The expression "RAC Attack" has gone from funny to scary with the news that the government plans to pay for the new healthcare bill in part through recoupment of what they define as overpayments to healthcare providers.

And the fact that the Recovery Audit Contractors (RACs) are paid a commission on what they recover makes the proposition of leniency a thing of the past. In particular, considering the amount of confusion often raised by the interpretation of medical coding, it becomes a "he said, she said" battle of the auditors. E/M coding presents an even bigger problem since, according to several studies published during the last few years, the average rate of disagreement among both coders and physicians for an E/M code is around 50 percent. That means that if 100 coders and/or physicians are in a room and they see a vignette on the screen, half of those present will disagree as to the E/M code that should be reported.

The Analytical RACs

A RAC, as a business entity that is paid based on success (defined here as value of recoupment), makes decisions about which medical entities to audit based on the likelihood and potential value of recoveries. In essence, the reviewer creates a risk analysis of sorts that helps predict the probability of success. As such, RACs, as well as the Office of Inspector General (OIG) and other investigative bodies, increasingly have been dependent on analytics to help them identify the most attractive targets.

Therefore, a practice should do the same: employ specific analytical tools in order to conduct similar risk assessment, with the goal being to see what it looks like to an outsider. Remember, until a RAC auditor begins to look at your organization, he/she has no idea who you are or how you practice medicine - as such they have come to a decision to review without regard to the reasons that you do what you do.

CERT: Self-Evaluation

The better approach to compliance risk analysis involves focusing on the types of benchmarks that a RAC might consider in order to have a sharper picture of how your practice looks from an analytical perspective, rather than just a pure coding perspective.  When performing self-evaluation one of the places you should start is with the CERT (Comprehensive Error Rate Testing) study. For an inpatient facility, the corresponding study is called the HPMP, or Hospital Payment Monitoring Program. For the purposes of this article, though, the discussion will center on CERT, which is focused on medical practices.

CERT is a study performed by The Centers for Medicare & Medicaid Services (CMS) in order to identify the most common reasons that payers make erroneous payments to practices for services and procedures. In conducting the study, CMS pulls around 100,000 claims at random and then requests copies of the 100,000 charts that correspond to those claims.

Lack of Medical Necessity

Based on the most recent CERT study, the number one reason for alleged overpayments is lack of medical necessity, at around four percent of all claims reviewed; that is, payments are made in cases which, during a subsequent review of the chart, insufficient evidence of medical necessity exists to support payment for the procedure or service.

We have seen an increase in this as a result of the use of EHR/EMR technology, which, through templates that improve or increase the level of documentation for an encounter, often reports an E/M code that does not meet medical necessity criteria despite being supported. This occurs because, even though the documentation supports the code level, the diagnoses code(s) does not.

Lack of Documentation

The second-most common reason for overpayments is lack of documentation. As an example, procedure codes 99214, 99223 and 99233 are cited as the some of the most common codes paid in error, and each of these ranks among the top 10 services with routinely insufficient documentation. Take, for example, 99223: in the May 2008 CERT report, 99223 was reported as paid in error (overpaid) 21.5 percent of the time for a total of $282 million. Code No. 99233 was reported as overpaid 18 percent of the time for around $151 million, and 99214 was reported as overpaid 6.3 percent of the time - and while that's not the top ranking by volume, at $280 million, it is the top dollar amount.

What does this have to do with RACs? As noted above, OIG has made it clear that one of the ways the new healthcare bill will be funded is through recovery of overpayments to medical practices. And since the CERT study identifies which codes are overpaid most often and it is the RACs' job to find these overpayments, logic follows that the codes listed in the CERT study are prime audit targets.