Understanding fraud and abuse regulations
By Reed Tinsley, CPA
The Horne CPA Group, Houston
Fraud, abuse and compliance: Those words have become the battle cry of state and federal government agencies. Each represents potential nightmares for all health care providers, including physicians. It seems you can’t read a magazine or newspaper these days without seeing at least one story on health care fraud and abuse or the government’s growing investigations into allegations of false claims and overpayments.
And while the recent headlines have targeted nonphysician health care sectors such as hospitals, home health agencies, pharmacies, and reference laboratories, it is important for physicians to realize they are now the focus of more intense scrutiny by Medicare, Medicaid, and the insurance industry as a whole.
With the passage of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Balanced Budget Acts of 1997 and 1998, the federal government has allocated more money for manpower and audits — about $500 million a year — to rid the health care system of fraudulent and abusive practices. These two laws contain more than 65 provisions to fight health care fraud and have increased investigations by 40% during the last two years alone.
Unfortunately, too few physicians are concerned about fraud and abuse. Most are confident that their practice operations are compliant with Medi care billing and documentation guidelines, and they would never intentionally defraud anyone. True or not, this laissez faire attitude and false sense of security has the potential to hurt physicians financially and professionally by preventing them from focusing on the lifeblood of their practice — documentation, coding, and billing.
Many physicians do not realize that HIPAA ’96 extends the fraud and abuse regulations to all services provided to all insurance plans, not just government programs. In effect, every claim sent to an insurance plan must be "accurate and complete," or it could be reviewed as problematic enough to result in civil penalties of $5,000 to $10,000 per claim, plus treble damages under the False Claims Act. Further, the number of qui tam or whistle-blower cases — those initiated by current or ex-employees, competitors, patients, or anyone else with an ax to grind — now account for more than 58% of all false-claim cases presented to the government.
The sad reality is that even the simplest billing mistakes now can become fodder for hungry auditors from agencies such as the Health Care Financing Administration, the Office of the Inspector General, the Federal Bureau of Inves tigations, and the Department of Justice, all of whom are hellbent on recovering funds improperly received by health care providers.
And to add fuel to the paranoia fire, a 1997 General Accounting Office report on the Medi care Payment System found that nearly 22% of the $28 billion improperly paid to providers by the Medicare contractors were received by phy sicians. To say the government is out for physicians’ blood (money) is an understatement.
Taking control of your destiny
So what should physicians to do to protect their practices? The answer, of course, is to pursue a compliance "checkup." Physicians must take steps to review and improve operations, enhance documentation and coding data quality, and then, based on the findings, develop, implement, and maintain a vigilant compliance program to keep their practices out of the govern - ment’s cross hairs.
The following is the basis for a comprehensive physician reimbursement, management, and compliance analysis.
1. Complete a practice analysis to provide baseline statistics and develop a snapshot of the practice’s current operations relative to reimburse - ment, compliance, and operations. This involves a detailed review of all CPT/HCPCS codes and productivity reports for coding compatibility, unrepresented services, and baseline statistics. It also involves a detailed comparison of each physician’s E/M service utilization to specialty-specific Medicare E/M data to identify under- or overutilization of level of service codes.
Medicare utilization data can be obtained by filing a Freedom of Information Act request with the Health Care Financing Administration. Look specifically for E/M services that appear to be upcoded. The initial results of the analysis then are linked to diagnostic coding and documentation compliance to enhance revenues while reducing post-payment demands from Medicare, Medicaid, and other payers.
You also should perform a detailed review of your explanation of benefits statements. Look specifically for charge denials and why these denials occurred. Do the denials and how the charges were billed indicate a potential compliance problem or problems?
2. Because the medical record is the ultimate billing document, it is imperative that you have a thorough review of practice documentation. If necessary, the review should be conducted by a qualified reimbursement consultant. This step involves a review of coded billing documents such as superbills, encounter forms, and ancillary lab result reports for accurate code assignment. This step also includes an audit of five to 15 medical records per physician to review:
o E/M level of service justification;
o medical record compliance with the E/M documentation guidelines;
o CPT and ICD-9-CM coding compatibility;
o appropriate use of coding modifiers;
o full charge capture or improperly billed services;
o appropriate billing under the incident to provision;
o compliance with teaching physician supervision and IL-372 billing;
o compliance with medical necessity guidelines;
o compliance with Medicare’s correct coding initiatives.
Further, you should review the practice’s top ICD-9-CM diagnostic codes and develop a diagnostic-related level of service coding, cross-reference table. The type of table standardizes E/M coding by diagnosis, the objective of which is to enhance the physician’s understanding of documentation and coding by diagnostic conditions.
3. Finally, have a customized Practice Compli ance Program (PCP), based on continuous quality improvement developed and implemented. The customized PCP is a necessary evil in today’s heavily watched fraud and abuse environment. By having an effective and operational PCP, your practice may reduce any future criminal penalties by up to 95%. Further, PCPs contribute to profitability through the liability reduction, operational enhancements, and revenue enhancements by receiving and keeping appropriate service reimbursements.
With the passage of HIPAA and the expansion of health care fraud definitions and penalties to all health insurance plans, physicians are finding themselves under increased government scrutiny. Medical groups (and their physicians, officers, and board members) now may be held criminally liable for questionable billing practices, simple or "innocent" billing errors, or outright violations.
To minimize these risks, providers need to review current operations, identify exposures, and then design and implement a customized practice billing compliance program. Legal counsel should be consulted during this process. Unfortunately, most practices today think all they have to do is put in place a boilerplate compliance document and they will be in compliance. Don’t make the same mistake — it could be costly.
Reed Tinsley, CPA, is shareholder in charge of Horne CPA Group’s Houston office and an editorial advisory board member of Practice Marketing & Manage ment. He can be reached at (713) 975-1000.