be found at: Core measures have performance measurements that can be found in the specifications manual for which we refer you to: Audit Tip: Facility auditors can play a key role in preparing for a TJC survey or other credentialing body. Auditors have a keen sense of the facility operations and are skilled with policies, procedures and guidelines. As such they make wonderful independent auditors of the preparedness for a survey. Facility auditors should have a good understanding of the TJC standards for facilities INTERPRETATIVE GUIDELINES, UM CRITERIA, STANDARDS AND PROTOCOLS MEDICARE INTERPRETATIVE GUIDELINES Medicare Interpretative guidelines are statements interpreting laws and regulations as it pertains to the Medicare Program. These interpretative guidelines can be found for Hospitals in Appendix A of the State Operations Manual. This manual is on the CMS website and is also known as the Internet- Only Manual The following is an example of an interpretative guideline. 330 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

331 194 While interpretative guidelines are prevalent for Medicare and Medicaid, most commercial payers also have them. It will be important to follow the interpretative guidelines of the payer that you are auditing as there disparities between payers. UTILIZATION MANAGEMENT The definition of utilization management (UM) is found in many places. Wikipedia defines it as: Utilization management is the evaluation of the appropriateness, medical need and efficiency of health care services procedures and facilities according to established criteria or guidelines and under the provisions of an applicable health benefits plan. Typically it includes new activities or decisions based upon the analysis of a case Copyright 2012 William L. Malm, ND, CMAS & AAMAS

332 Utilization management describes proactive procedures, including discharge planning, concurrent planning, pre- certification and clinical case appeals. It also covers proactive processes, such as concurrent clinical reviews and peer reviews, as well as appeals introduced by the provider, payer or patient. 195 Anthem Blue Cross of Ohio defines utilization management as follows: The purpose of the Utilization Management Program is to assure the delivery of medically necessary, optimally achievable, quality patient care through appropriate utilization of resources in a cost effective and timely manner. To ensure this level is achieved and/or surpassed, programs are consistently and systematically monitored and evaluated. The evaluation process is fully documented and when opportunities for improvement are noted, recommendations are provided. Evaluations also confirm that the population is served by utilization activities conducted within the organizational framework and service model in accordance with the mission statement. Oversight and reporting of utilization activities are the responsibility of the Utilization Management Committee and Senior Medical Director as indicated in organization charts. 196 No matter what the definition the process is clear. The goal or objective is to have a well- documented process to provide medically necessary care in a cost efficient fashion utilizing the highest quality standards. As such most commercial payers issue their own guidelines as do State and Federal programs. Historically, due to process requirements, four different types of UM developed. While these differ from facility to facility the majority of hospitals and/or physicians are involved with one or all of these types. These are: Demand Management Utilization Review Case Management Disease Management 197 Wikipedia and other resources make an important distinction that is frequently confused within systems. Utilization Management (UM) is a prospective management of the patient whereas Utilization Review is retrospective management of an issue or concern. Clearly with the Affordable Care Act a new spearhead towards prospective management has occurred. In many cases, the prospective approach has come out of necessity due to the Recovery Audit Contractors. With the fear of being audited more p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

333 physicians and facilities have become more prospective in their disease and patient management to ensure that things are managed before they become an issue. One example of UM for disease management is the rise in evidenced based medicine. Clearly using protocols and evidence to manage the patient allows all physicians using them a singular approach with enhanced efficiency, decreased costs and increased quality. The facility most cited for this achievement is Intermountain Healthcare in Salt Lake City, Utah. Within their facilities the prospective demand, case management and disease management has lead to decreased costs with increased quality outcomes. (See also While auditors generally are not fully involved in the prospective management of the patient they should understand the process. As auditors, the retrospective or even concurrent auditing of the record may require involvement with UM, Case Management or Utilization reviewers. It would be incumbent on the auditor to understand the process to ensure that the independent auditing matched what the process within the facility and to note when deviations in the process led to charge capture and/or billing or reimbursement errors. Goals and Objectives: While every practitioner, facility or system has their own stated goals and objectives, Anthem Blue Cross of Ohio, in their Utilization Management Manual portray common objectives. As stated in the manual these are: To provide on- going monitoring and evaluation activities which address and correct over- utilization and under- utilization and inefficient coordination of medical resources. To maintain a systematic process for educating practitioners/providers regarding utilization management issues. (*) Ensure that governmental and other regulatory agency guidelines, standards, and criteria are adhered to. (*) Ensure that services rendered are within the guidelines of and are authorized by the member s health plan benefits and are delivered by contracted practitioners/providers. (*) To respond to member and practitioner/provider complaints/appeals regarding UM issues after coordinating a comprehensive and timely investigation. (*) Perform peer review in conjunction with the Quality Management Program, as applicable. Ensure that delivered services are timely, medically necessary and consistent with the diagnosis and required level of care. Facilitate communication and develop positive relationships between members, practitioners/providers, and contracted health plans by preserving the patient- practitioner relationship and providing education related to appropriate utilization. To ensure that contracted practitioner/provider, and employee awards are based on appropriateness of care and service and not under utilization of care. To ensure that practitioners/providers are not prohibited from acting on behalf of members. 333 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

334 Ensure that appropriate care is delivered to high risk, catastrophic, high volume and chronic members by identifying them, accessing the most efficient resources, and preventing hospitalizations through proactive planning and prevention, and providing a treatment continuum. To ensure the development and implementation of effective health education/promotion programs in order to reduce overall healthcare expenditures. Implement procedures to prevent the re- occurrence of problematic utilization issues. (*) To ensure that Behavioral Health (BH) services are effectively delivered. To ensure continuity and coordination of care between medical and behavioral health practitioners. 198 (*) items above are those in which facility claims auditors or revenue integrity auditors may be called upon for expertise. UTILIZATION MANAGEMENT STANDARDS, CRITERIA AND PROTOCOLS As with any process there must be a defined set of standards by which to guide the process and to compare the results against a benchmark. In utilization management these tools are known by several terms such as Medicare s Interpretative Guidelines, as discussed above. Additionally, Medicare utilizes the National Coverage and Local Coverage Decisions to formulate their medical necessity criteria. (See NCD/LCD Core Domain 4.6 for further guidance) However, for commercial, managed care and other non- Medicare payers the Interpretative Guidelines and the NCD/LCD may not apply. MEDICAID UTILIZATION MANAGEMENT In terms of Medicaid, their source data is similar to Medicare s in that they publish their own medical necessity requirements that sometimes mirror Medicare s but are state specific. This can be very confusing for auditors who perform multi- state Medicaid audits as the criteria can vary wildly. The excerpts below are from different states and demonstrate the focus of these states. Unfortunately, time and space do not allow for us to review all states UM protocols within this document. We would refer you to your specific state Department of Health and Human Services for specific criteria. Example: Arkansas: The Arkansas Department of Human Services instituted the Medicaid Utilization Management Program (MUMP) to determine reimbursement for lengths of stay for all inpatient acute care/general and p Copyright 2012 William L. Malm, ND, CMAS & AAMAS

335 rehabilitative hospital services. Services performed in lone standing psychiatric facilities are excluded. 199 In this state the UM program seems to focus only on the length of stay for patients who are inpatients. They also have a pre- authorization process for inpatient and outpatient procedures through a voice approval system similar to commercial payer pre- authorization utilization management. Example: Florida: Florida has a much more robust system than appears in the prior example. One area in which Florida provides extensive utilization management documentation is for psychiatric services. In this case, the State of Florida, as managed by Magellan Medicaid Administrators published an entire manual of benchmark protocols to ensure safe, quality, cost effective management of psychiatric diseases. This entire manual may be reviewed at: pdf Example: California Medi- Cal is one of the largest and most complex Medicaid systems in the country. California, like other states, publishes on- line extensive provider manuals detailing the requirements for patient care management and reimbursement. Within these on- line documents the auditor will find medical necessity requirements, pre- authorization requirements and reimbursement / documentation requirements. These manuals should be utilised when conducting the audit, as they are the authoritative source documents. Examples taken from the provider manual section of Medi- Cal are as depicted below Copyright 2012 William L. Malm, ND, CMAS & AAMAS

336 200 Therefore, it will be incumbent upon the auditor to research the specific state Medicaid criteria for the disease, test, service or procedure in question to ensure that the audit is comprehensive and meets criteria. A complete listing of state Medicaid sites can be found at the following website: State Medicaid Program Website Address Alabama Alabama Medicaid Alaska Alaska Medicaid Arizona Arizona Health Care Cost Containment System (AHCCCS) cal.ca.gov/pubsdoco/manuals_menu.asp 336 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

337 Michigan Medi- Cal State Medicaid Program Website Address Arkansas Arkansas Medicaid California cal/pages/default.aspx Colorado Colorado PEAK Connecticut Delaware District of Columbia Florida Florida Connecticut Medicai DC Medicaid Medicaid Georgia Georgia Medicaid DFCS/menuitem.83054cda1a084d2f7da1df8dda1010a0/?vgnextoid=36ca2b48d9a 4ff00VgnVCM100000bf01010aRCRD Hawaii QUEST Idaho Idaho Medicaid x Illinois Family Care Indiana Iowa Kansas Hoosier Healthwise Iowa Medicaid Enterprise Kansas Medicaid and HealthWave Louisiana Louisiana Medicaid Maine Maryland MaineCare Services Maryland Medical Assistance _Doc%202/medasstov.html Massachusetts MassHealth Coverage 2=Insurance+%28including+MassHealth%29&L3=Apply+for+MassHealth+Coverage &sid=eeohhs2 Michigan Medicaid _ ,00.html Minnesota Minnesota Medicaid N&RevisionSelectionMethod=LatestReleased&dDocName=dhs16_ Mississippi Mississippi Missouri Missouri HealthNet Montana Montana Mecicaid Nebraska Nebraska Medicaid Copyright 2012 William L. Malm, ND, CMAS & AAMAS

338 Ohio State Medicaid Program Website Address Nevada Medical Assistance 47 New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio New Hampshire Medicaid New Jersey Medicaid New Mexico Medicaid New York Medicaid North Carolina Medicaid North Dakota Medicaid Medicaid Oklahoma SoonerCare Oregon Oregon Health Plan Pennsylvania Medical Assistance Rhode Island South Carolina South Dakota Rhode Island Medicaid South Carolina Medicaid South Dakota Medicaid Tennessee TennCare Texas Texas Medicaid Utah Utah Medicaid Vermont Green Mountain Care health- insurance- plans/medicaid Virginia Virginia Medicaid Washington Medicaid State Plan Wisconsin ForwardHealth Wyoming EqualityCare (Above chart taken from: of- State- Medicaid- Websites) 338 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

339 COMMERCIAL AND MANAGED CARE UTILIZATION MANAGEMENT TOOLS Generally, the utilization management tools for non- federal / non- state payers are of a proprietary nature. While Medicare / Medicaid do refer to many of these tools they generally do not constitute source authority and the auditor must remember that federal or state program guidance, regulations and statutes supersede these proprietary tools. Two of the most prominent utilization management tools are those published by Milliman and McKesson Interqual. While the U.S. Government does not subscribe to any particular standard it is important to note that 3 of the 4 Medicare RAC territories have subscribed to McKesson Interqual criteria for their reviews. 201 Conversely as of November 2011, Quality Improvement Organisations (QIO), MAC and FI s adopted Milliman criteria 202 Per Milliman their acute care product provides: Inpatient and Surgical Care enables reviewers and providers to manage quality patient care by applying evidence- based, best- practice clinical guidelines. Anticipating appropriate clinical resources and identifying the next steps in individual patient care facilitates effective outcomes, and the independently developed Milliman Care Guidelines help drive this process. Specifically, Inpatient and Surgical Care provides evidence- based criteria, goals, care pathways and other decision- support tools, making it a valuable resource for proactive care management, case review and assessment of patients facing hospitalization or surgery. Comprehensive and easy to use, this product helps ensure optimal health outcomes, continuous quality improvement, and enhanced resource utilization. As with all Care Guidelines products, our full- time clinical faculty updates Inpatient and Surgical Care annually with the most current medical research. and best- practice benchmarks. 203 Per McKesson Interqual their acute care product provides: The InterQual product line was founded on the desire to establish that foundation and to empower providers, payers and others to more easily communicate, collaborates and ultimately pursues what is best for patients. InterQual Criteria cover the medical and behavioral health continuums of care. InterQual products are widely used by hospitals and payers because they understand that the rigor used to develop the criteria helps to ensure quality - the right cares at the right time in the right setting. By supporting more clinically appropriate utilization decision, signs- 2- rac- contractors- use- interqual- analytics- tools Copyright 2012 William L. Malm, ND, CMAS & AAMAS

340 InterQual criteria help produce shorter lengths of stay, fewer readmissions, lower overall costs and ultimately significant returns on investment. 204 Both of these software products perform many of the same functions, which are to determine the overall appropriateness of care (including decisions for inpatient admission or procedure) based upon evidence based medicine criteria. Both companies state that the evidenced based medicine decision- making tools provide the following outcomes: Evidenced based medicine guidelines that span the continuum of care All evidenced based medicine guidelines are current (updated by both companies at regular intervals) Provide inpatient and observation guidelines Detect and provide reports on actionable items for concurrent correction within patient care Provide return on investment through appropriate care management. Integrate quality measure from TJC / JCAHO and others Provide tools for ensuring medical necessity. In summation, Utilization Management is an essential function of any healthcare provision process. Each payer has a mixture of tools and guidelines to ensure that they pay only for medically necessary services. While Medicare has national guidelines that are often mirrored for Medicaid and commercial / managed care payers, Medicaid and other payers are more specific. The auditor will need to have all the payer regulations, interpretative guidelines and other tools (i.e. Milliman or McKesson Interqual) or payer published guidelines as references. It is important to note that nationally, CMS does not prescribe to any proprietary guidelines (Interqual / Milliman) however, many of the MACs, FI s and QIOs as well as the RACs do. It may be necessary to audit the record using many different techniques especially if denied in order to address all concern on appeal. Audit Takeaway Point: Use the criteria specific to the payer and/or state. Always use authoritative guidance or regulations (i.e. Social Security Act, CFR 42, Transmittals, and NCD/LCD) and not proprietary guidance for Medicare and Medicaid. The hierarchy for utilization management should depend upon the payer being audited HEDIS AND QUALITY MEASURES Copyright 2012 William L. Malm, ND, CMAS & AAMAS

341 The Healthcare Effectiveness Data and Information Set (HEDIS) is a tool used by more than 90 percent of America's health plans to measure performance on important dimensions of care and service. 205 The HEDIS measurements are presented on report cards that measure how members of health plans rate the quality and their care and service across the nation. This tool is frequently used by persons seeking to compare health plans quality and care. Many of these report cards and measures are found on commercial payer websites such as Aetna. HEDIS offers three programmes, which are: HEDIS Survey Vendor Certification Programme HEDIS Compliance Audit Programme HEDIS Software Certification Programme According to HEDIS, there is a very distinct Measure Development Process HEDIS uses a multi- step method involving literature review, vetting with stakeholders and then field- testing the result. HEDIS uses attributes to assess measures for comparison among the health systems and not measures for quality improvement. HEDIS defines the health system as being an MCO, PPO, Physician group practice, hospital or other acute / non- acute care. 206 HEDIS utilizes several categories such as: Relevance which relates to whether the information obtained is important to different groups. It looks to ensure it is meaningful, has relevance to health importance, financial importance, cost effectiveness and strategic importance to healthcare or consumer. It evaluates the variability in the health systems as well as potential improvements. Scientific Soundness is based on the clinical evidence ensuring that the data is reproducible, valid and accurate. Within this category HEDIS considers the validity of the data when used by multiple sources or health providers. A salient point is the reproducibility of the data. In other words, can the data be used by multiple groups and still come up with the same valid conclusion. Feasibility which addresses whether the measure has reasonable specifications and is it relevant. This area involves a precise specification, reasonable cost, confidentiality and logistical feasibility Auditability - involves the measure of susceptibility to manipulation where a person or group could game the system in a fashion that would make it undetectable in an audit. HEDIS tools demonstrate a benchmark in which outside parties can compare insurance plans in a predictable and valid fashion thereby expecting valid results from the comparison Copyright 2012 William L. Malm, ND, CMAS & AAMAS

342 4-14 SARBANES OXLEY ACT Wikipedia provides the best overall description of Sarbanes- Oxley Act (a.k.a. SOX) for the non- legal mind. The Sarbanes Oxley Act of 2002 (Pub.L , 116 Stat. 745, enacted July 30, 2002), also known as the 'Public Company Accounting Reform and Investor Protection Act' (in the Senate) and 'Corporate and Auditing Accountability and Responsibility Act' (in the House) and commonly called Sarbanes Oxley, Sarbox or SOX, is a United States federal law enacted on July 30, 2002, which set new or enhanced standards for all U.S. public company boards, management and public accounting firms The bill was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom It does not apply to privately held companies. The act contains 11 titles, or sections, ranging from additional corporate board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law... It created a new, quasi- public agency, the Public Company Accounting Oversight Board, or PCAOB, charged with overseeing, regulating, inspecting and disciplining accounting firms in their roles as auditors of public companies. The act also covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure... Sarbanes Oxley contains 11 titles that describe specific mandates and requirements for financial reporting. Each title consists of several sections, summarized below. 1. Public Company Accounting Oversight Board (PCAOB) Title I consists of nine sections and establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services ("auditors"). It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX. 2. Auditor Independence Title II consists of nine sections and establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation, and auditor reporting requirements. It restricts auditing companies from providing non- audit services (e.g., consulting) for the same clients. 3. Corporate Responsibility Title III consists of eight sections and mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the 342 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

343 interaction of external auditors and corporate audit committees, and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviours of corporate officers and describes specific forfeitures of benefits and civil penalties for non- compliance. For example, Section 302 requires that the company's "principal officers" (typically the Chief Executive Officer and Chief Financial Officer) certify and approve the integrity of their company financial reports quarterly. [4] 4. Enhanced Financial Disclosures Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off- balance- sheet transactions, pro- forma figures and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures, and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports. 5. Analyst Conflicts of Interest Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest. 6. Commission Resources and Authority Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SEC s authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, advisor, or dealer. 7. Studies and Reports Title VII consists of five sections and requires the Comptroller General and the SEC to perform various studies and report their findings. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations and enforcement actions, and whether investment banks assisted Enron, Global Crossing and others to manipulate earnings and obfuscate true financial conditions. 8. Corporate and Criminal Fraud Accountability 343 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

344 Title VIII consists of seven sections and is also referred to as the Corporate and Criminal Fraud Accountability Act of It describes specific criminal penalties for manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle- blowers. 9. White Collar Crime Penalty Enhancement Title IX consists of six sections. This section is also called the White Collar Crime Penalty Enhancement Act of This section increases the criminal penalties associated with white- collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense. 10. Corporate Tax Returns Title X consists of one section. Section 1001 states that the Chief Executive Officer should sign the company tax return. 11. Corporate Fraud Accountability Title XI consists of seven sections. Section 1101 recommends a name for this title as Corporate Fraud Accountability Act of It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC to resort to temporarily freezing transactions or payments that have been deemed "large" or "unusual". 207 Some of the key provisions can be found within the following sections of the Law. Section 302: Corporate Responsibility and Financial Reports This section sets forth the overall corporate responsibility including some certifications as to the reporting. Some specifics are that: o The report does not contain material omissions or statements that may be considered misleading o The information represents accurately the financial condition of the company o Signing officers are responsible for internal controls and have evaluated these internal controls and have reviewed these controls within the last 90 days and reported their findings o Deficiencies in internal controls or information on fraud involving employees involved in internal controls is represented (copyrighted by Wikipedia 2010) 344 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

345 o Significant or material changes to internal controls that could have a negative impact are reported. 208 Section 401: o This section comes under Title IV, the area discussing Enhanced Financial Disclosures. Specifically this pertains to the substance of the disclosure in periodic reports o Overall it discusses requirements for financial statements to be accurate and presented in a manner that does not contain incorrect statements. it should also include all material off- balance sheet liabilities, obligations or transactions. 209 o Additionally there is a requirement for the Commission to review and determine if GAAP and other regulations are meaningful reporting by issuers. 210 Section 404: o This section also falls under Title IV, Enhanced Financial Disclosures o This section is a key and costly component of SOX. It requires management and the external auditor / auditing firm to report on the overall adequacy of the company s internal control over financial reporting. o To combat the cost of the increased requirements the Public Company Accounting Oversight Board approved a new Auditing Standard, No. 5, for public accounting firms 211 Section 409: o This section also falls under Title IV, Enhanced Financial Disclosures o Companies are required to report immediately material changes in their financial statements or in their operations leading to material changes Section 802: o This section describes the criminal penalties under SOX o Section 802(a) states: Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both. 212 o Additionally there are penalties for other matters. For example, there is up to a 10- year sentence for accountants who fail to maintain their workpapers and records according to regulation for 5 years Copyright 2012 William L. Malm, ND, CMAS & AAMAS

346 Section 1107: o Provides up to a 10- year prison sentence for whomever knowingly or with intent to retaliate to any person for providing information to law enforcement relating to the commission of any federal offense. (See 18 U.S.C. 1513(e)) o This is known as the whistleblower protection regulation 4-15 GENERAL HEALTH INSURANCE REIMBURSEMENT METHODOLOGIES Health insurance reimbursement methodologies are varied. In hospitals today you may experience a DRG or case rate methodology. Case rates for medical services versus surgical services vary. There is the outpatient prospective payment for Medicare, fee schedules or APGs for outpatient services. Physicians are paid on fee schedule methodology. Payers each have their own methodology or variation of Medicare s payment systems. We will review some of these methods at this time: MEDICARE REIMBURSEMENT METHODOLOGIES Medicare utilizes a prospective payment system for facilities and a fee schedule method for physicians and non- physician practitioners. Inpatient services are paid under the Acute Care Inpatient Prospective Payment System or IPPS. This system is driven by the diagnosis codes(s) causative of the admission and course of the inpatient stay. The physician on discharge provides the diagnosis codes. Additionally, the procedure codes are abstracted based on the patient s medical record. These are then placed through a grouper and an MS- DRG (Medicare Severity Adjusted Diagnosis Related Group) is determined. This is the basis for the reimbursement. Additionally, should the cost to provide the service so exceed the reimbursement by Medicare, an outlier payment is provided to minimize the impact to the facility. The outpatient prospective payment system (OPPS) is the reimbursement methodology for all outpatient facility services. Unlike the IPPS, the procedure code (CPT or HCPCS Level II) is used to represent the service rendered. Diagnosis codes on the claim provide the medical necessity validation for the test, procedure, service, medication or supply. These procedures are grouped, much like the diagnosis codes for IPPS, into a prospective payment for the facility. The concept of bundling is pervasive in this reimbursement method. Like the IPPS system, an outlier concept applies to provide a stopgap of sorts for facilities experiencing costs in excess of reimbursement. Both the IPPS and OPPS are updated yearly and the rules are published in the Federal Register. In addition to these prospective payment systems, Medicare has systems for Skilled Nursing, Rehabilitation (inpatient and outpatient), and End Stage Renal Disease (ESRD). Physicians are reimbursed according to a fee schedule method known as the Medicare Physician Fee Schedule (MPFS). Like the OPPS system the reimbursement is driven by the procedure codes as published by the American Medical Association. MPFS utilizes the CPT code; HCPCS Level II codes to 346 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

347 assign a specific reimbursement based on the work (RVU). Like the OPPS system, MPFS utilizes the ICD- 9 diagnosis code to provide medical necessity validation for the service rendered. Medicare also has other fee schedules driving reimbursement for Ambulance Services, Durable Medical Equipment (DME), and Clinical Laboratory Services. For hospital services, reimbursement can be a combination of prospective payment systems and fee schedule. An example is an Emergency Department visit in which the patient has services from the radiology fee schedule (MPFS), laboratory fee schedule and OPPS. For further information we recommend: SNF - Home Health - Inpatient Rehabilitation - Inpatient Psychiatric - Medicare Advantage Programs - Physician Fee Schedule - Clinical Laboratory Fee Schedule - MEDICAID REIMBURSEMENT METHODS Medicaid differs between states. Some states such as New York subscribe to a prospective payment method similar to Medicare s IPPS and OPPS systems. California s Medi- Cal provides a prospective payment method for facilities and a form of physician s fee schedule. Iowa utilizes the APG (ambulatory payment grouping) methodology. So in most states there is a fee schedule, prospective payment system or a blended method of the two. Medicaid payment methodologies are generally described in detail on the individual Medicaid s website. A listing of the Medicaid websites is provided within Core Domain 4-12 (Utilization Management). Each auditor must know and understand the reimbursement and regulatory requirements of the state in which they operate. COMMERCIAL & MANAGED CARE CONTRACTING 347 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

348 Commercial and Managed Care reimbursement is as varied as the companies themselves. Commercial contracts with facilities and physicians generally group services. For example, obstetrics are usually contracted as a case rate whereby the physician and/or hospital receive a singular payment for the entire episode of care from first visit until the 6- week postpartum visit. Additionally, the payer and hospitals will have carve outs whereby a separate payment is made for these items. Typical carve out s in hospital contracts are for high cost implants (revenue code 0278) and high cost drugs (0636 revenue code especially for chemotherapy. For inpatient services commercials can utilize their own DRG grouper and pay based on procedures performed and diagnosis codes. The outpatient services can be paid on an APG (ambulatory payment group) or fee schedule. How the facility or physician is paid ultimately depends upon the contract between the payer and the provider/ supplier. Most commercial payers will post their reimbursement methodologies on their website. As an example we provide the following link for Blue Cross of Tennessee. ( medicare/reimbursement.shtml) The Managed Care Contracting Signature Series gives the basics of managed care contracting by risks. On the payer side, there are three basic groups: HMOs (including POS), PPOs (generally including self- funded employers), and IPAs (including PHOs and large multispecialty groups). These groups have varying degrees of risk for medical costs for a group of enrollees, and are seeking to minimize those medical costs. This can be done either by passing on a portion of their risk to another party, or by taking the risk but attempting to limit the amount of services used and the prices paid, and thus the cost. A fairly typical example is an HMO contracting for professional services to an IPA through a capitation agreement, after which the IPA attempts to negotiate favorable rates with its individual PCP and specialist members. Here, the HMO has effectively passed much of its risk to the IPA, while the IPA has minimized its price risk through contracting and will attempt to manage its utilization risk. On the provider side, there are also three basic groups: hospitals, IPAs, and individual practitioners (including ancillary service companies). These groups are willing to contract with payers at discounted rates to obtain a flow of patients they would not otherwise receive. This implies that there is little if any motivation for a provider to contract with a payer at discounted rates if the payer is unwilling or unable to "steer" patients through financial or other incentives. This logic holds not only for traditional indemnity payers, but also for PPOs, employers, and workman's compensation firms that do not offer their members an incentive for using an in- network provider. 213 Germaine to the concept of managed care is capitation. Patrick C. Alguire, M.D., in the American College of Physicians magazine defines capitation as: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

349 Capitation is a fixed amount of money per patient per unit of time paid in advance to the physician for the delivery of health care services. The ranges of services that are provided, the number of patients involved, determine the actual amount of money paid and the period of time during which the services are provided. Capitation rates are developed using local costs and average utilization of services and therefore can vary from one region of the country to another. In many plans, a risk pool is established as a percentage of the capitation payment. Money in this risk pool is withheld from the physician until the end of the fiscal year. If the health plan does well financially, the money is paid to the physician; if the health plan does poorly, the money is kept to pay the deficit expenses. 214 In summary, commercial and managed care is driven by the contract between the payer and provider/supplier. The auditor will need a copy of this contract in order to reconcile charges and billed amounts against the payer reimbursement. The auditor should work with the facility managed care department or the physician to attain these contracts EMPLOYEE RETIREMENT INCOME SECURITY ACT (ERISA) The Employee Retirement Income Security Act of 1974 (ERISA) (Public Law , 88 Stat.829) was passed into law September 2, This Act established a minimum standard for pension plans as a result of a rash of underfunded plans with employee consequences. It also regulates the tax effect of any transaction associated with an employee benefit plan. Per the U.S. Department of Labor (DOL): The Employee Retirement Income Security Act of 1974 (ERISA) is a federal law that sets minimum standards for pension plans in private industry. ERISA does not require any employer to establish a pension plan. It only requires that those who establish plans must meet certain minimum standards. The law generally does not specify how much money a participant must be paid as a benefit. ERISA requires plans to regularly provide participants with information about the plan including information about plan features and funding; sets minimum standards for participation, vesting, benefit accrual and funding; requires accountability of plan fiduciaries; and gives participants the right to sue for benefits and breaches of fiduciary duty. ERISA also guarantees payment of certain benefits through the Pension Benefit Guaranty Corporation, a federally chartered corporation, if a defined plan is terminated. The Department of Labor s (DOL) Employee Benefits Security Administration (EBSA) enforces ERISA erisa.htm 349 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

350 ERISA mandates specific parameters regarding employee retirement funds. Vesting: As of 2006, benefits in a defined contribution (401) (k) pension plan must become vested at 100% after three years of service. Alternatively, with a two- six year graded vesting plan (20% a year for each year of service (after second year) and ending with 100% after six years.) 216 Funding: ERISA established the minimum funding requirements for a qualified benefit plan. Defined contribution plans are always fully funded, even if the employee has not yet become vested in the employer contributions. 217 As of 2008, the funding requirement for a single employer is that the plan must be fully funded. In other words the assets must be in excess of the plan s liabilities. If the plan is not fully funded it is considered an at- risk status. ERISA has different funding requirements than does the single employer plan. Multiemployer pension plans continue to maintain many of the prior funding of standard account. For more information regarding funding we recommend The ERISA has several titles. These are as follow: 1. Title 1 Protection of Employee Benefit Rights 2. Title 2a General Provisions 3. Title 2b Regulatory Provisions 4. Title 3 Jurisdiction, Administration, Enforcement; Joint Pension Task Force Etc 5. Title 4 Plan Termination Insurance A fantastic overview of these Titles can be found on Wikipedia. The following is copied in its entirety from Wikipedia and Wikipedia wholly owns its content under the use rights. TITLE I: PROTECTION OF EMPLOYEE BENEFIT RIGHTS Title I protects employees' rights to their benefits. The following are some of the ways in which it achieves that goal: Participants must be provided plan summaries. Employers are required to report information about the plan to the Labor Department and provide it to participants upon request. The information is reported on Form 5500, which is available for public inspection and may be viewed at websites such as freeerisa.com and Free5500.com Copyright 2012 William L. Malm, ND, CMAS & AAMAS

351 If a participant requests, the employer must provide the participant with a calculation of her or his accrued and vested pension benefits. Employers have fiduciary responsibility to the participants and to the plan. Certain transactions between the employer and the plan are prohibited. A pension plan is barred from investing more than 10% of its assets in employer securities. Title I also includes the pension funding and vesting rules described above. The United States Department of Labor's Employee Benefits Security Administration is responsible for overseeing Title I, promulgating regulations implementing and interpreting the statute as well as conducting enforcement. Plan fiduciaries and plan participants may also bring certain civil causes of action in Federal Court. TITLE II: AMENDMENTS TO THE INTERNAL REVENUE CODE RELATING TO RETIREMENT PLANS Title II amended the Internal Revenue Code (IRC). The changes include the following: The addition of various requirements for a pension plan to be tax- favoured ("qualified"), including: o the plan must offer retirees the option of a joint- and- survivor annuity, o benefits under the plan may not discriminate in favour of officers and highly- paid employees, and o plans are subject to the pension funding and vesting rules described above. The imposition of maximum limits on the annual benefit that may be paid from a qualified defined benefit pension plan and the annual contribution that may be made to a qualified defined contribution pension plan. The creation of individual retirement accounts (IRAs). Revision of the rules concerning the maximum tax deduction allowed with respect to a contribution to a pension plan. The imposition of an excise tax if the employer fails to make a required contribution to a pension plan or engages in transactions prohibited by ERISA. 351 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

352 TITLE III: JURISDICTION, ADMINISTRATION, ENFORCEMENT; JOINT PENSION TASK FORCE, ETC. Title III outlines procedures for co- ordination between the Labor and Treasury Departments in enforcing ERISA. It also created the Joint Board for the Enrollment of Actuaries, which licenses actuaries to perform a variety of actuarial tasks required of pension plans under ERISA. The Joint Board administers two examinations to prospective Enrolled Actuaries. After an individual passes the two exams and completes sufficient relevant professional experience, she or he becomes an Enrolled Actuary. TITLE IV: PLAN TERMINATION INSURANCE Title IV created the Pension Benefit Guaranty Corporation (PBGC) to insure benefits of participants in underfunded terminated plans. It also describes the procedures that a pension plan must follow in order to terminate. Single- employer plans Standard termination An employer may terminate a single- employer plan under a standard termination if the plan's assets equal or exceed its liabilities. If the assets are less than the liabilities, the employer must contribute the amount necessary to fully fund the plan. A standard termination is sometimes referred to as a voluntary termination because the employer has chosen to terminate the plan. In a standard termination, all accrued benefits under the plan become 100% vested. The plan must purchase annuity contracts for all participants. If the plan permits the payment of lump sums, employees may be offered the choice of a lump sum payment or an annuity. If any assets remain in the plan after a standard termination has been completed, the provisions of the plan control their treatment. In some plans, the excess assets revert to the employer; in other plans, the excess assets must be used to increase participants' benefits. 352 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

353 Distress termination An employer may terminate a single- employer plan under a distress termination if the employer demonstrates to the PBGC that: the employer is facing liquidation under bankruptcy proceedings, the costs of continuing the plan will cause the business to fail, or the costs of continuing the plan have become unreasonably burdensome solely because of a decline in the employer's workforce. If the PBGC finds that a distress termination is appropriate, the plan's liabilities are calculated and compared with its assets. Depending on the difference between the two values, the termination may be treated as if it had been a standard termination or as if it had been initiated by the PBGC. Termination initiated by the PBGC PBGC may initiate proceedings to terminate a single- employer plan if it determines that: the employer has not made its minimum required contributions to the plan, the plan will not be able to pay benefits when due, or PBGC's long- term cost can be expected to be unreasonably higher if it does not terminate the plan. A termination initiated by the PBGC is sometimes called an involuntary termination. The benefits paid by the PBGC after a plan termination may be less than those promised by the employer. See Pension Benefit Guaranty Corporation for details. Multiemployer plans A multiemployer plan may be terminated in one of three ways: It may be amended so that participants receive no credit for future service, All contributing employers may withdraw from the plan or stop making contributions to it, or It may be converted into a defined contribution plan Copyright 2012 William L. Malm, ND, CMAS & AAMAS

354 In addition to these benefits ERISA does have direct implications for healthcare. Within the ERISA regulations we find the following: Consolidated Omnibus Budget Reconciliation Act of 1985 (COBRA) o Provides employees and beneficiaries with the right to continue their coverage under a group health benefit plan. o The eligible employee may be responsible for premiums up to 102% of the cost of the plan. o Eligibility is a key issue when reviewing COBRA. According to the Department of Labor (DOL) website, Frequently Asked Question the following is provided as guidance: There are three elements to qualifying for COBRA benefits. COBRA establishes specific criteria for plans, qualified beneficiaries, and qualifying events: Plan Coverage - Group health plans for employers with 20 or more employees on more than 50 percent of its typical business days in the previous calendar year are subject to COBRA. Both full and part- time employees are counted to determine whether a plan is subject to COBRA. Each part- time employee counts, as a fraction of an employee, with the fraction equal to the number of hours that the part- time employee worked divided by the hours an employee must work to be considered full time. Qualified Beneficiaries - A qualified beneficiary generally is an individual covered by a group health plan on the day before a qualifying event who is an employee, the employee's spouse, or an employee's dependent child. In certain cases, a retired employee, the retired employee's spouse, and the retired employee's dependent children may be qualified beneficiaries. In addition, any child born to or placed for adoption with a covered employee during the period of COBRA coverage is considered a qualified beneficiary. Agents, independent contractors, and directors who participate in the group health plan may also be qualified beneficiaries. Qualifying Events - Qualifying events are certain events that would cause an individual to lose health coverage. The type of qualifying event will determine who the qualified beneficiaries are and the amount of time that a plan must offer the health coverage to them under COBRA. A plan, at its discretion, may provide longer periods of continuation coverage. 354 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

355 Qualifying Events for Employees: Voluntary or involuntary termination of employment for reasons other than gross misconduct Reduction in the number of hours of employment Qualifying Events for Spouses: Voluntary or involuntary termination of the covered employee's employment for any reason other than gross misconduct Reduction in the hours worked by the covered employee Covered employee's becoming entitled to Medicare Divorce or legal separation of the covered employee Death of the covered employee Qualifying Events for Dependent Children: Loss of dependent child status under the plan rules Voluntary or involuntary termination of the covered employee's employment for any reason other than gross misconduct Reduction in the hours worked by the covered employee Covered employee's becoming entitled to Medicare Divorce or legal separation of the covered employee Death of the covered employee. 219 Complying with the regulations for ERISA (COBRA) can be cumbersome and confusing. The Department of Labor has issued specific compliance guidance documents to help health plans with these requirements. Some specific guidance for health plans at: Reporting and Disclosure Guide for Employee Health Plans: o Understanding Your Fiduciary Responsibility Under A Group Health Plan: o For additional information on the COBRA component of ERISA we recommend: o plans/cobra.htm The Health Insurance Portability and Accountability Act of 1996 (HIPAA) o This is covered in detail in Core Domain 4.8 above Copyright 2012 William L. Malm, ND, CMAS & AAMAS

356 o To recap, HIPAA prohibits a health benefit plan from refusing to cover pre- existing medical conditions within some circumstances. It also prevents health benefit plans from specific types of discrimination (health status, genetics or disability) o For further information on HIPAA we recommend: Act Other components of ERISA include the following: o o o Newborn and Mother s Health Protection Act Mental Health Parity Act Women s Health and Cancer Rights Act For future reference the entire ERISA review can be found at: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

357 EXHIBITS AUDIT SAMPLES AND FORMS SURGICAL AUDIT SAMPLES ANESTHESIA RECORD The following pages depict the anaesthesia record commonly found within facilities and ambulatory surgery centres. When auditing anaesthesia records there are several factors reflected. Anaesthesia start / stop time Medications administered IV s and specialty supplies It is important to note that for most hospital Medicare billing a CPT code for the procedure is not required only utilization of revenue code 037x series. However, for all professional services claims (CMS- 1500) a CPT code for the anaesthesia procedure will be required. Additionally, several commercial payers also require the CPT code for the procedure on the UB- 04. Ultimately the auditor must be aware of the type of audit being conducted and follow the contract or regulatory guidance. Other important facets of the record are determining who is providing the anaesthesia and who is supervising if not an attending physician. Regulations provide guidance on how many anaesthetists can be concurrently supervised by one physician anaesthesiologist and still meet regulations. So the time in and time out for anaesthesia is crucial. 357 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

358 358 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

359 359 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

360 360 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

361 OPERATING ROOM (INTRA- OPERATIVE) DOCUMENTS 361 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

362 362 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

363 363 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

364 POST ANESTHESIA / RECOVERY UNIT DOCUMENTS 364 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

365 365 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

366 366 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

367 NICU HIGH DOLLAR EXAMPLE CLAIMS 367 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

368 368 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

369 APPENDIX A REVENUE CODE TABLES The revenue codes are no longer published as part of the Medicare Claims Processing Manual and therefore cannot be published here. However all data is copyrighted by NUBC. We therefore recommend that the auditor contact the National Uniform Billing Committee (NUBC) at and purchase a copy of the UB- 04 Specifications Manual. APPENDIX B NATIONAL COVERAGE DETERMINATIONS The following is a list of NCDs as of 01- March Further information can be obtained at: coverage- database/indexes/ncd- alphabetical- index.aspx?bc=baaaaaaaaaaa& NCD NCD TITLE Hour Ambulatory Esophageal ph Monitoring Abarelix for the Treatment of Prostate Cancer Abortion 30.3 Acupuncture Acupuncture for Fibromyalgia Acupuncture for Osteoarthritis Adult Liver Transplantation Air- Fluidized Bed Alpha- fetoprotein Ambulatory Blood Pressure Monitoring Ambulatory EEG Monitoring 10.6 Anesthesia in Cardiac Pacemaker Surgery Anti- Cancer Chemotherapy for Colorectal Cancer Anti- Inhibitor Coagulant Complex (AICC) Antigens Prepared for Sublingual Administration Apheresis (Therapeutic Pheresis) Aprepitant for Chemotherapy- Induced Emesis Arthroscopic Lavage and Arthroscopic Debridement for the Osteoarthritic Knee 20.9 Artificial Hearts and Related Devices Assessing Patient's Suitability for Electrical Nerve Stimulation Therapy 10.5 Autogenous Epidural Blood Graft Bariatric Surgery for Treatment of Morbid Obesity 30.1 Biofeedback Therapy Biofeedback Therapy for the Treatment of Urinary Incontinence 369 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

370 Bladder Stimulators (Pacemakers) Blood Brain Barrier Osmotic Disruption for Treatment of Brain Tumours (Effective March 20, 2007) Blood Counts Blood Glucose Testing Blood Platelet Transfusions Blood Transfusions Blood- Derived Products for Chronic Non- Healing Wounds Bone (Mineral) Density Studies Breast Reconstruction Following Mastectomy Carcinoembryonic Antigen Cardiac Catheterization Performed in Other than a Hospital Setting Cardiac Output Monitoring by Thoracic Electrical Bioimpedance (TEB) Cardiac Pacemaker Evaluation Services 20.8 Cardiac Pacemakers 20.1 Cardiac Rehabilitation Programs Cardiointegram (CIG) as an Alternative to Stress Test or Thallium Stress Test Carotid Body Resection/Carotid Body Denervation Carotid Sinus Nerve Stimulator Cavernous Nerves by Electrical Stimulation with Penile Plethsmography 30.8 Cellular Therapy Certain Drugs Distributed by the National Cancer Institute Challenge Ingestion Food Testing Chelation Therapy for Treatment of Atherosclerosis Chemical AversionTherapy for Treatment of Alcoholism 40.3 Closed- Loop Blood Glucose Control Device (CBGCD) 50.3 Cochlear Implantation 50.7 Cochleostomy with Neurovascular Transplant for Meniere's Disease Collagen Crosslinks, any Method Collagen Meniscus Implant Colonic Irrigation Colorectal Cancer Screening Tests Computed Tomography 80.9 Computer Enhanced Perimetry 70.2 Consultation Services Rendered by a Podiatrist in a Skilled Nursing Facility 70.1 Consultations with a Beneficiary's Family and Associates Continuous Positive Airway Pressure (CPAP) Therapy For Obstructive Sleep Apnea (OSA) Corset Used as Hernia Support Counseling to Prevent Tobacco Use Cryosurgery of Prostate Cytogenetic Studies 370 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

371 NCD NCD TITLE Cytotoxic Food Tests Deep Brain Stimulation for Essential Tremor and Parkinson s Disease Dental Examination Prior to Kidney Transplantation Dermal Injections for the Treatment of Facial Lipodystrophy Syndrome (LDS) 40.1 Diabetes Outpatient Self- Management Training Diagnosis and Treatment of Impotence Diagnostic Breath Analyses Diagnostic Endocardial Electrical Stimulation (Pacing) Diagnostic Pap Smears Diathermy Treatment Digital Subtraction Angiography Digoxin Therapeutic Drug Assay Dimethyl Sulfoxide (DMSO) Displacement Cardiography Durable Medical Equipment Reference List Electrical Aversion Therapy for Treatment of Alcoholism Electrical Continence Aid Electrical Nerve Stimulators Electrical Stimulation (ES) and Electromagnetic Therapy for the Treatment of Wounds Electrocardiographic Services Electroencephalographic Monitoring During Surgical Procedures Involving the Cerebral Vasculature Electron Microscope Electronecephalographic (EEG) Monitoring During Open- Heart Surgery 50.2 Electronic Speech Aids 30.4 Electrosleep Therapy Electrotherapy for Treatment of Facial Nerve Paralysis (Bell's Palsy) Endoscopy 80.8 Endothelial Cell Photography Enteral and Parenteral Nutritional Therapy Erythropoiesis Stimulating Agents (ESAs) in Cancer and Related Neoplastic Conditions Esophageal Manometry Ethylenediamine- Tetra- Acetic (EDTA) Chelation Therapy for Treatment of Atherosclerosis Evoked Response Tests 20.2 External Counterpulsation (ECP) Therapy for Severe Angina 20.5 Extracorporeal Immunoadsorption (ECI) Using Protein A Columns Extracorporeal Photopheresis 20. Extracranial- Intracranial (EC- IC) Arterial Bypass Surgery Copyright 2012 William L. Malm, ND, CMAS & AAMAS

372 NCD Fabric Wrapping of Abdominal Aneurysms NCD TITLE FDG PET for All Other Cancer Indications Not Previously Specified FDG PET for Brain, Cervical, Ovarian, Pancreatic, Small Cell Lung, and Testicular Cancers FDG PET for Breast Cancer FDG PET for Colorectal Cancer FDG PET for Dementia and Neurodegenerative Diseases FDG PET for Esophageal Cancer FDG PET for Head and Neck Cancers FDG PET for Infection and Inflammation FDG PET for Lung Cancer FDG PET for Lymphoma FDG PET for Melanoma FDG PET for Myocardial Viability FDG PET for Refractory Seizures FDG PET for Soft Tissue Sarcoma FDG PET for Thyroid Cancer Fecal Occult Blood Test Fluidized Therapy Dry Heat for Certain Musculoskeletal Disorders Food Allergy Testing and Treatment Gamma Glutamyl Transferase Gastric Balloon for Treatment of Obesity Gastric Freezing Gastrophotography Gyrated Haemoglobin/Gyrated Protein Granulocyte Transfusions Gravlee Jet Washer Hair Analysis Heart Transplants Heartsbreath Test for Heart Transplant Rejection Heat Treatment, Including the Use of Diathermy and Ultra- Sound for Pulmonary Conditions Hemodialysis for Treatment of Schizophrenia Hemorheograph Hepatitis Panel/Acute Hepatitis Panel HIS Bundle Study Histocompatibility Testing 40.2 Home Blood Glucose Monitors Home Health Nurses' Visits to Patients Requiring Heparin Injection Home Health Visits to a Blind Diabetic Home Oxygen Use to Treat Cluster Headache (CH) 372 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

373 NCD NCD TITLE Home Prothrombin Time/International Normalized Ratio (PT/INR) Monitoring for Anticoagulation Management Home Use of Oxygen Home Use of Oxygen in Approved Clinical Trials 70.5 Hospital and Skilled Nursing Facility Admission Diagnostic Procedures Hospital Beds Human Chorionic Gonadotropin Human Immunodeficiency Virus (HIV) Testing (Diagnosis) Human Immunodeficiency Virus (HIV) Testing (Prognosis Including Monitoring) Human Tumour Stem Cell Drug Sensitivity Assays 80.1 Hydrophilic Contact Lens For Corneal Bandage 80.4 Hydrophilic Contact Lenses Hyperbaric Oxygen Therapy Hyperthermia for Treatment of Cancer 20.4 Implantable Automatic Defibrillators Implantation of Anti- Gastroesophageal Reflux Device Incontinence Control Devices INDEPENDENCE ibot 4000 Mobility System Induced Lesions of Nerve Tracts Infrared Therapy Devices Infusion Pumps Injection Sclerotherapy for Esophageal Variceal Bleeding 10.3 Inpatient Hospital Pain Rehabilitation Programs Inpatient Hospital Stays for Treatment of Alcoholism Institutional and Home Care Patient Education Programs 40.4 Insulin Syringe Intensive Cardiac Rehabilitation (ICR) Programs Intestinal and Multi- Visceral Transplantation Intestinal Bypass Surgery Intraocular Lenses (IOLs) 80.6 Intraocular Photography Intraoperative Ventricular Mapping Intrapulmonary Percussive Ventilator (IPV) 30.6 Intravenous Histamine Therapy Intravenous Immune Globulin for the Treatment of Autoimmune Mucocutaneous Blistering Diseases Intravenous Iron Therapy Invasive Intracranial Pressure Monitoring Islet Cell Transplantation in the Context of a Clinical Trial L- Dopa 373 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

374 NCD Laboratory Tests - CRD Patients 30.7 Laetrile and Related Substances Laparoscopic Cholecystectomy Laser Procedures NCD TITLE Levocarnitine for use in the Treatment of Carnitine Deficiency in ESRD Patients Lipid Testing Lumbar Artificial Disc Replacement (LADR) Lung Volume Reduction Surgery (Reduction Pneumoplasty) Lymphocyte Immune Globulin, Anti- Thymocyte Globulin (Equine) Lymphocyte Mitogen Response Assays Magnetic Resonance Angiography Magnetic Resonance Imaging Magnetic Resonance Spectroscopy Mammograms Manipulation Medical Nutrition Therapy Melodic Intonation Therapy 20.3 Microvolt T- Wave Alternans (MTWA) Mobility Assistive Equipment (MAE) Multiple Electroconvulsive Therapy (MECT) Nebulized Beta Adrenergic Agonist Therapy for Lung Diseases Nesiritide for Treatment of Heart Failure Patients Neuromuscular Electrical Stimulaton (NMES) Non- Implantable Pelvic Floor Electrical Stimulator Noncontact Normothermic Wound Therapy (NNWT) Noninvasive Tests of Carotid Function Nonselective (Random) Transfusions and Living Related Donor Specific Transfusions (DST) in Kidney Transplantation Nuclear Radiology Procedure Obsolete or Unreliable Diagnostic Tests 80.2 Ocular Photodynamic Therapy (OPT) Ornish Program for Reversing Heart Disease Osteogenic Stimulators 10.4 Outpatient Hospital Pain Rehabilitation Programs Outpatient Hospital Services for Treatment of Alcoholism 40.7 Outpatient Intravenous Insulin Treatment 50.5 Oxygen Treatment of Inner Ear/Carbon Therapy Pancreas Transplants Partial ThromboplastinTime (PTT) 374 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

375 NCD Partial Ventriculectomy Pediatric Liver Transplantation Percutaneous Image- Guided Breast Biopsy 20.7 Percutaneous Transluminal Angioplasty (PTA) Peridex CAPD Filter Set PET for Perfusion of the Heart NCD TITLE 80.1 Phaco- Emulsification Procedure - Cataract Extraction 90.1 Pharmacogenomic Testing for Warfarin Response Phrenic Nerve Stimulator 70.3 Physician's Office Within an Institution- - Coverage of Services and Supplies Incident to a Physician's Services Plastic Surgery to Correct Moon Face Plethysmography Pneumatic Compression Devices Porcine Skin and Gradient Pressure Dressings Portable Hand- Held X- Ray Instrument Positron Emission Tomography (FDG) for Oncologic Conditions Positron Emission Tomography (NaF- 18) to Identify Bone Metastasis of Cancer Positron Emission Tomography (PET) Scans Postural Drainage Procedures and Pulmonary Exercises Prolotherapy, Joint Sclerotherapy, and Ligamentous Injections with Sclerosing Agents 70.4 Pronouncement of Death Prostate Cancer Screening Tests Prostate Specific Antigen Prosthetic Shoe Prothrombin Time (PT) Pulmonary Rehabilitation Services 80.7 Refractive Keratoplasty Routine Costs in Clinical Trials Sacral Nerve Stimulation For Urinary Incontinence Scalp Hypothermia During Chemotherapy to Prevent Hair Loss 80.5 Scleral Shell Screening for the Human Immunodeficiency Virus (HIV) Infection Screening Pap Smears and Pelvic Examinations for Early Detection of Cervical or Vaginal Cancer Seat Lift Self- Contained Pacemaker Monitors Sensory Nerve Conduction Threshold Tests (sncts) Serologic Testing for Acquired Immunodeficiency Syndrome (AIDS) Serum Iron Studies 375 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

376 NCD NCD TITLE Services Provided for the Diagnosis and Treatment of Diabetic Sensory Neuropathy with Loss of Protective Sensation (aka Diabetic Peripheral Neuropathy) Single Photon Emission Computed Tomography (SPECT) Sleep Testing for Obstructive Sleep Apnea (OSA) Smoking and Tobacco- Use Cessation Counseling 50.1 Speech Generating Devices Speech- Language Pathology Services for the Treatment of Dysphagia Stem Cell Transplantation Stereotactic Cingulotomy as a Means of Psychosurgery Stereotaxic Depth Electrode Implantation Sterilization Supplies Used in the Delivery of Transcutaneous Electrical Nerve Stimulation (TENS) and Neuromuscular Electrical Stimulation (NMES) Surgery for Diabetes Surgical or Other Invasive Procedure Performed on the Wrong Body Part Surgical or Other Invasive Procedure Performed on the Wrong Patient Sweat Test Sykes Hernia Control Telephone Transmission of EEGs The Pritikin Program Therapeutic Embolization Thermal Intradiscal Procedures (TIPs) 30.2 Thermogenic Therapy Thermography 20.3 Thoracic Duct Drainage (TDD) in Renal Transplants Thyroid Testing 50.6 Tinnitus Masking 50.4 Tracheostomy Speaking Valve 30.5 Transcendental Meditation 10.2 Transcutaneous Electrical Nerve Stimulation (TENS) for Acute Post- Operative Pain Transcutaneous Electrical Nerve Stimulators (TENS) Transfer Factor for Treatment of Multiple Sclerosis 30.9 Transillumination Light Scanning or Diaphanography 20.6 Transmyocardial Revascularization (TMR) Transsexual Surgery Transvenous (Catheter) Pulmonary Embolectomy Treatment of Actinic Keratosis Treatment of Alcoholism and Drug Abuse in a Freestanding Clinic Treatment of Decubitus Ulcers 376 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

377 NCD NCD TITLE Treatment of Drug Abuse (Chemical Dependency) Treatment of Kidney Stones Treatment of Motor Function Disorders with Electric Nerve Stimulation 40.5 Treatment of Obesity Treatment of Psoriasis Tumour Antigen by Immunoassay - CA Tumour Antigen by Immunoassay - CA 15-3/CA Tumour Antigen by Immunoassay - CA Ultrafiltration Monitor Ultrafiltration, Hemoperfusion and Hemofiltration 50.8 Ultrasonic Surgery Ultrasound Diagnostic Procedures Urinary Drainage Bags Urine Culture, Bacterial Uroflowmetric Evaluations 10.1 Use of Visual Tests Prior to and General Anesthesia during Cataract Surgery Vabra Aspirator Vagus Nerve Stimulation (VNS) 20.1 Vertebral Artery Surgery Vertebral Axial Decompression (VAX- D) 80.3 Verteporfin Vitamin B12 Injections to Strengthen Tendons, Ligaments, etc., of the Foot Vitrectomy Water Purification and Softening Systems Used in Conjunction with Home Dialysis White Cane for Use by a Blind Person Withdrawal Treatments for Narcotic Addictions Wrong Surgical or Other Invasive Procedure Performed on a Patient Xenon Scan 377 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

378 APPENDIX C - NATIONAL HEALTH CARE BILLING AUDIT GUIDELINES AAMAS DISCLAIMER AAMAS recognizes that due to the age of this document it may contain references to outdated manuals and forms. AAMAS is proactively leading an effort to update these guidelines and hopes to have a newly revised version available for publication in the very near future. That version, which you may read by clicking here, will be fully coordinated with all interested parties. GUIDELINES These guidelines are for audits that relate to the documentation or support of charges included in or omitted from a bill. Billing audits and therefore these guidelines do not address questions concerning: the level or scope of care, medical necessity, or the pricing structure of items or services delivered by providers. Providers and payers should have qualified personnel and mechanisms in place to deal with these issues DEFINITIONS Audit log: An historical record kept by a payer or provider that records the audit experience related to particular party. Bill: Any document that represents a provider s request for payment. (Also referred to as invoice or claim.) Billing audit: A process to determine whether data in a provider s health record, and/or by appropriate and referenced medical policies, documents or support services listed on a provider s bill. Providers conduct such audits either through an internal control process or by hiring and external audit firm. (These audits can be conducted on a retrospective or concurrent basis and commonly are referred to as revenue recovery audit.) Also, third party payers conduct billing audits through their employees or their agents. (Also known as chart audit or charge review.) Concurrent Audit: a billing audit conducted before the issuance of an interim or final bill. Retrospective Audit: a billing audit conducted after the issuance of an interim or final bill. Health record: A compilation of data supporting and describing an individual s health care encounter including data on diagnoses, treatment, and outcomes. (Formerly known as medical record or clinical record.) 378 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

379 Unbilled charges: The volume of services indicated on a bill is less than the volume identified in a provider s health record documentation. (Also known as undercharges.) Unsupported or undocumented charges: The volume of services indicated on a bill exceeds the total volume identified in a provider s health record documentation. (Also known as over- charge.) QUALIFICATIONS OF AUDITORS AND AUDIT COORDINATORS All persons performing billing audits as well as persons functioning as provider audit coordinators should have appropriate knowledge, experience, and/or expertise in a number of areas of health care including, but not limited to the following areas: Format and content of the health record as well as other forms of medical/clinical documentation. Generally accepted auditing principles and practices as they may apply to billing audits. Coding, including ICD- 8- CM, CPT, HCPCS, and medical terminology Billing claims forms, including the UB- 82, UB- 92, the HCFA 1500 and charging and billing procedures All state and federal regulations concerning the use, disclosure, and confidentiality of all patient records Specific critical care units, specialty areas, and/or ancillary unity involved in a particular audit Providers or payers who encounter audit personnel who do not meet these qualifications should immediately contact the auditor s firm or sponsoring party. Audit personnel should be able to work with a variety of healthcare personnel and patients. They should always conduct themselves in an acceptable, professional manner and adhere to ethical standards, confidentiality requirements, and objectivity. They should completely document their findings and problems. The auditor must document all unsupported or unbilled charges identified in the course of an audit in the audit report. Individual audit personnel should not be placed in a situation through their remuneration, benefits, contingency fee, or other instructions that would call their findings into question. In other words, compensation of audit personnel should be structured so that it does not create any incentives to produce questionable audit findings. Providers or payers who encounter an individual who appears to be involved in a conflict of interest should contact the appropriate management of the sponsoring organization. 379 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

380 NOTIFICATION OF AUDIT Payers and providers should make every effort to resolve billing inquiries directly. To support this process, the name and contact telephone number (and/or facsimile number) of each payer or provider representative should be exchanged no later than the time of billing for a provider and the point of first inquiry by a payer. If a satisfactory resolution of the questions surrounding the bill is not achieved by payer and provider representatives, then a full audit process may be initiated by the payer. Generally, billing audits require documentation from or review of a patient s health record and other similar medical/clinical documentation. Health records exist primarily to ensure continuity of care for a patient; therefore, the use of a patient s health record for an audit must be secondary to its use in patient care. To alleviate the potential conflict with clinical uses of the health record and to reduce the cost of conducting a necessary audit, all payer- billing audits should begin with a notification to the provider of intent to audit. Notification should occur no later than twelve months after receipt of the final bill. Once notified, the provider shall respond to the qualified billing auditor within one month with a schedule for the conduct of the audit. When there is a substantial and continuing relationship between a payer and a provider, this relationship may warrant a notification period other than twelve months. Both parties should attempt to complete the audit process as soon as possible after such a notification. Providers should conduct concurrent reviews of their bills before issuing bills to a payer. Provider retrospective audits should occur within twelve months of billing. All requests for audits, whether telephonically, electronic, or written should include the following information: The basis of the payer s intent to conduct an audit on a particular bill or group of bills. (When the intent is to audit only specific charges or portions of the bill(s) this information should be included in the notification request.) Name of patient; birth date; date of admission and discharge, or first and last dates of service; provider s account number and, patient s coverage (payer s) number Name of auditor and the name of the audit firm Whom to contact at the payer institution and, if applicable, at the agent institution to discuss this request and schedule the audit Auditors should conduct audits at a provider s site unless otherwise agreed. On- site audits prevent unnecessary photocopying of the health records and better ensure confidentiality of the records. In addition, on- site reviews encourage or promote mutual understanding of the records and afford both parties the opportunity to quickly and efficiently handle questions that may arise. 380 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

381 Some audits cannot be conducted on- site. Therefore, a provider may choose to allow individual, reasonable requests for off- site audits. Such off- site audits should conform in all respects to the guidelines for billing audits set forth in this document, adjusting how the guidelines are met to recognize that the auditors are not on- site. Under some circumstances providers may charge auditors a reasonable fee to cover photocopying and other costs associated with an off- site audit. Unless otherwise agreed, auditors should make a request for an audit with providers at least 21 calendar days before the desired time for and audit. Providers should respond to such a request within one month of the request and schedule the audit on a mutually agreed date and time not later than 90 days post request. Providers who cannot accommodate an audit request that conforms to these guidelines should explain why the request couldn t be met by the provider in a reasonable period of time. Auditors should group audits to increase efficiency whenever possible. If a provider believes an auditor will have problems addressing records, the provider should notify the auditor prior to the scheduled date of audit. Providers should supply the auditor/payer with any information that could affect the efficiency of the audit once the auditor is on- site. PROVIDER AUDIT COORDINATORS Providers should designate an individual to coordinate all billing audit activities. An audit coordinator should have the same qualifications as an auditor. (See pp.3-4, Qualifications of Auditors and Audit Coordinators.) Duties of an audit coordinator included, but are not limited to, the following areas: Scheduling an audit Advising other provider personnel/departments of a pending audit Ensuring that an informed consent for the release of health information has been obtained Gathering the necessary documents for the audit Coordinating auditor requests for information, space in which to conduct an audit, and access to records and provider personnel Orienting auditors to hospital audit procedures, record documentation conventions, and billing practices Acting as a liaison between the auditor and other hospital personnel Conducting an exit interview with the auditor to answer questions and review findings Reviewing the auditor s final written report and following up on any charges still in dispute Arranging for payment as applicable Arranging for any required adjustment to bills or refunds 381 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

382 CONDITIONS AND SCHEDULING OF AUDITS In order to have a fair, efficient, and effective audit process, providers and payer auditors should adhere to the following recommendations: 1. Whatever the original intended purpose of the billing audit, all parties should agree to recognize, record or present any identified unsupported or unbilled charges discovered by the audit parties. 2. Late billing should not be precluded by the scheduling of an audit. 3. The parties involved in the audit should mutually agree to set and adhere to a predetermined time frame for the resolution of any discrepancies, questions, or errors that surface in the audit. 4. An exit conference and a written report should be part of each audit. If the provider waives the exit conference, the auditor should note that action in the written report. The specific content of the final report should be restricted to those parties involved in the audit. 5. The provider has 60 days to contest all findings, otherwise the audit shall be considered finalized. 6. Once both parties agree to the audit findings, audit results are final. 7. All personnel involved should maintain a professional courteous manner and resolve all misunderstandings amicably. 8. At times, the audit will note on- going problems either with the billing or documentation process. When this situation occurs, and it cannot be corrected as part of the exit process, the management of the provider or payer organization should be contacted to identify the situation and take appropriate steps to resolve the identified problem. Parties to an audit should eliminate on- going problems or questions whenever possible as part of the audit process. CONFIDENTIALITY AND AUTHORIZATION All parties to a billing audit must comply with federal and state laws and contractual agreements regarding the confidentiality of patient information. All payer, audit, and provider organizations conducting or involved with billing audits should have provisions in their codes of ethics outlining their obligation to protect the confidentiality of patient information. In addition, these organizations should have explicit policies and procedures protecting the confidentiality of all patient information in their possession and disposal of this information. The release of medical records requires authorization from the patient. Such authorization shall be provided for in the condition or admission or equivalent statement procured by the hospital upon admission of the patient. If no such statement is obtained, an authorization for a billing audit shall be required. Authorization need not be specific to the insurer or auditor conducting the audit. Such authorization should be obtained by the billing audit firm or payer and shall include at least the following information: 382 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

383 Patient s full name, address, and date of birth Purpose for releasing/obtaining the information Date that consent is signed Signature of patient or legal representative A patient s assignment of benefits shall include a presumption of authorization to review records. The audit coordinator or medical records representative shall confirm for the audit representative that a condition of admission statement is available for the particular audit that needs scheduling. The provider will inform the requester, on a timely basis, if there are any federal or state laws prohibiting or restricting review of the medical record and if there are institutional confidentiality policies and procedures affecting the review. These institutional confidentiality policies shall not be specifically oriented in order to delay an onsite audit. DOCUMENTATION Verification of charges will include the investigation of whether or not: Services were delivered by the institution in compliance with the Physician s plan of treatment (in appropriate situations, professional staff may provide supplies or follow procedures that are in accordance with established institutional policies, procedures include items that are specifically documented in a record but are referenced in medical or clinical policies. All such policies should be reviewed, approved, and documented as required by the Joint Commission Accreditation of Healthcare Organizations or other accreditation agencies. Policies should be available for review to the auditor.) Services are documented in health or other appropriate records as having been rendered to the patient Charges are reported on the bill accurately The health record documents clinical data on diagnoses, treatments and outcomes. It was not designed to be a billing document. A patient health record generally documents pertinent information related to care. The health record may not back up each individual charge on the patient bill. Other signed documentation for services provided to the patient may exist within the provider s ancillary departments in the form of department treatment logs, daily charges records, individual service/order tickets, and other documents. Auditors may have to review a number of other documents to determine valid charges. Auditors must recognize that these sources of information are accepted as reasonable evidence that the services ordered by the physician were actually provided to the patient. Providers must ensure that proper policies and procedures exist to specify what documentation and authorization must be in the health record and in the ancillary records and/or logs. These procedures document that services have been 383 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

384 properly ordered for and delivered to patients. When sources other than the health record are providing such documentation, the provider should make those sources available to the auditor. FEES AND PAYMENTS Payment of a bill should be made promptly and should not be delayed by an audit process. Payment on a submitted bill from a third- party payer should be based on amounts billed and covered by the patient s benefit plan. A payment of 95% of the insurance liability shall be an acceptable amount prior to the scheduling of an audit. Based on 95% of payment by the payer, all hospital audit fees shall be waived. A payment of less than 95% is appropriate when state and federal regulations apply. Any payment identified in the audit results that is owed to either party by the other should be settled by the audit parties within a reasonable period of time, not to exceed 30 days after the audit unless the two parties agree otherwise. NEWS Career Opportunities Current Events Nat'l Audit Guidelines NAIC Model Act AAMAS W 44th Avenue Suite 304 Wheat Ridge, CO Fax: Copyright 2012 William L. Malm, ND, CMAS & AAMAS

385 APPENDIX D: EXAMPLE PAYER POLICY BLUE CROSS AND BLUE SHIELD 385 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

386 386 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

387 387 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

388 APPENDIX E: REFERENCES RURAL HEALTH CMS Overview: CENTER FOR MEDICARE AND MEDICAID SERVICES - LINKS Hospital Outpatient PPS Overview Critical Access Hospitals Center Ambulatory Surgery Center Hospital Center Pharmacy Center Physician Center Practice Administration Center Rural Health Clinic Center Skilled Nursing Facility Center Disproportionate Share Hospital (DSH) Information Hospital Quality Initiatives Overview CMS Manuals CMS Transmittals CMS Medlearn Matters Summary Documents CMS Quarterly Provider Update Activity HCPCS Update Files ICD- 9 Overview ICD- 10 Overview Outpatient Code Editor (OCE) Overview National Correct Coding Initiative - Overview/Manuals National Correct Coding Initiative Edits - Hospitals National Correct Coding Initiative Edits - Physicians Intermediary- Carrier Directory Medicare Coverage Database Lab NCD Coding Policy Manual and Change Report 388 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

389 Physician Fee Schedule - Relative Value Files Laboratory Fee Schedule Drug ASP Pricing and NDC Crosswalk Files Appeals Original Medicare (Fee- for- service) Appeals The Medicare Appeals Process Medicare Outpatient Prospective Payment System (OPPS) Final OPPS Rule for 2011 RAC APPROVED ISSUES REGION A - DCS REGION B - CGI REGION C - CONNOLLY REGION D - HDI OFFICE OF INSPECTOR GENERAL - LINKS Anti- Fraud and Abuse Agency OIG's Current Workplan U.S. GOVERNMENT PRINTING OFFICE - LINKS Federal Register Contents Browser & Search Engine NTIS US DEPARTMENT OF COMMERCE - LINKS 389 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

390 National Technical Information Index (Central Federal Repository) DEPARTMENT OF HEALTH & HUMAN SERVICES - LINKS Department of Health and Human Services DEPARTMENT OF HEALTH & HUMAN SERVICES - LINKS National Institutes of Health CENTER FOR DRUG EVALUATION - LINKS Center for Drug Evaluation and Research The National Drug Code Directory 390 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

391 APPENDIX F - TYPE OF BILL The following table lists Type of Bill, FL4, codes by Provider Number Range(s). For a definition of each facility type, see the Medicare State Operations Manual. Bill Type Code 011X 012X 013X 014X 018X 021X 022X 023X 028X 032X 033X 034X 041X 071X 072X 073X 074X 075X 076X 081X 082X 083X 085X Hospital Inpatient (Part A) Hospital Inpatient Part B Hospital Outpatient Hospital Other Part B Hospital Swing Bed SNF Inpatient SNF Inpatient Part B SNF Outpatient SNF Swing Bed Home Health Home Health Home Health (Part B Only) Religious Nonmedical Health Care Institutions Clinical Rural Health Clinic ESRD Federally Qualified Health Centers Clinic OPT Clinic CORF Community Mental Health Centers Nonhospital based hospice Hospital based hospice Hospital Outpatient (ASC) Critical Access Hospital (CAH) 391 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

392 APPENDIX G - NAIC MODEL ACT WHAT IS NAIC? The National Association of Insurance Commissioners (NAIC) is an Internal Revenue Code Section 501(c)(3) non- profit organization which seeks to organize the regulatory and supervisory efforts of the various state insurance commissioners from around the United States... The NAIC acts as a forum for the creation of model laws and regulations. Each state decides whether to pass each NAIC model law or regulation, and each state may make changes in the enactment process, but the models are widely, albeit somewhat irregularly, adopted. The NAIC also acts at the national level to advance laws and policies supported by state insurance regulators. The NAIC also is responsible for creating the statutory accounting principles (SAP) upon which insurance accounting is based. SAP is often contrasted with Generally Accepted Accounting Principles (GAAP) and is notable for its very conservative valuation methods. Additionally the NAIC promulgates the NAIC annual statement, which incorporates SAP and must be filed with the department of insurance in every state in which an insurance company writes business. The NAIC is not a regulator; while its members are the insurance commissioners (i.e., the chief insurance regulators) of each state and territory, the NAIC is a non- governmental organization that concerns itself with insurance regulatory matters but does not actually regulate. The states have not delegated their regulatory authority to the NAIC. Although the NAIC's mandate is to benefit state regulators and insurance consumers by promoting uniform laws and regulations, by promoting uniformity of regulation among the states, it also makes it easier for insurance companies to comply with the laws and regulations in all states in which they do business. 220 THE NAIC MODEL ACT - AAMAS Title This Act shall be known and may be cited as the Health Carrier Claim Audit Guidelines Model Act. Purpose and Intent The purpose of this Act is to provide for the reasonable standardization of state- wide claim audit guidelines of health care bills for health care services and their reimbursement by health carriers, preferred provider organizations, third party administrators, or any other health benefit plan to Copyright 2012 William L. Malm, ND, CMAS & AAMAS

393 determine whether data in a health care record of an institutional provider is supported by services listed on the claim for payment of an insured or an institutional provider. It is further the purpose of this Act to alleviate the potential conflict of the audit with medical uses of the health record and to reduce the cost of conducting a necessary audit. Drafting Note: States should consider coordinating with other state agencies and amending other state laws to provide for sanctions against institutional providers that violate provisions of state insurance law. Definitions For purposes of this Act: "Ambulatory surgical centre" means an establishment with an organized medical staff of physicians, with permanent facilities that are equipped and operated primarily for the purpose of performing surgical procedures, with continuous physician services and registered professional nursing services available whenever a patient is in the centre, that does not provide services or other accommodations for patients to stay overnight, and that offers the following services whenever a patient is in the centre: drug services as needed for medical operations and procedures performed, provisions for physical and emotional well- being of patients, provision of emergency services, organized administrative structure and administrative, statistical and medical records. "Claim audit" means a process to determine whether data in a claimant's medical record for health care documents health care services listed on a claim for payment submitted to a carrier. Claim audit does not mean a review of the medical necessity of the services provided, or the reasonableness of charges for the services National Association of Insurance Commissioners 32-1 "Claimant" means an insured or enrolee under a health benefit plan who receives surgical or inpatient care, the costs of which are submitted to a carrier for payment, either by the claimant or by another on the claimant's behalf. "Final claim" means the final itemized bill from an institutional provider detailing all the charges for which the institutional provider is seeking payment. "Health benefit plan" means a policy, contract, certificate or agreement entered into, offered or issued by a health carrier to provide, deliver, arrange for, pay for or reimburse any of the costs of health care services. "Health care services" means services for the diagnosis, prevention, treatment, cure or relief of a health condition, illness, injury or disease. "Health carrier" or "carrier" means an entity subject to the insurance laws and regulations of this state, or subject to the jurisdiction of the commissioner, that contracts or offers to contract, or enters into an agreement to provide, deliver, arrange for, pay for or reimburse any of the costs of health care services, including a sickness and accident insurance company, a health maintenance organization, a provider- sponsored organization, a non- profit hospital and health 393 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

394 service corporation, or any other entity providing a plan of health insurance, health benefits or health services. "Institutional provider" means an institution providing health care services in a health care setting, including but not limited to hospitals, other licensed inpatient centres, ambulatory surgical centres, skilled nursing centres and residential treatment centres. "Medical record" means a compilation of charts, records, reports, documents, and other memoranda maintained by an institutional provider wherever located, to record or indicate the past or present condition, sickness or disease, and treatment rendered, physical or mental, of a patient. "Qualified claim auditor" means a person employed by a corporation or firm that is recognized as competent to perform or coordinate claim audits and that has explicit policies and procedures protecting the confidentiality and disposal of all patient information in its possession. "Underbilled charges" means the volume of services indicated on a claim is less than the volume identified in the institutional provider's medical documentation; also known as undercharges. "Unbilled charges" means charges or services provided for and not billed. "Unsupported charges" or "undocumented charges" means the volume of services indicated on a claim exceeds the total volume identified in the institutional provider's medical documentation; also known as overcharges. Applicability and Scope This Act shall apply to all health carriers. The institutional provider accepting assignment of benefits of an insured shall be responsible for the conduct and results of the claim audit whether conducted by an employee or by contract with another firm. The institutional provider and carrier shall: Exercise proper supervision of the process to ensure that the audit is conducted in accordance with the requirements of this Act; Be aware of the actions being undertaken by the auditor in connection with the claim audit and its related activities; and Take prompt remedial action if inappropriate behaviour by the auditor is discovered. Qualifications of Auditors and Institutional Provider Audit Coordinators All persons performing claim audits as well as persons functioning as institutional provider audit coordinators shall have appropriate knowledge, experience, and expertise in health care including, but not limited to, the following areas: o Format and content of the health record as well as other forms of medical and clinical documentation; o Generally accepted auditing principles and practices as they apply to claim audits; o Billing claims forms, including the UB92 and the HCFA 1500, and charging and billing procedures; 394 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

395 o o o All state and federal regulations concerning the use, disclosure and confidentiality of patient records; Specific critical care units, specialty area, and ancillary units involved in a particular audit; and Coding, including ICD- 9, CPT, HCPCS and medical terminology. Institutional providers or carriers that encounter audit personnel who do not meet these qualifications shall immediately contact the auditor's firm or sponsoring party. Audit personnel shall conduct themselves in a professional manner and adhere to ethical standards and confidentiality requirements, and shall remain objective. They shall completely document their findings and problems. The auditor shall document all unsupported, unbilled or underbilled charges identified in the course of an audit in the audit report. Individual audit personnel shall not be placed in a situation through their remuneration, benefits, contingency fees or other instructions that would call their findings into question. Compensation of audit personnel shall be structured so that it does not create incentives to produce questionable audit findings. Institutional providers or carriers that encounter an individual who appears to have a conflict of interest shall contact the appropriate management of the sponsoring organization. Notification of Audit Carriers and institutional providers shall make every effort to resolve claim inquiries directly. The name, contact telephone number and facsimile number of each carrier or institutional provider representative shall be exchanged no later than at the time of billing for an institutional provider and the point of first inquiry by a carrier. Drafting Note: Subsection A states that resolution of questionable charges may be resolved telephonically. It often happens that an auditor representing a carrier must travel many miles and incur hotel, plane, and other expenses in order to perform an on- site audit. If the institutional provider is unable to resolve charges at the time of audit, resolution by telephone or fax saves time and money for the carrier and removes the incentive to postpone audit completion for the institutional provider. If carrier and institutional provider representatives do not achieve a satisfactory resolution of the questions surrounding the bill, then the carrier may initiate a full audit process. Claim audits require documentation from or review of a patient's health record and other similar medical or clinical documentation. Health records exist primarily to ensure continuity of care for a patient; therefore, the use of a patient's record for an audit must be secondary to its use in patient care. All carrier claim audits shall begin with a notification to the institutional provider of intent to audit. Notification to the institutional provider by the qualified claim auditor shall occur within six (6) months following receipt of the final claim for payment by the carrier. Once notified, the institutional provider shall respond to the qualified claim auditor within one month with a schedule for the conduct of the audit. The qualified auditor shall complete the audit within 395 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

396 twelve (12) months of receipt of the final claim by the carrier. When there is a substantial and continuing relationship between a carrier and an institutional provider, this relationship may warrant a notification, response and audit schedule other than that outlined in this Act. Each party shall make reasonable provisions to accommodate circumstances in which the schedule specified couldn t be met by the other party. The carrier will not request nor accept audits after twelve (12) months from the date of receipt of the final claim. All claim audits shall be conducted on the premises of the institutional provider ("onsite") except in instances where an institutional provider chooses to allow individual, reasonable requests for off- site audits. All requests for claim audits, whether telephonically, electronically or written, shall include the following information: o The basis of the carrier's intent to conduct an audit on a particular bill or group of bills. When the intent is to audit only specific charges or portions of the bills, this information should be included in the notification request; o Name of the patient; o Admit and discharge dates; o Name of the auditor and the name of the audit firm; o Medical record number and institutional provider's patient account number; and o Whom to contact to discuss the request and scheduled audit. Institutional providers that cannot accommodate an audit request that conforms to these guidelines shall explain why the request cannot be met in a reasonable period of time and shall be provided with a reasonable period to reschedule the audit. Auditors shall group audits to increase efficiency whenever possible. It shall be the responsibility of the institutional provider seeking payment of a claim or reimbursement under a managed care contract to notify the auditor prior to the scheduled date of audit, if the auditor will have problems accessing records. As a condition for payment, the institutional provider shall be responsible for supplying the auditor with any information that could affect the efficiency of the audit once the auditor is on- site. Institutional Provider Audit Coordinators Institutional providers shall designate an individual to coordinate all claim audit activities. An audit coordinator shall have the same qualifications as required for an auditor pursuant to Section 5 of this Act. The duties of an audit coordinator include, but are not limited to, the coordination of the following areas: o Scheduling an audit; o Advising other institutional provider personnel and departments of a pending audit; o Ensuring that the condition of admission statement is part of the medical record; o Verifying that the auditor is an authorized representative of the carrier; o Gathering the necessary documents for the audit; o Coordinating auditor requests for information, space in which to conduct an audit, and access to records and institutional provider personnel; 396 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

397 o o o o o o Orienting auditors to hospital surgery centre audit procedures, record documentation conventions, and billing practices; Acting as a liaison between the auditor and other institutional provider personnel; Conducting an exit interview with the auditor to answer questions and review audit findings; Reviewing the auditor's final written report and following up on any charges still in dispute; Arranging for payment as applicable; and Arranging for any required adjustment to bills or refunds. Conditions and Scheduling of Audits In order to have a fair, efficient, and effective audit process, institutional providers and carrier auditors shall adhere to the following requirements: o Whatever the original intended purpose of the claim audit, all parties shall agree to recognize, record or present any identified unsupported, unbilled or underbilled charges discovered by the audit parties; o The scheduling of an audit shall not preclude late billing; o Parties involved in the audit shall mutually agree to set and adhere to a predetermined time frame for the resolution of any discrepancies, questions or errors that surface in the audit; o An exit conference and a written report shall be part of each audit; if the institutional provider waives the exit conference, the auditor shall note that action in the written report. The specific content of the final report shall be restricted to those parties involved in the audit; o The institutional provider shall be afforded sixty (60) days to contest all findings, after which the audit shall be considered final; o Once both parties agree to the audit findings, audit results are final; o All personnel involved shall maintain a professional, courteous manner and resolve all misunderstandings amicably; and o At times, the audit will note on- going problems either with the billing or documentation process. When this situation occurs, and it cannot be corrected as part of the exit process, the management of the institutional provider and carrier shall be contacted to apprise them of the situation. The institutional providers and carriers shall take appropriate steps to resolve the identified problem. Parties to an audit shall eliminate on- going problems or questions whenever possible as part of the audit process. Confidentiality and Authorizations All parties to a claim audit shall comply with all federal and state laws and any contractual agreements regarding the confidentiality of patient information. The release of medical records requires authorization from the patient. An authorization shall be provided for in the condition of admission or equivalent statement procured by the institutional provider upon admission of the patient. If no such statement is obtained, an authorization for a claim audit is required. The authorization need not be specific to the insurer or auditor conducting the audit. 397 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

398 The authorization shall be obtained by the claim audit firm or institutional provider and shall include at least the following information: o The name of the carrier and, if applicable, the name of the audit firm that is to receive the information; o The name of the institution that is to release the information; o The full name, birth date, and address of the patient whose records are to be released; o The extent or nature of the information to be released, with inclusive dates of treatment; o The institutional provider's patient account number if included on the bill; and o The signature of the patient or his legal representative and the date the consent is signed. o A patient's assignment of benefits shall include a presumption of authorization to review records. o The audit coordinator or medical records representative shall confirm for the audit representative that a condition of admission statement is available for the particular audit that needs scheduling. o The institutional provider will inform the requestor, on a timely basis, if there are any federal or state laws prohibiting or restricting review of the medical record and if there are institutional confidentiality policies and procedures affecting the review. These institutional confidentiality policies shall not be specifically oriented in order to delay an external audit. Section 10. Documentation Verification of charges shall include the investigation of whether or not: o Charges are reported on the bill accurately; o Services are documented in medical or other appropriate records as having been rendered to the patient; and o Services were delivered by the institution in compliance with the physician's plan of treatment. In appropriate situations, professional staff may provide supplies or follow procedures that are in accordance with established institutional policies, procedures, or professional licensure standards. Many procedures include items that are not specifically documented in a record but are referenced in medical or clinical policies. All those policies shall be reviewed, approved, and documented as required by the Joint Commission on Accreditation of Healthcare Organizations or other accreditation agencies. Policies shall be available for review by the auditor. o The medical record documents clinical data on diagnoses, treatments and outcomes. It is not designed to be a billing document. A patient medical record generally documents pertinent information related to care. The medical record may not back up each individual charge on the patient bill. Other signed documentation for services provided to the patient may exist within the institutional provider's ancillary departments in the form of department treatment logs, daily records, individual service or order tickets, and other documents. o Auditors may have to review a number of other documents to determine valid charges. Auditors must recognize that these sources of information are accepted as reasonable evidence that the services ordered by the physician were actually provided to the patient. Institutional providers must ensure that proper policies and procedures exist to specify what documentation and authorization must be in the health record and in the ancillary records and logs. These procedures document that services have been properly ordered for and delivered to patients. When sources other than the health record are providing 398 Copyright 2012 William L. Malm, ND, CMAS & AAMAS

399 Fees and Payments documentation, the institutional provider shall notify the auditor and make those sources available to the auditor. A health carrier shall make prompt payment of a bill and shall not delay payment for an audit process. Payment on a submitted bill from a third- party carrier shall be based on amounts billed and covered by the patient's health benefit plan. B. o A payment of ninety- five percent (95%) of the insurance liability shall be an acceptable amount of payment under Subsection A prior to the scheduling of an audit. Based on ninety- five percent (95%) of payment of the insurance liability by the payer, all hospital audit fees shall be waived. o A payment of less than ninety- five percent (95%) of the insurance liability is appropriate when state regulations, federal regulations or contractual agreements apply. o In no case shall an audit fee exceed $100. Audit fees, if required, are to be paid upon commencement of the on- site claim audit. The audit parties shall settle a payment identified in the audit results that are owed to either party by the other, within a reasonable period of time not to exceed thirty (30) days after completion of the audit unless the parties agree otherwise. Photocopying and duplication charges shall not exceed [fifty- cents] per page. Drafting Note: Parties are entitled to reimbursement of costs for duplication charges. Insert the appropriate monetary amount reflecting the average duplication charges in your state. Drafting Note: Many carriers have on- going relationships with institutional providers. If a negative balance exists between the carrier and the institutional provider, that balance may be settled as future claims arise. 399 Copyright 2012 William L. Malm, ND, CMAS & AAMAS