Develop an E/M audit structure that works for your organization
January 20, 2009
All practices should perform regular evaluation and management (E/M) audits, but the audit structure will vary based on the particulars of your individual circumstances.
The audit structure is made up of three basic elements:
Objective-The goal of the audit, such as to render provider education about compliance or to ensure that providers bill the appropriate E/M service to the optimal level allowed as supported by their documentation.
Scope-The type of audit, the data the audit will examine, and the number of records the audit will consider.
Level of risk-The impact the audit will have on the organization. Determine this by performing a high-level sample review to gain a general idea of how providers document and bill for services and to understand each provider's skill level.
If the sample shows a high level of risk for a particular provider who bills levels four and five based on documentation that only supports levels two and three, focus on immediate education for that provider. Perform another sample after providing the education. If the results are favorable, move forward with implementing a full audit.
The structure of audit an will help the practice answer the following questions:
Who should perform the audit?
Should we perform the audit prebill or postbill?
What will the practice use as a baseline?
How will the practice track its audit results?
How will the practice establish an audit cycle?
Compile the following reference materials prior to beginning the audit:
ICD-9-CM manual (current year)
CPT manual (current year)
NCCI edits (current quarter)
HCPCS Level II manual (current year)
1995 and 1997 Evaluation and Management Documentation Guidelines
Book of abbreviations and acronyms
Additional helpful tools include the CPT Assistant, AHA Coding Clinic for ICD-9-CM, and Coders' Desk Reference for Procedures.
Choosing an auditor
Ideally, the person who performs the audit is a qualified auditor who has E/M auditing and coding experience, particularly in a similar type of practice. This individual should also only perform the function of auditing and would not be a coder for the practice; however, in smaller practice settings, this may not be realistic.
When choosing an auditor, keep in mind that he or she should
have three to five years of coding experience
be comfortable meeting with providers individually or in groups
be comfortable presenting information to large groups of people
have a knack for framing information in terms that providers and billing staff can understand
be a good listener and tactful when presenting information
have a solid knowledge of federal rules and the ability to interpret them
Making preaudit preparations Before beginning the audit, meet with administration, practice managers, and physician leadership to discuss how you will conduct the audit, what the scope of it will be, and which objectives you seek to achieve. Document the minutes of this meeting.
Document the planning phase to ensure that the practice has thought through all the steps necessary for successfully carrying out the audit. Often, auditors will spend many hours during the planning phase for a new audit. The better you can plan the audit from beginning to end-including all reports you may want to write or data you may want to collect-the better and less rework you will have to do in the end.
Deciding when to audit Deciding when to audit-either prospectively or retrospectively-is an important part of the audit structure. A prebill/prospective audit occurs before you submit a claim to a payer. A postbill/retrospective audit occurs after a provider issues an interim or a final bill.
There are several advantages to performing a prebill/prospective audit. For example, this type of audit allows an auditor to
identify coding errors that can lead to false claims
take proactive action
educate billing providers and correct claims up front
However, a prebill/prospective audit does not indicate the financial impact of incorrect claims, nor does it detect whether a practice's billing system correctly maps to the correct codes and CDM fees.
When performing a prebill/prospective audit, obtain encounters that are current-usually within a week from the dates of service. Performing this type of audit on old claims isn't as productive because providers are less likely to recall the particular scenarios of each visit.
A postbill/retrospective audit allows an auditor to detect mistakes more easily and include educational opportunities in the audit scope, not only for the billing providers, but also for other support staff.
However, a postbill/retrospective audit does allow an auditor to identify errors that could mandate a monetary refund. This type of audit also has the potential to lose its educational value, especially if you audit old claims. If the claim is too old, a practice may not be able to resubmit it for payment. For example, if an auditor discovers undercoding or unbilled services, the claim may be past the allowed date to resubmit for payment.
When performing a postbill/retrospective audit, anticipate overpayments. Establish a written procedure on how the practice will handle/document overpayments found during the audit process.
Establishing a baseline If a practice has never performed an E/M audit or any other type of audit used for gathering data, begin with a baseline audit to determine the level of risk. A baseline audit will help the practice map out its audit efforts and agenda for at least one year. The audit could be shorter or longer, however, depending on the practice's size, number of findings in the baseline audit, and extent of the practice's resources.
The baseline audit will also help determine how often an auditor should re-audit certain providers. Re-audit a poorly performing provider sooner, rather than later. Those scoring well may only need to be reaudited on a rolling calendar basis. For example, you may decide to reaudit a provider who scores 90% (nine out of 10 records had correct E/M leveling and procedure coding) in a year; you may reaudit a provider scoring 60% within 30 to 60 days.
A baseline audit will identify the following:
Control weaknesses in the coding/billing system
The potential need for broad-based education
The need for provider documentation and billing practice improvements
A practice can perform a baseline audit in one of three ways:
by individual providers within the practice
by specialty area
by geographic location
Whichever method you choose, be sure that you use that same method the next time you perform the audit so that you're comparing apples to apples.
By individual providers within the practice Performing a baseline audit of each provider will yield precise results about where to begin follow-up audits and on which providers or practice areas the audit should focus.
When conducting this type of audit, include 10-30 records per billing provider. The OIG Compliance Guidance for Individual and Small Group Practices suggests auditing at least five records; however, most internal audit departments/consultants nationwide customarily audit a minimum of 10 records per provider.
By specialty area A baseline audit by specialty area generates valuable audit results; however, the results of this type of audit will not be as granular as those of an audit of individual providers. Because the audit will encompass documentation from multiple providers across the practice, the results will only produce a general sense of the risks and control weaknesses within each practice area.
This type of audit is typically faster than a baseline audit by provider or geographic area, but it does not render provider-specific information, nor does it give the auditor an opportunity to interface with each provider.
Determine the number of records to review by calculating the size of the specialty area. Do this by analyzing the number of providers and the volume of patients seen. The more providers and patients a practice has, the more records you'll want to review so that you have a well-rounded result that is representative of your practice.
Some auditors prefer to take a sample size that will be statistically significant, as this is what the OIG suggests. Visit the CMS Web site at www.cms.hhs.gov/transmittals/ downloads/R114PI.pdf for more information on how to select a statistically significant sample size.
Keep in mind that your choice of sample size is not as important as the fact that your practice performs some type of auditing/monitoring-either formally or informally-on an ongoing basis.
By geographic location A practice may want to use this method when auditing multiple sites in different geographic locations. This approach may streamline the audit process for larger practices. When determining how many records to audit, choose either 10 per provider or base the number on the total number of providers and the patient volume for that particular geographic location.
Some providers in larger practices with multiple sites may view an audit as a culture change, especially if their particular practice has never undergone the audit process. If this is the case, perform the initial audit at a smaller location/clinic that offers limited services or has fewer providers. Starting out small will give you better footing as you expand your audit into other locations within the practice.
Tracking audit results When designing the audit structure, decide what types of data you would like the audit to track. This step will help reduce the need for additional work after you complete the audit. For example, you might want to track one or more of the following areas:
E/M levels upcoded (by one level, two levels, etc.)
E/M levels undercoded (by one level, two levels, etc.)
Claims not supported because of missing documentation
Procedures not billed
Procedures billed without supporting documentation
Codes from an inappropriate range assigned (for example, preventive medicine codes assigned instead of 99214 [office or other outpatient visit, established patient])
Missing ICD-9-CM codes
Incorrect ICD-9-CM codes
Total records reviewed prebill
Total records reviewed postbill
Total teaching physician records reviewed
The above is not a complete list of the types of data you might want the audit to track. As you perform the audit, your list will expand based on your findings. The more data and figures that you can collect for each audit, the more valuable your audit results will be. This data also could help justify hiring additional auditors, coders, or individuals who can render provider education.
You may want to link the above categories to specific dollar amounts. For example, when tracking undercoding for a specific provider, determine how much money the practice is losing. Do the same for missing procedures. When tracking how often a provider overcodes, determine the amount of the relative value units that the provider received for work that he or she didn't actually perform or for work that the documentation does not support.
Establishing an audit cycle The size of the organization and the number of audit staff the practice employs will determine how frequently-annually, quarterly, or monthly-you can perform an audit. However, at a minimum, a practice should perform an E/M audit once per year.
A baseline audit may take as long as a year, depending on the size of the organization and the number of audit staff. Once a baseline audit is conducted, perform a follow-up audit. Establish a threshold for what the practice considers acceptable. Be sure to reaudit providers who score below acceptable levels.
Encourage physician leadership to determine the specific threshold level. Some practices consider 70% accuracy and above to be acceptable, while others require at least 80% or 90% accuracy. For providers who are new to documenting E/M services, consider a lower threshold. As they become familiar with documenting and coding these services, increase that threshold incrementally until they reach the desired level. This will account for the learning curve. Include any threshold information in a written policy.
If the baseline audit concludes that a particular specialty, practice area, or even an individual billing provider's documentation practice consistently does not meet government regulations, focus your follow-up audit on the area(s) of identified risk. This is commonly known as a probe audit, which targets specific issues and provides guidance as to where the practice should strengthen its controls and which processes it should revise to reduce overall risks.
For example, if you audit a provider two or three times-and he or she routinely underdocuments level five services or does not document the appropriate requirements for consultations on follow-up audits-pull those particular claims. Because you have identified a specific problem with the provider, perform a probe audit by only selecting level fives and consultation services for that provider.
Other aspects of an audit structure that you should consider include performing a pilot test and reporting audit results.
Once a practice has developed an audit structure, consider testing it in a pilot environment. Perform this test with no fewer than 30 records. The auditors who will perform the actual audit should also perform the test audit to determine whether the structure has any unnecessary or missing steps. If any uncertainties arise during the pilot test, address and resolve them immediately. Perform a follow-up test to ensure that you have addressed the problems.
Once the audit is complete, meet with each billing provider whom you audited (if you conducted an audit by individual provider). Use an executive summary or similar document to address and document any issues and audit results. A summary should include the scope, objective, issues, and recommendations.
Joe Rivet, CPC, CCS-P, CICA is a regulatory specialist and consultant for HCPro, Inc. He serves as an instructor for the Certified Coder Boot Camp® - Original Version which covers physician and outpatient hospital coding. He is the author of Auditing Evaluation and Management Coding: A Step-by-Step Guide to Enhancing Your Practice's Revenue and Compliance.