The expression "RAC Attack" has gone from funny to scary with the news that the government plans to pay for the new healthcare bill in part through recoupment of what they define as overpayments to healthcare providers.
And the fact that the Recovery Audit Contractors (RACs) are paid a commission on what they recover makes the proposition of leniency a thing of the past. In particular, considering the amount of confusion often raised by the interpretation of medical coding, it becomes a "he said, she said" battle of the auditors. E/M coding presents an even bigger problem since, according to several studies published during the last few years, the average rate of disagreement among both coders and physicians for an E/M code is around 50 percent. That means that if 100 coders and/or physicians are in a room and they see a vignette on the screen, half of those present will disagree as to the E/M code that should be reported.
The Analytical RACs
A RAC, as a business entity that is paid based on success (defined here as value of recoupment), makes decisions about which medical entities to audit based on the likelihood and potential value of recoveries. In essence, the reviewer creates a risk analysis of sorts that helps predict the probability of success. As such, RACs, as well as the Office of Inspector General (OIG) and other investigative bodies, increasingly have been dependent on analytics to help them identify the most attractive targets.
Therefore, a practice should do the same: employ specific analytical tools in order to conduct similar risk assessment, with the goal being to see what it looks like to an outsider. Remember, until a RAC auditor begins to look at your organization, he/she has no idea who you are or how you practice medicine - as such they have come to a decision to review without regard to the reasons that you do what you do.
The better approach to compliance risk analysis involves focusing on the types of benchmarks that a RAC might consider in order to have a sharper picture of how your practice looks from an analytical perspective, rather than just a pure coding perspective. When performing self-evaluation one of the places you should start is with the CERT (Comprehensive Error Rate Testing) study. For an inpatient facility, the corresponding study is called the HPMP, or Hospital Payment Monitoring Program. For the purposes of this article, though, the discussion will center on CERT, which is focused on medical practices.
CERT is a study performed by The Centers for Medicare & Medicaid Services (CMS) in order to identify the most common reasons that payers make erroneous payments to practices for services and procedures. In conducting the study, CMS pulls around 100,000 claims at random and then requests copies of the 100,000 charts that correspond to those claims.
Lack of Medical Necessity
Based on the most recent CERT study, the number one reason for alleged overpayments is lack of medical necessity, at around four percent of all claims reviewed; that is, payments are made in cases which, during a subsequent review of the chart, insufficient evidence of medical necessity exists to support payment for the procedure or service.
We have seen an increase in this as a result of the use of EHR/EMR technology, which, through templates that improve or increase the level of documentation for an encounter, often reports an E/M code that does not meet medical necessity criteria despite being supported. This occurs because, even though the documentation supports the code level, the diagnoses code(s) does not.
Lack of Documentation
The second-most common reason for overpayments is lack of documentation. As an example, procedure codes 99214, 99223 and 99233 are cited as the some of the most common codes paid in error, and each of these ranks among the top 10 services with routinely insufficient documentation. Take, for example, 99223: in the May 2008 CERT report, 99223 was reported as paid in error (overpaid) 21.5 percent of the time for a total of $282 million. Code No. 99233 was reported as overpaid 18 percent of the time for around $151 million, and 99214 was reported as overpaid 6.3 percent of the time - and while that's not the top ranking by volume, at $280 million, it is the top dollar amount.
What does this have to do with RACs? As noted above, OIG has made it clear that one of the ways the new healthcare bill will be funded is through recovery of overpayments to medical practices. And since the CERT study identifies which codes are overpaid most often and it is the RACs' job to find these overpayments, logic follows that the codes listed in the CERT study are prime audit targets.
So, what can a practice do? The first step is to get a copy of the CERT study, which can be downloaded at http://www.cms.gov/CERT/. Next, take a look at your use of high-risk codes and compare it to your peers. You can do this by purchasing a copy of the P/SPS Master File and building a database of benchmark data. P/SPS stands for Physician/Supplier Procedural Services; it contains 100 percent of all Medicare claims submitted to CMS during a calendar year. This can be purchased from CMS for $250; the order form is available at http://www.cms.gov/NonIdentifiableDataFiles/06_PhysicianSupplierProcedureSummaryMasterFile.asp. You can download the Part B Carrier Summary Data Files, which are organized by payer locality, for free on the CMS website at http://www.cms.gov/NonIdentifiableDataFiles/03_PartBNationalSummaryDataFile.asp#TopOfPage. Each of these does require a bit of work to create the benchmarked data. Alternatively, there are companies that sell the utilization data by specialty and in a more user-friendly format. After you have created your peer benchmarks, compare what your code usage looks like to this file based on specialty.
For example, let's say you are an Otolaryngology/Rhinology practice and you report the 99214 as your number one ranked code at 11.4 percent of all procedures. A peer comparison shows that other ENT physicians across the country (or in your state) report the same code as the 7th-most recorded procedure at 3.85 percent of all procedures. This would mean that your practice reports 99214 with almost three times the frequency as your peer group. From a RAC's perspective, this likely would be an attractive target for an audit since 99214 already is marked as an often overutilized code yielding a high probability of significant recovery. And remember, RAC auditors get paid a commission, enough said.
This type of benchmarking actually should be performed for all procedure codes, not just E/M or those that are considered high risk. You should, for example, take the top 10 procedure codes you report and compare them to the top 10 procedure codes reported by your peer group. While measurement of statistical significance can be performed, most practices can get a pretty good idea as to whether the variance is large enough to cause concern.
While it is known that RACs and other review organizations use this type of method to profile a practice, what's not known is the exact threshold metric that might trigger an audit (if such a metric even exists). Why stop at procedure codes?
RACs and Modifiers
Any coder or biller will tell you that modifiers play a large role when it comes to denial rates within a practice, and while not necessarily part of the CERT study, they do play a role in other Medicare claim review programs such as MUE (Medically Unlikely Edits) and NCCI (National Correct Coding Initiative). Most likely, CERT soon will follow suit. For modifiers, it is recommended that you perform both qualitative and quantitative studies.
Qualitatively, you should look at your use of modifiers to make sure they comply with current rules and regulations. For example, OIG has determined that modifiers 25 and 59 quite often are used improperly; based on studies done by that government agency, they resulted in hundreds of millions of dollars in overpayments. Just the fact that OIG bothered to produce reports like that should be a hint that they are under scrutiny.
Quantitatively, look at the top individual modifiers reported by a specialty-specific peer group as a percent of all claim lines - especially for high-risk modifiers, such as 24, 25, 59, 63, etc. - and compare these to your utilization. For example, let's say that for an internal medicine physician, Modifier 59 is associated with 4.2 percent of all claim lines submitted to CMS. For your practice, the number is 12.3 percent. This means that you are reporting Modifier 59 more than three times as often as your peers. In such a case, you should pull some of those charts and have them audited to make sure you are using the modifier correctly.
The point is this: while you may be able to defend yourself successfully in a RAC audit, particularly when it comes to medical necessity, it is important to be able to assess both your risk of audit and which of your codes are most likely to be audited.
About the Author
Frank Cohen, MPA, MBB, is the senior analyst for MIT Solutions, Inc., a division of Financial Medical Management, Inc. Mr. Cohen, who co-authored, Lean Six Sigma for the Medical Practice: Improving Profits by Improving Processes," was for three years the lead analyst for American Medical Association's National Health Insurer Report Card. He is a certified Lean Six Sigma Master Black Belt and has been involved in operational, financial and utilization analysis and compliance risk assessments for thousands of medical practices.