Receiving notice from a payor that you are being audited can be alarming. Questions will inevitably run through your mind, such as, Why? How? How much will this cost?
Understanding the types of payor audits and how to navigate the process can make answering those questions easier. In addition, advanced preparation and knowing when to engage legal counsel can be critical to a successful audit outcome.
There are three general types of audits that providers face: Medicare audits, Medicaid audits, and private payor audits.
Medicare audits: The agency responsible for Medicare audits is the Centers for Medicare & Medicaid Services (CMS). There are three types of Medicare audits. Comprehensive Error Rate Testing (CERT) audits focus on providers who deliver high-cost items or services, have high volume, and/or have atypical billing or coding practices. Private contractors perform Recovery Audit Contractor (RAC) program audits; these contractors are paid a percentage of the amount of any improper payment discovered. Finally, Zone Program Integrity Contractor (ZPIC) audits are the most serious of the three audit types. ZPIC audits are performed by CMS contractors who mine the provider’s data for compliance with Medicare coverage and coding policies, investigate fraud, and may prepare cases for civil or criminal referral to CMS or law enforcement agencies.
Medicaid audits: Medicaid audits evaluate compliance with both CMS and applicable state regulations and investigate fraud. Evidence of fraud will be reported to the state attorney general for further review and prosecution.
Private payor audits: Private payor audits consist of informal reviews and formal audits. These audits can be triggered by actual allegations or evidence of noncompliance, or they can be random, in which general compliance is assessed. Audit procedures are typically determined by contract or the payor’s provider handbook and in accordance with applicable state law. The process can consist of prepayment reviews, in which the sufficiency of a claim and its supporting documentation is determined before payment is made to the provider, or post-payment reviews, during which claims are analyzed after the provider has been paid to determine if an overpayment was made and the amount of such overpayment. In the event an overpayment is discovered, a recoupment will be sought from the provider.
Consistent billing by a provider of high volumes of certain high-level services, high volumes of evaluation and management services, or consistently referring patients for certain testing can create suspicion in mayors.
In recent years, the primary focus of audits has been medical necessity due to payor concerns about specific fraud and abuse issues. Documentation of medical necessity is required during an audit. However, proving medical necessity can be difficult as the definition of “medical necessity” can vary by payor and within a payor depending on the underlying plan. In addition, private payors often have arbitrary and vague guidelines for defining and determining medical necessity, particularly when dealing with physicians or ordering clinicians. For this reason, it is critical that providers read their payor contracts and manuals carefully. If those materials are unclear, it is best to confirm requirements with the payor.
Regardless of the definition, medical necessity is a precondition to coverage for all payors. Proof is required that the services were reasonable and necessary to diagnosis or treat a patient’s medical condition. To satisfy this standard, providers should document the diagnosis for all procedures performed and all diagnostic tests ordered. In the case of repeat procedures, providers should clearly note the outcome of the previous procedure and the basis for reordering.