Strategies to Focus Internal Audit Activities

The healthcare staffing crisis looms large over nearly every hospital, health system, and medical group in the United States. And staffing challenges extend far beyond clinical areas.

A wide variety of non-clinical healthcare positions remain vacant. For example, 85 percent of healthcare organizations surveyed by AMN Healthcare in 2022 reported a shortage of allied healthcare professionals. This includes revenue cycle and health information management (HIM) staff.

Backlogs in areas that directly impact reimbursement such as patient access, coding, clinical documentation improvement, billing, internal audits, compliance, and denial management negatively affect hospital revenue and put hospital margins in the red. This is especially difficult during a year of declining hospital margins and payer reimbursement.

According to a November 2022 report by healthcare and hospital benchmarking company Syntellis, hospital operating margins dropped for 10 consecutive months in 2022. This is undoubtedly an important harbinger of rough financial conditions in 2023.

The combination of staffing shortages, declining margins, and lower reimbursements brings renewed attention to operational expenditures. Therefore, despite staffing shortages, the hiring of additional revenue cycle staff is probably not an option for most healthcare provider organizations. However, the volume of administrative work in healthcare continues to climb. The job must still get done to prevent even greater revenue losses.

Amid these challenges, savvy revenue cycle and HIM teams are taking time to further assess operations. Are there layers of management that previously made sense but are no longer needed today? Are we forcing unproductive processes, procedures, and reporting? Do we have workflow redundancy and time-wasting tasks?

Using one specific revenue management function as an example—internal coding compliance audits—this article provides advice for teams to plan ahead despite being understaffed and underfunded. 

Planning Ahead Begins by Looking Back

A difficult financial year brings renewed attention to operational workflows and time expenditures. Dozens of processes are fraught with tasks that can be streamlined, or even eliminated, to reduce the workforce burden and free up resources for other, more intensive functions. Specifically for internal coding compliance audits, now is the time to conduct an in-depth analysis of current inter- and intra-departmental workflows to identify time drains and duplicative work.

In addition, organizations should ensure they are using every internal and external data source available to illuminate trends and guide 2023 internal audit planning. Internal audit leaders generally look ahead across two to three months and rely on data analysis to determine areas of risk their teams will focus on next.

Types of reviews could include high-risk diagnosis-related groups (DRGs), proper coding for major complications and comorbid conditions (MCCs) and complications and comorbid conditions (CCs), and outliers of state and national benchmarks on MCCs and CCs.

Use of external data sources such as Program for Evaluating Payment Patterns Electronic Report (PEPPER), recovery audit contractors (RACs), and Office of Inspector General (OIG) Work Plans can help identify current and future trends in reimbursement risk, including payer denial trends, common payer audits, and new global risk areas. When building audit plans, leaders review reports to identify and define areas of risk, and determine which risks may be applicable for their organizations. Risk areas change every year, requiring diligent reviews and consistent focus on these reports.

Internal data produced by electronic health records (EHRs) and other systems are other good sources for reference when building an internal audit plan. Payer denial and audit statistics over time reveal an organization’s weak spots for revenue risk and optimal areas for educational efforts. Highest risks based on prior audits for overbill and underbill are also important to watch. Insights should be used to inform corrective action plans and future audit initiatives.

However, with staffing burdens and financial woes on the rise, how can compliance and internal audit leaders dedicate the time and resources necessary to fully analyze these data sets and build effective plans to mitigate risk?

Cutting back on internal audits is one approach to save time and resources. But the downside of fewer audits is compliance risk and increased payer denials. What other actions can be taken to continue performing essential audits despite being understaffed?

Four Tactics to Stay Focused and Efficient

The following tactics provide new pragmatic, cost-saving options to consider when trying to focus on internal medical record audits for 2023. Regulatory issues must always be prioritized and covered, but there may be other risk areas that no longer require internal audits.

1. Weigh the potential upsides of internal audits and education against the volume of charges and payments in recent years. There may be some cases that no longer warrant the time, money, and effort of an internal audit, such as cases where volumes have decreased or are expected to decrease. Alternatively, compliance and educational initiatives in the year prior may have yielded improvements sufficient to cease internal audits of specific cases. The ability to easily extract and analyze claim and remittance information against risk criteria is critical in streamlining audit resources.
2. Sign up for newsletters, emails, and other correspondence from PEPPER, RAC, OIG, and other data sources to maintain insights into the biggest areas of risk. These organizations publish reports on their websites continually and send out notifications when a new risk area is identified. Ensure you are reviewing quarterly and annual reports to stay abreast of changing trends.
3. Work with coding experts to determine which ICD-10 and current procedural terminology codes are included for each risk area within the plan. For example, identify diagnosis and procedure codes that are commonly associated with severe malnutrition. Being able to save logic for commonly audited diagnoses can prevent rework and ensure consistencies in  audits. Use of technology to automate the criteria not only saves time but can also prevent duplicate account review.
4. Report outcomes and opportunities across key areas in the organization. Report quarterly to the executive leaders (compliance leaders, CMOs and finance leaders). Aligning findings reports and corrective action plans is an expectation of a compliant organization and helps maintain executive support and engagement.

Risk Identification During Dire Times

When other streamlining efforts fail, organizations may be forced to perform fewer internal audits due to staffing shortages. Curtailing internal audit programs is not a best practice but, if necessary, should focus only on the organization’s areas of highest risk based on volumes, charges, and organizational impact.

For these types of accounts, what has the denial and appeal performance been? Do you need to continue auditing or would a more limited lens be satisfactory? If corrective action plans have been successful and the organization is meeting internal benchmarks, internal audit focus can be reduced and efforts shifted to other risk areas.

For example, septicemia is a high-risk DRG that also often gets audited for clinical validation. If education and documentation improvement efforts here have resulted in fewer denials, you may be able to audit later in the year. The 72-hour rule is another example that can be assessed through data analysis to identify if these cases were billed appropriately and, if so, minimize the need for auditing resources.

Finding a balance between coding and billing accuracy volumes and financial risk is a tightrope walk. High-volume services and procedures may have a low dollar per claim impact.  But if they are incorrectly billed or coded will have a significant financial impact (if fault is found by government auditors).

Control What You Can

Internal audits are just one required function within compliance, HIM, and the revenue cycle. There are many others that will be negatively affected by the healthcare industry’s workforce and financial challenges in the year ahead.

Control the team’s performance by making a thorough assessment of all workflows and tasks to eliminate redundancies and overlap. Leverage technology to work smarter, not harder, in 2023. Innovative, intelligent tools are now available to replace Excel spreadsheets and disconnected systems. Successful organizations are already enhancing their revenue cycles with technology to streamline processes. No one in healthcare can afford to waste time or money in the year ahead, especially valuable revenue management teams.

Dawn Crump, MA, CHC, is the senior director of revenue cycle solutions at clinical data exchange company MRO.

Jacqueline Erickson, RHIA, CRCR, is the manager of client implementations at MRO.