Evaluation and Management visits are often the "bread and butter" of an organization. Thus, correctly scoring encounters is essential to ensuring proper reimbursement. The element of "Risk" is only one of the three elements of Medical Decision Making (MDM) but understanding what is meant by all the definitions within each element is critical. The American Medical Association (AMA) has an FAQ page which provides some insight as to their thoughts regarding E/M scoring. Although, at the time of publication, their page includes some information on surgeries, keep in mind that individual payors may have their own guidelines which must be followed.

A: Per the E/M Technical Corrections (TC), CPT coding does not have recommendations for assessing the level of risk for particular procedures when the level of risk for the procedure is not noted in the record. However, it is recommended to discuss the documentation with the specific physician or other qualified healthcare professional (QHP) for clarification. Risk for any procedure depends on the specific patient risk factors and circumstances as they are assessed by the physician or other QHP. For example, a procedure may be deemed as high risk for a patient because of his or her specific circumstances, while the same procedure may be assessed as moderate or low risk for a different patient.

Therefore, the physician or other QHP would make such determination based on his or her evaluation of the specific patient's circumstances and risk factors. In addition, the E/M Technical Corrections describes risk as follows:

For the purposes of MDM, level of risk is based upon consequences of the problem(s) addressed at the encounter when appropriately treated. Risk also includes MDM related to the need to initiate or forego further testing, treatment, and/or hospitalization. The risk of patient management criteria applies to the patient management decisions made by the reporting physician or other qualified healthcare professional as part of the reported encounter.

One thing to note is the mention of the E/M Technical Corrections. These corrections come out at different times without much notification, so it's important to pay attention to what the AMA changes. For example, on March 1, 2023, they announced the following changes in an Errata and Technical Corrections document. Note that new information is underlined.

Independent interpretation: The interpretation of a test for which there is a CPT code, and an interpretation or report is customary. This does not apply when the physician or other qualified healthcare professional who reports the E/M service is reporting or has previously reported the test. A form of interpretation should be documented but need not conform to the usual standards of a complete report for the test. A test that is ordered and independently interpreted may count both as a test ordered and interpreted.

Appropriate source: For the purpose of the discussion of management data element (see Table 1, Levels of Medical Decision Making), an appropriate source includes professionals who are not healthcare professionals but may be involved in the management of the patient (e.g., lawyer, parole officer, case manager, teacher). It does not include discussion with family or informal caregivers. For the purpose of documents reviewed, documents from an appropriate source may be counted.

A: Base the determination of minor or major surgery on the clinical condition for that specific patient. We would also review any medical record data that is specific to that patient. The type of anesthesia is also a consideration; examples include local anesthesia, conscious sedation, or general anesthesia. 

Every surgical procedure obviously carries some level of risk, so the question is: What is considered an "ordinary" surgical risk? 

A: CPT coding does not define ordinary surgical risks (such as perforation) as high or low risk for patients. The physician or QHP who evaluates the patient is the best judge of the specific patient factors that make a procedure "high risk" for a patient. Every surgical procedure carries some element of risk; however, a relatively simple procedure for an otherwise healthy adult carries a different level of risk than the level of risk for an older patient with multiple comorbidities. Per the E/M 2021 Errata and Technical Corrections:

The assessment of the level of risk is affected by the nature of the event under consideration. For example, a low probability of death may be high risk, whereas a high chance of a minor, self-limited adverse effect of treatment may be low risk. Definitions of risk are based upon the usual behavior and thought processes of a physician or other qualified healthcare professional in the same specialty. Trained clinicians apply common language usage meanings to terms such as high, medium, low, or minimal risk, and do not require quantification for these definitions (though quantification may be provided when evidence-based medicine has established probabilities).

As a result, the physician's documentation of his or her level-of-risk assessment based on the specific patient's risk factors is the determining component in how the MDM level of risk for the specific patient will be calculated. The MDM level has three components and level of risk is only one of three components required to determine the MDM level. The physician or QHP must also document and consider the number and complexity of the problems addressed at the encounter, as well as the amount and complexity of the data to be reviewed and analyzed. Two of the three components must be at a high level for the overall MDM level for that encounter to be considered as high. Therefore, not all surgeries will be assessed as "high risk" based simply on inherent or ordinary surgical risks.

As you can see, it's up to the provider to determine and document the level of risk based on what would be considered "usual" by other providers in the same specialty. Not every surgery is high risk just because there is risk associated with surgery. The number and complexity of problems, as well as the complexity of the data reviewed and analyzed, are important factors to be considered when determining risk, and all of this information must be documented in order to show the thought process of the provider. Make it easy for an auditor to understand your decision-making process.

Wyn Staheli is the Director of Content Research for innoviHealth. She has over 30 years of experience in the healthcare industry. With her degree in Management Information Systems (MIS), she has been a programmer for a large insurance carrier, as well as a California hospital system. She is also the author and editor of many medical resource books and the founder of InstaCode Institute.