There have been substantive changes to current coding and billing guidelines tied to clinic-based coding (e.g., 2021 American Medical Association (AMA) Evaluation and Management (E/M) Coding Guidelines, telehealth, and split/shared coding), as well as increased governmental scrutiny. As a result, proactive auditing of coding and billing practices are paramount for compliance.
The optimal method for proactively identifying coding risks and addressing them is to start by using claims and payment data to identify outliers and trends, as there are limited auditing resources publicly available. Health information management (HIM), revenue integrity, office management, medical leadership, legal, and compliance teams should collaborate to identify the key data elements to drive risk-based coding audit activity.
Potential areas of coding and billing compliance tactics, include, but are not limited to:
E/M Level Accuracy
Auditors can leverage the standard electronic billing 837P claims data to identify if certain providers more frequently submit level 4 or level 5 E/Ms than their counterparts in their specialty or subspecialty. A simple bell curve or box-and-whisker plot can help identify provider billing patterns (see example below) and help auditors take a closer, more targeted look at those E/Ms to ensure the medical decision making (MDM) and/or time support the billing code. Compliance auditors can focus on providers who are potentially dropping codes two levels above their peers.
However, it is important to note that just because a provider is billing a higher-level code does not mean they are over-coding; that provider may simply spend more time with the patient or be able to demonstrate high MDM. A good example is a geriatric psychiatrist who may spend more time counseling patients than other psychiatric colleagues.
Incorrect use of modifiers, such as unbundling of two services, can result in significant loss of revenue or overpayment. Modifiers are frequently audited by Medicare administrative contractors (MACs), recovery auditors (RAs), commercial payers, the Office of Inspector General (OIG), and other government agencies. Fortunately, these modifiers are uniformly appended to the Current Procedural Terminology (CPT®) code on the claim, and auditors can filter for these modifiers in 837P data and conduct a focused audit of the appropriate use of these modifiers.
Key modifiers to review include but are not limited to:
- Modifier 25: Appended to all E/M services performed on the same day as another major surgery by the same physician.
- Modifier 59: Used to denote distinct procedural services (i.e., services or procedures that are different or impartial from the rest of the non-E/M services performed on the same day).
- Modifier 24: Appended to unrelated E/M service offered during the post-operative period of a major surgery performed within 90 days by the same physician.
Filtering data specifically to a governmental payer (typically Medicare), a specific date of service time frame, specific provider, and/or specific CPT codes (including E/Ms) allows auditors to conduct focused audits of these modifiers to ensure they are being correctly appended. Auditors can also take it a step further and cross-reference any CPTs noted as potential outliers in the Comparative Billing Report (CBR), CPTs noted in Comprehensive Error Rate Testing (CERT) reports as prone to coding issues, or ones that have already been identified as problematic during previous audits.
The ever-evolving coding and billing rules of telehealth services are now reimbursable by governmental and commercial payers, and this area should be at the top of every organization’s audit plan. However, it is rarely feasible to audit all telehealth services. The most effective tactic is to leverage both 837P and 835 electronic remit data to pinpoint telehealth encounters with a higher likelihood of potential coding compliance issues.
Below are a few considerations to act as a starting point:
Compliance auditors can audit for claims in which a provider has submitted more than one claim for the same Medicare beneficiary during the public health emergency (PHE) but over a year apart. The Centers for Medicare & Medicaid Services (CMS) states that a patient consent to treat should be captured at the initial telehealth visit and at least once annually. If there is a trend of missing documentation of consent in the medical record, there may be an opportunity to build in edits or workflow processes in the electronic medical record (EMR).
CMS does not say a specific form needs to be completed but that some documentation of consent should be captured. It is important to note that consent form collection and documentation may vary by state, so check state requirements. Although CMS does not specifically require consent in the medical record, unless the organization has chosen to track them separately, the medical record is the ideal location from an external audit purpose. It is possible that external auditors will determine a claim is unbillable if consents are not captured, which may result in a takeback. The CMS position on telehealth consents is:1
Take the Medicare Physician Fee Schedule (MPFS) for the current year and utilize the telehealth allowable services list of CPTs and cross-reference this list with all claims that have a place of service (POS) 2 or modifier 95, which notates telehealth services. If you identify non-allowable CPT codes with modifier 95, review those claims to see if non-telehealth CPTs are being listed as telehealth services.
It is important to note that MACs may differ on guidance on appending modifier 95 to telephone-only CPTs (e.g., 99441 – 99443). Alternatively, it may be best to prioritize surgical CPTs or services that clearly must be done in person. Governmental and commercial payers utilize sophisticated technology to scrub for and deny claims with potential improper telehealth codes. View the 2022 MPFS CY 2022 PFS Final Rule List of Telehealth Services.
Areas of External Scrutiny
The OIG and commercial payers have already disclosed they will target level 5 E/Ms that are submitted as telehealth services. Submission of an E/M associated with a telehealth visit may be entirely appropriate and aligned with 2021 AMA E/M guidelines. However, given external scrutiny, practices should be proactive in reviewing these for compliance.
Additionally, the OIG has stated it will continue to focus on behavioral health services for Medicaid beneficiaries via telehealth, especially for group therapies, so, similarly, it is prudent to proactively audit CPT codes associated with behavioral health services with modifier 95 or POS 02 to ensure compliance and accuracy. View the current OIG work plan items.
These tactics should not replace routine, per-provider coding audits but can enhance the coding compliance function and give leadership a higher level of comfort if an external, targeted audit, such as those from MACs, the US Department of Health and Human Services, or OIG, were to occur, that the outcomes would be favorable. Lastly, these actions may help ensure accurate reimbursement and avoid unnecessary payer denials.
1. CMS, “COVID-19 Frequently Asked Questions (FAQs) on Medicare Fee-for-Service (FFS) Billing,” pg. 85 https://www.cms.gov/files/document/03092020-covid-19-faqs-508.pdf
Bryan Beaudoin (firstname.lastname@example.org) is the associate director and health information management solution lead at Protiviti.