HIM 360 Milestone Two Guidelines and Rubric Overview: The final project for this course is the creation of a monthly compliance report. The final product represents an authentic demonstration of competency because today’s healthcare entities actively seek employment candidates who understand the coding process and can competently work within the documentation and compliance regulations. You will be using the Module One Case Study information as you work on your final project. Prompt: For this milestone, you will be submitting a draft of the compliance and recommendations sections (Sections III and IV) of your final paper. This portion of the paper will address the purpose for the compliance document and how this relates to the daily operations of the facility. This draft will give the outcome of the provider chart audit and what the outcome means to the status of the accounts represented by the charts. This final paper will describe the processes that may need to be addressed because of findings in the audit; any findings associated with the workflow of the office or educational deficiencies that may need to be addressed should be identified in the document. Any positive or negative aspects of the EHR should be addressed in this portion of the paper. The work you completed in the Module Four Bell Curve Activity will be used to submit this milestone. Specifically, the following critical elements must be addressed: I. Compliance A. What is the importance of the compliance program? Are there any specific benefits associated with having a formal compliance program? What consequences are there to not having a compliance program? Be sure to support your answers. B. Analyze the formal compliance program currently in place. Is that the appropriate for their clinic type, according to OIG classifications? C. What are the consequences if the plan is not adhered to, and how should the organization monitor in order to remain compliant? Do any changes need to be addressed to improve the usefulness of the compliance program? Why or why not? Support your answer. II. Recommendations A. Recommend what may need to be adjusted to improve and enhance the coding process at this enterprise. Where is additional education needed to better understand the coding process? Support your answer. B. Recommend improvements in the clinical documentation processes based on evaluation of the workflow processes to accommodate the Systematized Nomenclature of Medicine (SNOMED) process. Be sure to justify why these changes would help. C. In reference to quality measures, do the improvements recommended accurately reflect the provider’s patient population regarding SNOMED? Why or why not? Support your answer. D. Recommend the training for medical staff necessary to attain the industry standards to meet healthcare data reporting requirements. Consider how industry standards have changed in recent years. Support your answer. E. What is fraud and abuse? What should the auditors do/what directions should they follow if they suspect fraud or abuse? F. With consideration to which technology would need supplementing or replacing, what additional technology would you recommend to improve the functions of the current processes in the clinic? G. What additional resources may be needed for implementing your technology recommendation? Consider resources such as budget, staffing, and training in your response. H. What intervals are audits scheduled, and are they sporadically scheduled? Who does the organization report issues to if fraud and abuse are detected? I. After evaluation, would you recommend modifying the workflow process in the clinic, or would an upgrade be sufficient? Why? Be sure to support your choice. Rubric Guidelines for Submission: This milestone should be a 5–6 page Microsoft Word document written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. All references should be cited in APA format. Critical Elements Compliance: Importance Compliance: OIG Classifications Compliance: Usefulness Recommendations: Enhance the Coding Process Exemplary (100%) Meets “Proficient” criteria and provides concrete examples of the benefits of having a formal compliance program, and the consequences of not having a compliance program Meets “Proficient” criteria and analysis demonstrates a nuanced understanding of OIG classifications and their application to formal compliance programs Meets “Proficient” criteria, and suggested monitoring plans and changes demonstrate a solid understanding of the compliance program Proficient (85%) Analyzes the importance and benefits of a compliance program, and the consequences of not having a compliance program, providing support for analysis Needs Improvement (55%) Analyzes the importance and benefits of a compliance program, and includes consequences of not having a compliance program, but support provided is cursory, weak, or illogical Not Evident (0%) Does not analyze the importance and benefits of a compliance program, and the consequences of not having a compliance program Value 4.75 Analyzes the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications Does not analyze the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications 4.75 Recommends adjustments to the coding process at this enterprise, including education, with support for recommendation Does not analyze the consequences if the plan is not adhered to, monitoring plans, or changes that need to be addressed to improve the usefulness of the compliance program Does not recommend adjustments to the coding process at this enterprise, including education, with support for recommendation. 4.75 Meets “Proficient” criteria and recommendation includes detailed plan of how education would improve the coding process Analyzes the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications, but analysis is not weak or illogical Analyzes the consequences if the plan is not adhered to, monitoring plans, and changes needed to be addressed to improve the usefulness of the compliance program, but reasoning is weak or illogical Recommends adjustments to the coding process at this enterprise, including education, with support for recommendation, but justification is illogical, weak, or cursory Analyzes the consequences if the plan is not adhered to, monitoring plans, and changes needed to be addressed to improve the usefulness of the compliance program 7.9 Critical Elements Recommendations: Improvements Recommendations: Quality Measures Exemplary (100%) Meets “Proficient” criteria and recommendations demonstrate a nuanced understanding of integrating SNOMED into currently standing processes Meets “Proficient” criteria and explains how SNOMED is used to improve patient outcomes Recommendations: Training Meets “Proficient” criteria and identifies the industry standards that have changed in their recommendation Recommendations: Fraud or Abuse Meets “Proficient” criteria and gives great detail to steps auditors should take if they suspect fraud or abuse Recommendations: Technology Meets “Proficient” criteria and identifies the current technology that may be deficient Recommendations: Resources Meets “Proficient” criteria and assessment considers best practices in attaining additional resources Proficient (85%) Recommends changes in the workflow processes to accommodate the SNOMED process, including justification of recommendations Assesses the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED, with support for their assessment Recommends training for medical staff necessary to attain the industry standards for healthcare data reporting requirements, including support for recommendations Describes fraud and abuse, as well as gives direction for auditors if they suspect fraud or abuse Recommends additional technology that may be necessary for the current processes, logically justifying recommendations Comprehensively assesses any additional resources that may be needed for the new technology, using logical reasoning to support why resources are necessary Needs Improvement (55%) Recommends changes in the workflow processes to accommodate the SNOMED process, but justification of recommendations is illogical, cursory, or weak Assesses the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED, but assessment is illogical or inaccurate Recommends training for medical staff necessary to attain the industry standards for healthcare data reporting requirements, but recommendations are illogical, weak, or cursory Describes fraud and abuse, as well as gives direction for auditors if they suspect fraud or abuse, but description or recommendation is illogical, weak, or cursory Recommends additional technology that may be necessary for the current processes, but recommendations are illogical, weak, or cursory Assesses any additional resources that may be needed for the new technology, but assessment is not comprehensive or reasoning provided as support is illogical, weak, or missing Not Evident (0%) Does not recommend changes in the workflow processes to accommodate the SNOMED process Value 7.91 Does not assess the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED 20.78 Does not recommend training for medical staff necessary to attain the industry standards for healthcare data reporting requirements 7.91 Does not describe fraud and abuse, or give direction for auditors if they suspect fraud or abuse 4.75 Does not recommend additional technology that may be necessary for the current processes 11 Does not assess any additional resources that may be needed for the new technology 11 Critical Elements Recommendations: Audits Scheduled Recommendations: Evaluation Articulation of Response Exemplary (100%) Meets “Proficient” criteria and provides examples demonstrating a solid understanding of the importance of audit scheduling Meets “Proficient” criteria and provides examples to back up recommendations Submission is free of errors related to citations, grammar, spelling, syntax, and organization and is presented in a professional and easy-toread format Proficient (85%) Determines the best scheduling plan for audits and identifies who the organization reports issues to if fraud and abuse are detected Recommends either modifying the workflow process in the clinic or upgrade, using logical reasons to support recommendation Submission has no major errors related to citations, grammar, spelling, syntax, or organization Needs Improvement (55%) Determines the best scheduling plan for audits and identifies who the organization reports issues to if fraud and abuse are detected, but reasoning provided is illogical, weak, or missing Recommends either modifying the workflow process in the clinic or upgrade, but reasoning provided is illogical, weak, or missing Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas Not Evident (0%) Does not determine the best scheduling plan for audits or identify who the organization reports issues to if fraud and abuse are detected Value 4.75 Does not recommend modifying or upgrading the workflow process in the clinic 4.75 Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas 5 Total 100% HIM 360 Final Project Guidelines and Rubric Overview The final project for this course is the creation of a monthly compliance report. The final product represents an authentic demonstration of competency because today’s healthcare entities actively seek employment candidates who understand the coding process and can competently work within the documentation and compliance regulations. You will be using the Module One Case Study information as you work on your final project. The project is divided into two milestones, which will be submitted at various points throughout the course to scaffold learning and ensure quality final submissions. These milestones will be submitted in Modules Three and Five. The final product will be submitted in Module Seven. In this assignment, you will demonstrate your mastery of the following course outcomes: • • • • • Evaluate the efficiency of coding policies for their implications on employee training [HCM-360-01] Assess healthcare documentation by utilizing industry standard technology for its relevance in the auditing and health data standard reporting processes [HCM-360-02] Recommend workflow policy adjustments for improving technology processes [HCM-360-03] Evaluate electronic health record systems through audits and reporting for information placement and system updates [HCM-360-04] Analyze ethical violations for maintaining compliance with healthcare rules and regulations [HCM-360-05] Prompt As the compliance manager of the SNHU Medical Clinic, it is your responsibility to identify any deficiencies in the coding process for the encounters in the clinic. You will select encounters to be audited to determine the percentage of charts that are documented accurately when comparing the documentation to the selected code(s). This achieved rate will be recorded and reported back to the provider. If this rate is less than the agreed percentage, the provider will receive education from your department on the identified deficiencies. A monthly report will be provided to the appropriate compliance departments or director of the department. Your monthly compliance report should answer the following prompt: What issues have been identified as needing improvement either in the form of education or technology improvement to meet the goals for the SNHU Medical Clinic? A description of the compliance plan (see Segment of Compliance Plan Example, linked in the Final Project Submission assignment in Module Seven of your course) should be presented in this paper, including any positive, negative, or neutral results that having a compliance plan presents for a facility. 1 Specifically, you must address the critical elements listed below. I. Preface A. Compose a preface for the monthly compliance report after completing the separate elements below. Be sure to include the focus of the report and frame it for your intended audience. II. Evaluation A. What is the overall outcome of the provider chart audits? Are there any providers that need extensive education based on the outcomes? Provide support for your answers. [HCM-360-02] B. There are charts in the case study where the documentation did not support the diagnosis and evaluation and management (E/M) coding that was billed for the encounter. What coding guidelines and/or policies should have been followed when establishing the diagnosis and E/M code? [HCM-360-02] C. How would you implement or revise the review processes of clinical documentation for prospective, concurrent, and retrospective reviews? Be sure to include the workflow and training opportunities for staff in your response. [HCM-360-04] D. Does the EHR system provide the necessary criteria for reporting the quality measures for the patients? Is this an appropriate system for the clinic, or should adjustments be made to improve the user experience and dependability? Support your answer. [HCM-360-04] III. Compliance A. What is the importance of the compliance program? Are there any specific benefits associated with having a formal compliance program? What consequences are there to not having a compliance program? Be sure to support your answers. [HCM-360-05] B. Analyze the formal compliance program currently in place. Is that appropriate for the clinic type, according to OIG classifications? [HCM-360-05] C. What are the consequences if the plan is not adhered to, and how should the organization monitor in order to remain compliant? Do any changes need to be addressed to improve the usefulness of the compliance program? Why or why not? Support your answer. [HCM-360-05] IV. Recommendations A. Recommend what may need to be adjusted to improve and enhance the coding process at this enterprise. Where is additional education needed to better understand the coding process? Support your answer. [HCM-360-01] B. Recommend improvements in the clinical documentation processes based on evaluation of the workflow processes to accommodate the Systematized Nomenclature of Medicine (SNOMED) process. Be sure to justify why these changes would help. [HCM-360-01] C. In reference to quality measures, do the improvements recommended accurately reflect the provider’s patient population regarding SNOMED? Why or why not? Support your answer. [HCM-360-02] D. Recommend the training for medical staff necessary to attain the industry standards to meet healthcare data reporting requirements. Consider how industry standards have changed in recent years. Support your answer. [HCM-360-01] E. What is fraud and abuse? What should the auditors do/what directions to follow if they suspect fraud or abuse? [HCM-360-05] 2 F. With consideration to which technology would need supplementing or replacing, what additional technology would you recommend to improve the functions of the current processes in the clinic? [HCM-360-03] G. What additional resources may be needed for implementing your technology recommendation? Consider resources such as budget, staffing, and training in your response. [HCM-360-03] H. What intervals are audits scheduled, and are they sporadically scheduled? Who does the organization report issues to if fraud and abuse is detected? [HCM-360-05] I. After evaluation, would you recommend modifying the workflow process in the clinic or would an upgrade be sufficient? Why? Be sure to support your choice. [HCM-360-03] V. Conclusion A. What is the overall status of the coding program of this entity? Support your answer. [HCM-360-01] B. Overall, did this entity maintain compliance with healthcare rules and regulations? Support your answer with evidence from the providers’ charts. Consider any major ethical issues that may have been discovered during your analysis. [HCM-360-05] C. Were there any significant training issues identified in the audit? What preventions are in place to prevent training deficits from arising? [HCM360-01] D. Does the technology being used in the clinic support the reporting of the healthcare data reporting requirement guidelines? If not, what recommendations can be made to improve the technology? [HCM-360-02] Milestones Milestone One: Draft of Evaluation In Module Three, you will submit a draft of the evaluation section (section II). Complete an audit of the information provided in the case study, identifying educational needs, process, and workflow concerns. After completing the evaluation of the final audit results, compile a list of providers that need additional education. This milestone will be graded with the Milestone One Rubric. Milestone Two: Draft of Compliance and Recommendations In Module Five, you will submit a draft of the compliance and recommendations sections (sections III and IV). This portion of the paper will address the purpose for the compliance document and how this relates to the daily operations of the facility, and describe the phases of evaluation by the OIG after a serious deficiency is found in an audit. This milestone will be graded with the Milestone Two Rubric. Final Submission: Monthly Compliance Report In Module Seven, you will complete the preface and conclusion sections (sections I and V), and submit your final project. It should be a complete, polished artifact containing all of the critical elements of the final product. It should reflect the incorporation of feedback gained throughout the course. This submission will be graded with the Final Project Rubric. 3 Final Project Rubric Guidelines for Submission: Your monthly compliance report must be 10- to 12- pages in length (plus a cover page and references) and must be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least seven references cited in APA format. Critical Elements Preface Exemplary (100%) Meets “Proficient” criteria and clearly identifies the purpose or intent of the report Proficient (85%) Composes a preface for monthly compliance report, framed for intended audience, and including focus of the report Assesses the outcomes of provider chart audits and provider education needed, providing support for the assessment Determines the coding guidelines and/or policies that should be followed when establishing the diagnosis and E/M code Evaluation: Outcome [HCM-360-02] Meets “Proficient” criteria and identifies specific deficiencies in provider audits Evaluation: Coding Guidelines [HCM-360-02] Meets “Proficient” criteria and gives detailed support to coding guidelines/policies determined Evaluation: Review Processes [HCM-360-04] Meets “Proficient” criteria and explains how the review processes would impact the workflow Determines how review processes of clinical documentation for prospective, concurrent, and retrospective reviews would be revised or implemented with workflow being considered Evaluation: EHR System [HCM-360-04] Meets “Proficient” criteria and gives justification to response Determines if the EHR system provides the necessary criteria for reporting the quality measures for the patients, and is an appropriate system for the clinic, providing support for evaluation 4 Needs Improvement (55%) Composes a preface for monthly compliance report but is not framed for intended audience or the focus of the report is vague Assesses the outcomes of provider chart audits and provider education needs, but assessment or support are cursory or weak Not Evident (0%) Does not compose a preface for the monthly compliance report Value 5 Does not assess the outcomes of provider chart audits and provider education needs 4.5 Determines the coding guidelines and/or policies that should be followed when establishing the diagnosis and E/M code, but response is not comprehensive Determines how review processes of clinical documentation for prospective, concurrent, and retrospective reviews would be revised or implemented with workflow being considered, but evaluation is not comprehensive, or support provided for evaluation is weak Determines if the EHR system provides the necessary criteria for reporting the quality measures for the patients, and is an appropriate system for the clinic, providing support for evaluation, but evaluation is not comprehensive, or support provided for evaluation is weak Does not determine the coding guidelines and/or policies that should be followed when establishing the diagnosis and E/M code Does not determine how review processes of clinical documentation for prospective, concurrent, and retrospective reviews would be revised or implemented 4.5 Does not determine if the EHR system provides the necessary criteria for reporting the quality measures for the patients 9 9 Critical Elements Compliance: Importance [HCM-360-05] Compliance: OIG Classifications [HCM-360-05] Compliance: Usefulness [HCM-360-05] Recommendations: Enhance the Coding Process [HCM-360-01] Recommendations: Improvements [HCM-360-01] Recommendations: Quality Measures [HCM-360-02] Exemplary (100%) Meets “Proficient” criteria and provides concrete examples of the benefits of having a formal compliance program, and the consequences of not having a compliance program Meets “Proficient” criteria and analysis demonstrates a nuanced understanding of OIG classifications and their application to formal compliance programs Meets “Proficient” criteria, and suggested monitoring plans and changes demonstrate a solid understanding of the compliance program Proficient (85%) Analyzes the importance and benefits of a compliance program, and the consequences of not having a compliance program, providing support for analysis Analyzes the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications Needs Improvement (55%) Analyzes the importance and benefits of a compliance program, and includes consequences of not having a compliance program, but support provided is cursory, weak, or illogical Not Evident (0%) Does not analyze the importance and benefits of a compliance program, and the consequences of not having a compliance program Analyzes the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications, but analysis is weak or illogical Does not analyze the type of formal compliance program that would be appropriate at this specific entity based on OIG classifications 3 Analyzes the consequences if the plan is not adhered to, monitoring plans, and changes that need to be addressed to improve the usefulness of the compliance program Analyzes the consequences if the plan is not adhered to, monitoring plans, and changes that need to be addressed to improve the usefulness of the compliance program, but reasoning is weak or illogical 3 Meets “Proficient” criteria and recommendation includes detailed plan of how education would improve the coding process Meets “Proficient” criteria and recommendations demonstrate a nuanced understanding of integrating SNOMED into currently standing processes Meets “Proficient” criteria and explains how SNOMED is used to improve patient outcomes Recommends adjustments to the coding process at this enterprise, including education, with support for recommendation Recommends adjustments to the coding process at this enterprise, including education, with support for recommendation, but justification is illogical, weak, or cursory Recommends changes in the workflow processes to accommodate the SNOMED process, but justification of recommendations is illogical, cursory, or weak Does not analyze the consequences if the plan is not adhered to, monitoring plans, or changes that need to be addressed to improve the usefulness of the compliance program Does not recommend adjustments to the coding process at this enterprise, including education, with support for recommendation. Does not recommend changes in the workflow processes to accommodate the SNOMED process Recommends changes in the workflow processes to accommodate the SNOMED process, including justification of recommendations Assesses the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED, with support for their assessment 5 Assesses the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED, but assessment is illogical or inaccurate Does not assess the improvements recommended to ensure they reflect the provider’s patient population regarding SNOMED Value 3 3.6 3.6 4.5 Critical Elements Recommendations: Training [HCM-360-01] Exemplary (100%) Meets “Proficient” criteria and identifies the industry standards that have changed in the recommendation Recommendations: Fraud or Abuse [HCM-360-05] Meets “Proficient” criteria and gives great detail to steps auditors should take if they suspect fraud or abuse Recommendations: Technology [HCM-360-03] Meets “Proficient” criteria and identifies the current technology that may be deficient Recommendations: Resources [HCM-360-03] Meets “Proficient” criteria and assessment considers best practices in attaining additional resources Recommendations: Audits Scheduled [HCM-360-05] Meets “Proficient” criteria and provides examples demonstrating a solid understanding of the importance of audit scheduling Meets “Proficient” criteria and provides examples to back up recommendations Recommendations: Evaluation [HCM-360-03] Conclusion: Status [HCM-360-01] Meets “Proficient” criteria and gives detailed strengths and weaknesses of the coding program of the entity Proficient (85%) Recommends training for medical staff necessary to attain the industry standards for healthcare data reporting requirements, including support for recommendations Describes fraud and abuse, as well as gives direction for auditors if they suspect fraud or abuse Recommends additional technology that may be necessary for the current processes, logically justifying recommendations Comprehensively assesses any additional resources that may be needed for the new technology, using logical reasoning to support why resources are necessary Determines the best scheduling plan for audits and identifies who the organization reports issues to if fraud and abuse are detected Recommends either modifying the workflow process in the clinic or upgrade, using logical reasons to support recommendation Evaluates the overall status of the coding program of the entity, providing detailed support for evaluation 6 Needs Improvement (55%) Recommends training for medical staff necessary to attain the industry standards for healthcare data reporting requirements, but recommendations are illogical, weak, or cursory Not Evident (0%) Does not recommend training for medical staff necessary to attain the industry standards for healthcare data reporting requirements Value 3.6 Describes fraud and abuse, as well as gives direction for auditors if they suspect fraud or abuse, but description or recommendation is illogical, weak, or cursory Recommends additional technology that may be necessary for the current processes, but recommendations are illogical, weak, or cursory Does not describe fraud and abuse, or give direction for auditors if they suspect fraud or abuse 3 Does not recommend additional technology that may be necessary for the current processes 6 Assesses any additional resources that may be needed for the new technology, but assessment is not comprehensive or reasoning provided as support is illogical, weak, or missing Determines the best scheduling plan for audits and identifies who the organization reports issues to if fraud and abuse are detected, but reasoning provided is illogical, weak, or missing Recommends either modifying the workflow process in the clinic or upgrade, but reasoning provided is illogical, weak, or missing Evaluates the overall status of the coding program of the entity, but evaluation is cursory or support provided is illogical, weak, or cursory Does not assess any additional resources that may be needed for the new technology 6 Does not determine the best scheduling plan for audits or identifies who the organization reports issues to if fraud and abuse are detected Does not recommend modifying or upgrading the workflow process in the clinic 3 Does not evaluate the overall status of the coding program of the entity 3.6 6 Critical Elements Conclusion: Maintain Compliance [HCM-360-05] Exemplary (100%) Meets “Proficient” criteria and analysis attributes the entity’s compliance or non-compliance to the findings or non-findings or major ethical issues Proficient (85%) Analyzes providers’ charts to determine if they maintained compliance with healthcare rules and regulations, supporting answer with evidence from the providers’ charts Conclusion: Training [HCM-360-01] Meets “Proficient” criteria and evaluation demonstrates a nuanced insight into the relationship between a clinic’s audit and training program Assesses training issues in audit and recommends preventions are in place to prevent training deficits from arising Conclusion: Technology [HCM-360-02] Meets “Proficient” criteria and comprehensively describes strengths or weaknesses of the technology being used in the clinic Assesses the technology in the clinic that addresses new healthcare data reporting guidelines, including recommendations or how it currently supports the guidelines Articulation of Response Submission is free of errors related to citations, grammar, spelling, syntax, and organization and is presented in a professional and easy-toread format Submission has no major errors related to citations, grammar, spelling, syntax, or organization Needs Improvement (55%) Analyzes providers’ charts to determine if they maintained compliance with healthcare rules and regulations, supporting answer with evidence from the providers’ charts, but analysis is weak or cursory or support for analysis is illogical, weak, or cursory Assesses training issues in audit and recommends preventions are in place to prevent training deficits from arising, but assessment is weak or cursory or support for analysis is illogical, weak, or cursory Assesses the technology in the clinic that addresses new healthcare data reporting guidelines, but recommendations are not logical or explanation of how the technology currently supports the guidelines is illogical or cursory Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas Not Evident (0%) Does not analyze providers’ charts to determine if they maintained compliance with healthcare rules and regulations Does not assess training issues in audit or recommend prevention of training deficits 3.6 Does not assess the technology in the clinic that addresses new healthcare data reporting guidelines 4.5 Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas 5 Total 7 Value 3 100% The following information is a small portion of the coding compliance program that will affect the auditing of the charts by the compliance department. Coding Compliance Program for SNHU: 1. Our coding compliance is based on the values of our organization. These values include our responsibilities:     To the patients—to provide the best, most effective, and safest treatment available To our employees—to provide for the safety of our employees in the work environment; to make sure our employees are properly trained to perform their tasks in a manner that is conducive to reaching the most accurate results possible To our stakeholders—to make sure we are using our resources wisely and being good stewards of the resources provided for the use of the organization; to continually monitor the effectiveness of programs to stay current with the rules, regulations, and guidelines that impact the daily operations of our organization To the community we serve—to evaluate the needs of the community and to ensure our organization is providing the services needed by the members of the community 2. Our organization uses coding guidelines that have been established by the American Medical Association (AMA) and adopted by the Centers for Medicare and Medicaid Services (CMS). These guidelines include the assignment of:     Diagnosis codes found in the International Classification of Diseases, Ninth Revision, Clinical Modification (ICD-10-CM) HCPCS Level I codes found in the Current Procedural Terminology (CPT) codes published annually by the AMA HCPCS Level II, developed, updated, and maintained by the federal government 1997 Documentation Guidelines for Evaluation and Management Services Our staff members are to apply the guidelines found in the above documents to the coding of documentation that is relevant in the treatment of the patients of our organization. 3. An effective coding program must be continually evaluated and monitored to ensure its effectiveness. The goals of the coding compliance program are:      Achieving 97% accuracy in the coding of claims Continually striving to reduce billing and claim errors Achieving 100% of all coding staff attaining certification status Meeting the education requirements of our coding staff Providing training to ensure coding staff has sufficient opportunities to acquire the continuing education units (CEUs) required to maintain their certified status 1 4. To reach the above goals, the following process will be used by the staff of the compliance department:          All physicians will be audited annually and receive a score on the audit. If the score is not 100%, the physician will be educated in the area(s) of deficiency. If the score is 100%, the physician will be notified and given a report of the audited charts. The charts audited will be a random selection from the encounters found in the previous 90 days. The codes to be audited in a general audit are the ICD-10-CM diagnoses codes and Evaluation and Management (CPT) codes used by the providers. o These codes are 99201–99215. All new physicians will receive a New Provider Orientation package from the Compliance Department. Additional information may be used by the compliance department to determine the effectiveness of the coding within each clinic. An example of this is the use of bell curves to identify providers which are out of the normal range of codes. A report will be submitted to the compliance committee to provide for evidence of the effectiveness or lack of effectiveness of the compliance department. Areas to be covered by the education staff to improve the billing and claim errors of the clinics will be identified. 5. Auditing charts are a very important part of the compliance department. After the charts are audited, it is possible there may be errors that need to be corrected. The following is the process to be used to correct errors found in the audit:      Since the claims are audited through a post-payment review, if the code billed is not supported by the documentation in the chart, a correction will have to be made by filing a corrected claim to the payer. This may result in a reduction in payment or an increase in payment; both ways must be corrected. The patient’s encounter must reflect the difference in the coding. The file must show a voided incorrect code and a posted correct code. The corrected claim will be then be filed to the payer. If the payer will process the corrected claim, reversing the incorrect payment, and then paying the correct claim, there will be no need to issue a check to correct any overpayments. If the payer will not recoup any overpaid monies, a check must be issued to the payer for the overpayment. It is extremely important this process be completed within 45 days of the identification of the error. The above is the section of the compliance program that will be used to determine what information is needed to evaluate the coding compliance of our facility. There are some topics covered simply as a note in the modules, such as giving the names of new providers to the organization. Since the process above indicates a New Provider Orientation package will be given to the new providers, the students will simply identify this in their reports. However, on issues such as receiving or not receiving a 100% on the audits, the students will need to identify which providers did or did not attain the 100% goal and identify where education is needed. Students will not be required to perform the actual audits. They will be provided with information gained from an audit of charts. From this information, they will need to determine why the provider did not meet the desired level of code. This will be the information used in their final monthly compliance report. 2 59434 Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices technology to minimize the information collection burden. (1) Type of Information Collection Request: New Collection; Title of Information Collection: Employee Building Pass Application and File; Form No.: HCFA–730 & 182 (OMB# 0938–NEW); Use: The purpose of this system and the forms are to control United States Government Building Passes issued to all HCFA employees and non-HCFA employees who require continuous access to HCFA buildings in Baltimore and other HCFA and HHS buildings.; Frequency: Other; as needed; Affected Public: Federal Government, and business or other for-profit; Number of Respondents: 150; Total Annual Responses: 150; Total Annual Hours: 37.50. (2) Type of Information Collection Request: Extension of a currently approved collection; Title of Information Collection: Limitation on Liability and Information Collection Requirements Referenced in 42 CFR 411.404, 411.406, and 411.408; Form No.: HCFA–R–77 (OMB# 0938– 0465); Use: The Medicare program requires to provide written notification of noncovered services to beneficiaries by the providers, practitioners, and suppliers. The notification gives the beneficiary, provider, practitioner, or supplier knowledge that Medicare will not pay for items or services mentioned in the notification. After this notification, any future claim for the same or similar services will not be paid by the program and the affected parties will be liable for the noncovered services.; Frequency: Other; as needed; Affected Public: Individuals or households; Number of Respondents: 890,826; Total Annual Responses: 3,563,304; Total Annual Hours: 296,942. To obtain copies of the supporting statement for the proposed paperwork collections referenced above, access HCFA’s Web Site Address at http:// www.hcfa.gov/regs/prdact95.htm, or Email your request, including your address and phone number, to Paperwork@hcfa.gov, or call the Reports Clearance Office on (410) 786–1326. Written comments and recommendations for the proposed information collections must be mailed within 30 days of this notice directly to the OMB Desk Officer designated at the following address: OMB Human Resources and Housing Branch, Attention: Allison Eydt, New Executive Office Building, Room 10235, Washington, D.C. 20503. Dated: September 11, 2000. John P. Burke III, HCFA Reports Clearance Officer, HCFA, Office of Information Services, Security and Standards Group, Division of HCFA Enterprise Standards. [FR Doc. 00–25581 Filed 10–4–00; 8:45 am] BILLING CODE 4120–03–P DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of Inspector General OIG Compliance Program for Individual and Small Group Physician Practices AGENCY: Office of Inspector General (OIG), HHS. ACTION: Notice. This Federal Register notice sets forth the recently issued Compliance Program Guidance for Individual and Small Group Physician Practices developed by the Office of Inspector General (OIG). The OIG has previously developed and published voluntary compliance program guidance focused on several other areas and aspects of the health care industry. We believe that the development and issuance of this voluntary compliance program guidance for individual and small group physician practices will serve as a positive step towards assisting providers in preventing the submission of erroneous claims or engaging in unlawful conduct involving the Federal health care programs. SUMMARY: FOR FURTHER INFORMATION CONTACT: Kimberly Brandt, Office of Counsel to the Inspector General, (202) 619–2078. SUPPLEMENTARY INFORMATION: Background The creation of compliance program guidances is a major initiative of the OIG in its effort to engage the private health care community in preventing the submission of erroneous claims and in combating fraudulent conduct. In the past several years, the OIG has developed and issued compliance program guidances directed at a variety of segments in the health care industry. The development of these types of compliance program guidances is based on our belief that a health care provider can use internal controls to more efficiently monitor adherence to applicable statutes, regulations and program requirements. Copies of these compliance program guidances can be found on the OIG web site at http://www.hhs.gov/oig. Developing the Compliance Program Guidance for Individual and Small Group Physician Practices On September 8, 1999, the OIG published a solicitation notice seeking information and recommendations for developing formal guidance for individual and small group physician practices (64 FR 48846). In response to that solicitation notice, the OIG received 83 comments from various outside sources. We carefully considered those comments, as well as previous OIG publications, such as other compliance program guidance and Special Fraud Alerts, in developing a guidance for individual and small group physician practices. In addition, we have consulted with the Health Care Financing Administration and the Department of Justice. In an effort to ensure that all parties had a reasonable opportunity to provide input into a final product, draft guidance for individual and small group physician practices was published in the Federal Register on June 12, 2000 (65 FR 36818) for further comments and recommendations. Components of an Effective Compliance Program This compliance program guidance for individual and small group physician practices contains seven components that provide a solid basis upon which a physician practice can create a voluntary compliance program: • Conducting internal monitoring and auditing; • Implementing compliance and practice standards; • Designating a compliance officer or contact; • Conducting appropriate training and education; • Responding appropriately to detected offenses and developing corrective action; • Developing open lines of communication; and • Enforcing disciplinary standards through well-publicized guidelines. Similar components have been contained in previous guidances issued by the OIG. However, unlike other guidances issued by OIG, this guidance for physicians does not suggest that physician practices implement all seven components of a full scale compliance program. Instead, the guidance emphasizes a step by step approach to follow in developing and implementing a voluntary compliance program. This change is in recognition of the financial and staffing resource constraints faced Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices by physician practices. The guidance should not be viewed as mandatory or as an all-inclusive discussion of the advisable components of a compliance program. Rather, the document is intended to present guidance to assist physician practices that voluntarily choose to develop a compliance program. Office of Inspector General’s Compliance Program Guidance for Individual and Small Group Physician Practices I. Introduction This compliance program guidance is intended to assist individual and small group physician practices (‘‘physician practices’’) 1 in developing a voluntary compliance program that promotes adherence to statutes and regulations applicable to the Federal health care programs (‘‘Federal health care program requirements’’). The goal of voluntary compliance programs is to provide a tool to strengthen the efforts of health care providers to prevent and reduce improper conduct. These programs can also benefit physician practices2 by helping to streamline business operations. Many physicians have expressed an interest in better protecting their practices from the potential for erroneous or fraudulent conduct through the implementation of voluntary compliance programs. The Office of Inspector General (OIG) believes that the great majority of physicians are honest and share our goal of protecting the integrity of Medicare and other Federal health care programs. To that end, all health care providers have a duty to ensure that the claims submitted to Federal health care programs are true and accurate. The development of voluntary compliance programs and the active application of compliance principles in physician practices will go a long way toward achieving this goal. Through this document, the OIG provides its views on the fundamental components of physician practice compliance programs, as well as the principles that a physician practice might consider when developing and implementing a voluntary compliance 1 For the purpose of this guidance, the term ‘‘physician’’ is defined as: (1) a doctor of medicine or osteopathy; (2) a doctor of dental surgery or of dental medicine; (3) a podiatrist; (4) an optometrist; or (5) a chiropractor, all of whom must be appropriately licensed by the State. 42 U.S.C. 1395x(r). 2 Much of this guidance can also apply to other independent practitioners, such as psychologists, physical therapists, speech language pathologists, and occupational therapists. program. While this document presents basic procedural and structural guidance for designing a voluntary compliance program, it is not in and of itself a compliance program. Indeed, as recognized by the OIG and the health care industry, there is no ‘‘one size fits all’’ compliance program, especially for physician practices. Rather, it is a set of guidelines that physician practices can consider if they choose to develop and implement a compliance program. As with the OIG’s previous guidance, 3 these guidelines are not mandatory. Nor do they represent an allinclusive document containing all components of a compliance program. Other OIG outreach efforts, as well as other Federal agency efforts to promote compliance,4 can also be used in developing a compliance program. However, as explained later, if a physician practice adopts a voluntary and active compliance program, it may well lead to benefits for the physician practice. A. Scope of the Voluntary Compliance Program Guidance This guidance focuses on voluntary compliance measures related to claims submitted to the Federal health care programs. Issues related to private payor claims may also be covered by a compliance plan if the physician practice so desires. The guidance is also limited in scope by focusing on the development of voluntary compliance programs for individual and small group physician practices. The difference between a small practice and a large practice cannot be determined by stating a particular number of physicians. Instead, our intent in narrowing the guidance to the small practices subset 3 Currently, the OIG has issued compliance program guidance for the following eight industry sectors: hospitals, clinical laboratories, home health agencies, durable medical equipment suppliers, third-party medical billing companies, hospices, Medicare+Choice organizations offering coordinated care plans, and nursing facilities. The guidance listed here and referenced in this document is available on the OIG web site at http:/ /www.hhs.gov/oig in the Electronic Reading Room or by calling the OIG Public Affairs office at (202) 619–1343. 4 The OIG has issued Advisory Opinions responding to specific inquiries concerning the application of the OIG’s authorities, in particular, the anti-kickback statute, and Special Fraud Alerts setting forth activities that raise legal and enforcement issues. These documents, as well as reports from the OIG’s Office of Audit Services and Office of Evaluation and Inspections can be obtained via the Internet address or phone number provided in Footnote 3. Physician practices can also review the Health Care Financing Administration (HCFA) web site on the Internet at http:// www.hcfa.gov, for up-to-date regulations, manuals, and program memoranda related to the Medicare and Medicaid programs. 59435 was to provide guidance to those physician practices whose financial or staffing resources would not allow them to implement a full scale, institutionally structured compliance program as set forth in the Third Party Medical Billing Guidance or other previously released OIG guidance. A compliance program can be an important tool for physician practices of all sizes and does not have to be costly, resource-intensive or timeintensive. B. Benefits of a Voluntary Compliance Program The OIG acknowledges that patient care is, and should be, the first priority of a physician practice. However, a practice’s focus on patient care can be enhanced by the adoption of a voluntary compliance program. For example, the increased accuracy of documentation that may result from a compliance program will actually assist in enhancing patient care. The OIG believes that physician practices can realize numerous other benefits by implementing a compliance program. A well-designed compliance program can: • Speed and optimize proper payment of claims; • Minimize billing mistakes; • Reduce the chances that an audit will be conducted by HCFA or the OIG; and • Avoid conflicts with the selfreferral and anti-kickback statutes. The incorporation of compliance measures into a physician practice should not be at the expense of patient care, but instead should augment the ability of the physician practice to provide quality patient care. Voluntary compliance programs also provide benefits by not only helping to prevent erroneous or fraudulent claims, but also by showing that the physician practice is making additional good faith efforts to submit claims appropriately. Physicians should view compliance programs as analogous to practicing preventive medicine for their practice. Practices that embrace the active application of compliance principles in their practice culture and put efforts towards compliance on a continued basis can help to prevent problems from occurring in the future. A compliance program also sends an important message to a physician practice’s employees that while the practice recognizes that mistakes will occur, employees have an affirmative, ethical duty to come forward and report erroneous or fraudulent conduct, so that it may be corrected. 59436 Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices C. Application of Voluntary Compliance Program Guidance The applicability of these recommendations will depend on the circumstances and resources of the particular physician practice. Each physician practice can undertake reasonable steps to implement compliance measures, depending on the size and resources of that practice. Physician practices can rely, at least in part, upon standard protocols and current practice procedures to develop an appropriate compliance program for that practice. In fact, many physician practices already have established the framework of a compliance program without referring to it as such. D. The Difference Between ‘‘Erroneous’’ and ‘‘Fraudulent’’ Claims To Federal Health Programs There appear to be significant misunderstandings within the physician community regarding the critical differences between what the Government views as innocent ‘‘erroneous’’ claims on the one hand and ‘‘fraudulent’’ (intentionally or recklessly false) health care claims on the other. Some physicians feel that Federal law enforcement agencies have maligned medical professionals, in part, by a perceived focus on innocent billing errors. These physicians are under the impression that innocent billing errors can subject them to civil penalties, or even jail. These impressions are mistaken. To address these concerns, the OIG would like to emphasize the following points. First, the OIG does not disparage physicians, other medical professionals or medical enterprises. In our view, the great majority of physicians are working ethically to render high quality medical care and to submit proper claims. Second, under the law, physicians are not subject to criminal, civil or administrative penalties for innocent errors, or even negligence. The Government’s primary enforcement tool, the civil False Claims Act, covers only offenses that are committed with actual knowledge of the falsity of the claim, reckless disregard, or deliberate ignorance of the falsity of the claim.5 The False Claims Act does not encompass mistakes, errors, or negligence. The Civil Monetary Penalties Law, an administrative remedy, similar in scope and effect to the False Claims Act, has exactly the same standard of proof.6 The OIG is very mindful of the difference between 5 31 6 42 U.S.C. 3729. U.S.C. 1320a–7a. innocent errors (‘‘erroneous claims’’) on one hand, and reckless or intentional conduct (‘‘fraudulent claims’’) on the other. For criminal penalties, the standard is even higher—criminal intent to defraud must be proved beyond a reasonable doubt. Third, even ethical physicians (and their staffs) make billing mistakes and errors through inadvertence or negligence. When physicians discover that their billing errors, honest mistakes, or negligence result in erroneous claims, the physician practice should return the funds erroneously claimed, but without penalties. In other words, absent a violation of a civil, criminal or administrative law, erroneous claims result only in the return of funds claimed in error. Fourth, innocent billing errors are a significant drain on the Federal health care programs. All parties (physicians, providers, carriers, fiscal intermediaries, Government agencies, and beneficiaries) need to work cooperatively to reduce the overall error rate. Finally, it is reasonable for physicians (and other providers) to ask: what duty do they owe the Federal health care programs? The answer is that all health care providers have a duty to reasonably ensure that the claims submitted to Medicare and other Federal health care programs are true and accurate. The OIG continues to engage the provider community in an extensive, good faith effort to work cooperatively on voluntary compliance to minimize errors and to prevent potential penalties for improper billings before they occur. We encourage all physicians and other providers to join in this effort. II. Developing a Voluntary Compliance Program A. The Seven Basic Components of a Voluntary Compliance Program The OIG believes that a basic framework for any voluntary compliance program begins with a review of the seven basic components of an effective compliance program. A review of these components provides physician practices with an overview of the scope of a fully developed and implemented compliance program. The following list of components, as set forth in previous OIG compliance program guidances, can form the basis of a voluntary compliance program for a physician practice: • Conducting internal monitoring and auditing through the performance of periodic audits; • Implementing compliance and practice standards through the development of written standards and procedures; • Designating a compliance officer or contact(s) to monitor compliance efforts and enforce practice standards; • Conducting appropriate training and education on practice standards and procedures; • Responding appropriately to detected violations through the investigation of allegations and the disclosure of incidents to appropriate Government entities; • Developing open lines of communication, such as (1) discussions at staff meetings regarding how to avoid erroneous or fraudulent conduct and (2) community bulletin boards, to keep practice employees updated regarding compliance activities; and • Enforcing disciplinary standards through well-publicized guidelines. These seven components provide a solid basis upon which a physician practice can create a compliance program. The OIG acknowledges that full implementation of all components may not be feasible for all physician practices. Some physician practices may never fully implement all of the components. However, as a first step, physician practices can begin by adopting only those components which, based on a practice’s specific history with billing problems and other compliance issues, are most likely to provide an identifiable benefit. The extent of implementation will depend on the size and resources of the practice. Smaller physician practices may incorporate each of the components in a manner that best suits the practice. By contrast, larger physician practices often have the means to incorporate the components in a more systematic manner. For example, larger physician practices can use both this guidance and the Third-Party Medical Billing Compliance Program Guidance, which provides a more detailed compliance program structure, to create a compliance program unique to the practice. The OIG recognizes that physician practices need to find the best way to achieve compliance for their given circumstances. Specifically, the OIG encourages physician practices to participate in other provider’s compliance programs, such as the compliance programs of the hospitals or other settings in which the physicians practice. Physician Practice Management companies also may serve as a source of compliance program guidance. A physician practice’s participation in such compliance programs could be a way, at least partly, Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices to augment the practice’s own compliance efforts. The opportunities for collaborative compliance efforts could include participating in training and education programs or using another entity’s policies and procedures as a template from which the physician practice creates its own version. The OIG encourages this type of collaborative effort, where the content is appropriate to the setting involved (i.e., the training is relevant to physician practices as well as the sponsoring provider), because it provides a means to promote the desired objective without imposing excessive burdens on the practice or requiring physicians to undertake duplicative action. However, to prevent possible anti-kickback or self-referral issues, the OIG recommends that physicians consider limiting their participation in a sponsoring provider’s compliance program to the areas of training and education or policies and procedures. The key to avoiding possible conflicts is to ensure that the entity providing compliance services to a physician practice (its referral source) is not perceived as nor is it operating the practice compliance program at no charge. For example, if the sponsoring entity conducted claims review for the physician practice as part of a compliance program or provided compliance oversight without charging the practice fair market value for those services, the anti-kickback and Stark self-referral laws would be implicated. The payment of fair market value by referral sources for compliance services will generally address these concerns. B. Steps for Implementing a Voluntary Compliance Program As previously discussed, implementing a voluntary compliance program can be a multi-tiered process. Initial development of the compliance program can be focused on practice risk areas that have been problematic for the practice such as coding and billing. Within this area, the practice should examine its claims denial history or claims that have resulted in repeated overpayments, and identify and correct the most frequent sources of those denials or overpayments. A review of claim denials will help the practice scrutinize a significant risk area and improve its cash flow by submitting correct claims that will be paid the first time they are submitted. As this example illustrates, a compliance program for a physician practice often makes sound business sense. The following is a suggested order of the steps a practice could take to begin the development of a compliance program. The steps outlined below articulate all seven components of a compliance program and there are numerous suggestions for implementation within each component. Physician practices should keep in mind, as stated earlier, that it is up to the practice to determine the manner in which and the extent to which the practice chooses to implement these voluntary measures. Step One: Auditing and Monitoring An ongoing evaluation process is important to a successful compliance program. This ongoing evaluation includes not only whether the physician practice’s standards and procedures are in fact current and accurate, but also whether the compliance program is working, i.e., whether individuals are properly carrying out their responsibilities and claims are submitted appropriately. Therefore, an audit is an excellent way for a physician practice to ascertain what, if any, problem areas exist and focus on the risk areas that are associated with those problems. There are two types of reviews that can be performed as part of this evaluation: (1) A standards and procedures review; and (2) a claims submission audit. 1. Standards and Procedures It is recommended that an individual(s) in the physician practice be charged with the responsibility of periodically reviewing the practice’s standards and procedures to determine if they are current and complete. If the standards and procedures are found to be ineffective or outdated, they should be updated to reflect changes in Government regulations or compendiums generally relied upon by physicians and insurers (i.e., changes in Current Procedural Terminology (CPT) and ICD–9–CM codes). 2. Claims Submission Audit In addition to the standards and procedures themselves, it is advisable that bills and medical records be reviewed for compliance with applicable coding, billing and documentation requirements. The individuals from the physician practice involved in these self-audits would ideally include the person in charge of billing (if the practice has such a person) and a medically trained person (e.g., registered nurse or preferably a physician (physicians can rotate in this position)). Each physician practice needs to decide for itself whether to review claims retrospectively or concurrently with the claims submission. In the Third-Party Medical 59437 Billing Compliance Program Guidance, the OIG recommended that a baseline, or ‘‘snapshot,’’ be used to enable a practice to judge over time its progress in reducing or eliminating potential areas of vulnerability. This practice, known as ‘‘benchmarking,’’ allows a practice to chart its compliance efforts by showing a reduction or increase in the number of claims paid and denied. The practice’s self-audits can be used to determine whether: • Bills are accurately coded and accurately reflect the services provided (as documented in the medical records); • Documentation is being completed correctly; • Services or items provided are reasonable and necessary; and • Any incentives for unnecessary services exist. A baseline audit examines the claim development and submission process, from patient intake through claim submission and payment, and identifies elements within this process that may contribute to non-compliance or that may need to be the focus for improving execution.7 This audit will establish a consistent methodology for selecting and examining records, and this methodology will then serve as a basis for future audits. There are many ways to conduct a baseline audit. The OIG recommends that claims/services that were submitted and paid during the initial three months after implementation of the education and training program be examined, so as to give the physician practice a benchmark against which to measure future compliance effectiveness. Following the baseline audit, a general recommendation is that periodic audits be conducted at least once each year to ensure that the compliance program is being followed. Optimally, a randomly selected number of medical records could be reviewed to ensure that the coding was performed accurately. Although there is no set formula to how many medical records should be reviewed, a basic guide is five or more medical records per Federal payor (i.e., Medicare, Medicaid), or five to ten medical records per physician. The OIG realizes that physician practices receive reimbursement from a number of different payors, and we would encourage a physician practice’s auditing/monitoring process to consist of a review of claims from all Federal payors from which the practice receives reimbursement. Of course, the larger the sample size, the larger the comfort level 7 See Appendix D.II. referencing the Provider Self-Disclosure Protocol for information on how to conduct a baseline audit. 59438 Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices the physician practice will have about the results. However, the OIG is aware that this may be burdensome for some physician practices, so, at a minimum, we would encourage the physician practice to conduct a review of claims that have been reimbursed by Federal health care programs. If problems are identified, the physician practice will need to determine whether a focused review should be conducted on a more frequent basis. When audit results reveal areas needing additional information or education of employees and physicians, the physician practice will need to analyze whether these areas should be incorporated into the training and educational system. There are many ways to identify the claims/services from which to draw the random sample of claims to be audited. One methodology is to choose a random sample of claims/services from either all of the claims/services a physician has received reimbursement for or all claims/services from a particular payor. Another method is to identify risk areas or potential billing vulnerabilities. The codes associated with these risk areas may become the universe of claims/ services from which to select the sample. The OIG recommends that the physician practice evaluate claims/ services selected to determine if the codes billed and reimbursed were accurately ordered, performed, and reasonable and necessary for the treatment of the patient. One of the most important components of a successful compliance audit protocol is an appropriate response when the physician practice identifies a problem. This action should be taken as soon as possible after the date the problem is identified. The specific action a physician practice takes should depend on the circumstances of the situation. In some cases, the response can be as straight forward as generating a repayment with appropriate explanation to Medicare or the appropriate payor from which the overpayment was received. In others, the physician practice may want to consult with a coding/billing expert to determine the next best course of action. There is no boilerplate solution to how to handle problems that are identified. It is a good business practice to create a system to address how physician practices will respond to and report potential problems. In addition, preserving information relating to identification of the problem is as important as preserving information that tracks the physician practice’s reaction to, and solution for, the issue. Step 2: Establish Practice Standards and Procedures After the internal audit identifies the practice’s risk areas, the next step is to develop a method for dealing with those risk areas through the practice’s standards and procedures. Written standards and procedures are a central component of any compliance program. Those standards and procedures help to reduce the prospect of erroneous claims and fraudulent activity by identifying risk areas for the practice and establishing tighter internal controls to counter those risks, while also helping to identify any aberrant billing practices. Many physician practices already have something similar to this called ‘‘practice standards’’ that include practice policy statements regarding patient care, personnel matters and practice standards and procedures on complying with Federal and State law. The OIG believes that written standards and procedures can be helpful to all physician practices, regardless of size and capability. If a lack of resources to develop such standards and procedures is genuinely an issue, the OIG recommends that a physician practice focus first on those risk areas most likely to arise in its particular practice.8 Additionally, if the physician practice works with a physician practice management company (PPMC), independent practice association (IPA), physician-hospital organization, management services organization (MSO) or third-party billing company, the practice can incorporate the compliance standards and procedures of those entities, if appropriate, into its own standards and procedures. Many physician practices have found that the adoption of a third party’s compliance standards and procedures, as appropriate, has many benefits and the result is a consistent set of standards and procedures for a community of physicians as well as having just one entity that can then monitor and refine the process as needed. This sharing of compliance responsibilities assists physician practices in rural areas that do not have the staff to perform these functions, but do belong to a group that does have the resources. Physician practices using another entity’s compliance materials will need to tailor those materials to the physician practice where they will be applied. Physician practices that do not have standards or procedures in place can develop them by: (1) Developing a 8 Physician practices with laboratories or arrangements with third-party billing companies can also check the risk areas included in the OIG compliance program guidance for those industries. written standards and procedures manual; and (2) updating clinical forms periodically to make sure they facilitate and encourage clear and complete documentation of patient care. A practice’s standards could also identify the clinical protocol(s), pathway(s), and other treatment guidelines followed by the practice. Creating a resource manual from publicly available information may be a cost-effective approach for developing additional standards and procedures. For example, the practice can develop a ‘‘binder’’ that contains the practice’s written standards and procedures, relevant HCFA directives and carrier bulletins, and summaries of informative OIG documents (e.g., Special Fraud Alerts, Advisory Opinions, inspection and audit reports).9 If the practice chooses to adopt this idea, the binder should be updated as appropriate and located in a readily accessible location. If updates to the standards and procedures are necessary, those updates should be communicated to employees to keep them informed regarding the practice’s operations. New employees can be made aware of the standards and procedures when hired and can be trained on their contents as part of their orientation to the practice. The OIG recommends that the communication of updates and training of new employees occur as soon as possible after either the issuance of a new update or the hiring of a new employee. 1. Specific Risk Areas The OIG recognizes that many physician practices may not have in place standards and procedures to prevent erroneous or fraudulent conduct in their practices. In order to develop standards and procedures, the physician practice may consider what types of fraud and abuse related topics need to be addressed based on its specific needs. One of the most important things in making that determination is a listing of risk areas where the practice may be vulnerable. To assist physician practices in performing this initial assessment, the OIG has developed a list of four potential risk areas affecting physician practices. These risk areas include: (a) Coding and billing; (b) reasonable and necessary services; (c) documentation; 9 The OIG and HCFA are working to compile a list of basic documents issued by both entities that could be included in such a binder. We expect to complete this list later this fall, and will post it on the OIG and HCFA web sites, as well as publicize this list to physician organizations and representatives (information on how to contact the OIG is contained in Footnote 3; HCFA information can be obtained at www.hcfa.gov/medlearn or by calling 1–800–MEDICARE). Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices and (d) improper inducements, kickbacks and self-referrals. This list of risk areas is not exhaustive, or allencompassing. Rather, it should be viewed as a starting point for an internal review of potential vulnerabilities within the physician practice.10 The objective of such an assessment is to ensure that key personnel in the physician practice are aware of these major risk areas and that steps are taken to minimize, to the extent possible, the types of problems identified. While there are many ways to accomplish this objective, clear written standards and procedures that are communicated to all employees are important to ensure the effectiveness of a compliance program. Specifically, the following are discussions of risk areas for physician practices: 11 a. Coding and Billing. A major part of any physician practice’s compliance program is the identification of risk areas associated with coding and billing. The following risk areas associated with billing have been among the most frequent subjects of investigations and audits by the OIG: • Billing for items or services not rendered or not provided as claimed; 12 • Submitting claims for equipment, medical supplies and services that are not reasonable and necessary; 13 • Double billing resulting in duplicate payment; 14 10 Physician practices seeking additional guidance on potential risk areas can review the OIG’s Work Plan to identify vulnerabilities and risk areas on which the OIG will focus in the future. In addition, physician practices can also review the OIG’s semiannual reports, which identify program vulnerabilities and risk areas that the OIG has targeted during the preceding six months. All of these documents are available on the OIG’s webpage at http://www.hhs.gov/oig. 11 Appendix A of this document lists additional risk areas that a physician practice may want to review and incorporate into their practice standards and procedures. 12 For example, Dr. X, an ophthalmologist, billed for laser surgery he did not perform. As one element of proof, he did not even have laser equipment or access to such equipment at the place of service designated on the claim form where he performed the surgery. 13 Billing for services, supplies and equipment that are not reasonable and necessary involves seeking reimbursement for a service that is not warranted by a patient’s documented medical condition. See 42 U.S.C. 1395i(a)(1)(A) (‘‘no payment may be made under part A or part B [of Medicare] for any expenses incurred for items or services which * * * are not reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of the malformed body member’’). See also Appendix A for further discussion on this topic. 14 Double billing occurs when a physician bills for the same item or service more than once or another party billed the Federal health care program for an item or service also billed by the physician. Although duplicate billing can occur due to simple error, the knowing submission of duplicate claims—which is sometimes evidenced by • Billing for non-covered services as if covered; 15 • Knowing misuse of provider identification numbers, which results in improper billing; 16 • Unbundling (billing for each component of the service instead of billing or using an all-inclusive code); 17 • Failure to properly use coding modifiers; 18 • Clustering; 19 and • Upcoding the level of service provided.20 The physician practice written standards and procedures concerning proper coding reflect the current reimbursement principles set forth in applicable statutes, regulations 21 and systematic or repeated double billing—can create liability under criminal, civil, and/or administrative law. 15 For example, Dr. Y bills Medicare using a covered office visit code when the actual service was a non-covered annual physical. Physician practices should remember that ‘‘necessary’’ does not always constitute ‘‘covered’’ and that this example is a misrepresentation of services to the Federal health care programs. 16 An example of this is when the practice bills for a service performed by Dr. B, who has not yet been issued a Medicare provider number, using Dr. A’s Medicare provider number. Physician practices need to bill using the correct Medicare provider number, even if that means delaying billing until the physician receives his/her provider number. 17 Unbundling is the practice of a physician billing for multiple components of a service that must be included in a single fee. For example, if dressings and instruments are included in a fee for a minor procedure, the provider may not also bill separately for the dressings and instruments. 18 A modifier, as defined by the CPT–4 manual, provides the means by which a physician practice can indicate a service or procedure that has been performed has been altered by some specific circumstance, but not changed in its definition or code. Assuming the modifier is used correctly and appropriately, this specificity provides the justification for payment for those services. For correct use of modifiers, the physician practice should reference the appropriate sections of the Medicare Provider Manual. See Medicare Carrier Manual Section 4630. For general information on the correct use of modifiers, a physician practice can consult the National Correct Coding Initiative (NCCI). See Appendix F for information on how to download the NCCI edits. The NCCI coding edits are updated on a quarterly basis and are used to process claims and determine payments to physicians. 19 This is the practice of coding/charging one or two middle levels of service codes exclusively, under the philosophy that some will be higher, some lower, and the charges will average out over an extended period (in reality, this overcharges some patients while undercharging others). 20 Upcoding is billing for a more expensive service than the one actually performed. For example, Dr. X intentionally bills at a higher evaluation and management (E&M) code than what he actually renders to the patient. 21 The official coding guidelines are promulgated by HCFA, the National Center for Health Statistics, the American Hospital Association, the American Medical Association and the American Health Information Management Association. See International Classification of Diseases, 9th Revision, Clinical Modification (ICD–9 CM)(and its successors); 1998 Health Care Financing 59439 Federal, State or private payor health care program requirements and should be developed in tandem with coding and billing standards used in the physician practice. Furthermore, written standards and procedures should ensure that coding and billing are based on medical record documentation. Particular attention should be paid to issues of appropriate diagnosis codes and individual Medicare Part B claims (including documentation guidelines for evaluation and management services).22 A physician practice can also institute a policy that the coder and/or physician review all rejected claims pertaining to diagnosis and procedure codes. This step can facilitate a reduction in similar errors. b. Reasonable and Necessary Services. A practice’s compliance program may provide guidance that claims are to be submitted only for services that the physician practice finds to be reasonable and necessary in the particular case. The OIG recognizes that physicians should be able to order any tests, including screening tests, they believe are appropriate for the treatment of their patients. However, a physician practice should be aware that Medicare will only pay for services that meet the Medicare definition of reasonable and necessary.23 Medicare (and many insurance plans) may deny payment for a service that is not reasonable and necessary according to the Medicare reimbursement rules. Thus, when a physician provides services to a Medicare beneficiary, he or she should only bill those services that meet the Medicare standard of being reasonable and necessary for the diagnosis and treatment of a patient. A physician practice can bill in order to receive a denial for services, but only if the denial is needed for reimbursement from the secondary payor. Upon request, the physician practice should be able to provide documentation, such as a patient’s medical records and Administration Common Procedure Coding System (HCPCS) (and its successors); and Physicians’ CPT. In addition, there are specialized coding systems for specific segments of the health care industry. Among these are ADA (for dental procedures), DSM IV (psychiatric health benefits) and DMERCs (for durable medical equipment, prosthetics, orthotics and supplies). 22 The failure of a physician practice to: (i) document items and services rendered; and (ii) properly submit the corresponding claims for reimbursement is a major area of potential erroneous or fraudulent conduct involving Federal health care programs. The OIG has undertaken numerous audits, investigations, inspections and national enforcement initiatives in these areas. 23 ‘‘* * * for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member.’’ 42 U.S.C. 1395y(a)(1)(A). 59440 Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices physician’s orders, to support the appropriateness of a service that the physician has provided. c. Documentation. Timely, accurate and complete documentation is important to clinical patient care. This same documentation serves as a second function when a bill is submitted for payment, namely, as verification that the bill is accurate as submitted. Therefore, one of the most important physician practice compliance issues is the appropriate documentation of diagnosis and treatment. Physician documentation is necessary to determine the appropriate medical treatment for the patient and is the basis for coding and billing determinations. Thorough and accurate documentation also helps to ensure accurate recording and timely transmission of information. i. Medical Record Documentation. In addition to facilitating high quality patient care, a properly documented medical record verifies and documents precisely what services were actually provided. The medical record may be used to validate: (a) The site of the service; (b) the appropriateness of the services provided; (c) the accuracy of the billing; and (d) the identity of the care giver (service provider). Examples of internal documentation guidelines a practice might use to ensure accurate medical record documentation include the following: 24 • The medical record is complete and legible; • The documentation of each patient encounter includes the reason for the encounter; any relevant history; physical examination findings; prior diagnostic test results; assessment, clinical impression, or diagnosis; plan of care; and date and legible identity of the observer; • If not documented, the rationale for ordering diagnostic and other ancillary services can be easily inferred by an independent reviewer or third party who has appropriate medical training; • CPT and ICD–9–CM codes used for claims submission are supported by documentation and the medical record; and • Appropriate health risk factors are identified. The patient’s progress, his or her response to, and any changes in, treatment, and any revision in diagnosis is documented. 24 For additional information on proper documentation, physician practices should also reference the Documentation Guidelines for Evaluation and Management Services, published by HCFA. Currently, physicians may document based on the 1995 or 1997 E&M Guidelines, whichever is most advantageous to the physician. A new set of draft guidelines were announced in June 2000, and are undergoing pilot testing and revision, but are not in current use. The CPT and ICD–9–CM codes reported on the health insurance claims form should be supported by documentation in the medical record and the medical chart should contain all necessary information. Additionally, HCFA and the local carriers should be able to determine the person who provided the services. These issues can be the root of investigations of inappropriate or erroneous conduct, and have been identified by HCFA and the OIG as a leading cause of improper payments. One method for improving quality in documentation is for a physician practice to compare the practice’s claim denial rate to the rates of other practices in the same specialty to the extent that the practice can obtain that information from the carrier. Physician coding and diagnosis distribution can be compared for each physician within the same specialty to identify variances. ii. HCFA 1500 Form. Another documentation area for physician practices to monitor closely is the proper completion of the HCFA 1500 form. The following practices will help ensure that the form has been properly completed: • Link the diagnosis code with the reason for the visit or service; • Use modifiers appropriately; • Provide Medicare with all information about a beneficiary’s other insurance coverage under the Medicare Secondary Payor (MSP) policy, if the practice is aware of a beneficiary’s additional coverage. d. Improper Inducements, Kickbacks and Self-Referrals. A physician practice would be well advised to have standards and procedures that encourage compliance with the antikickback statute 25 and the physician self-referral law.26 Remuneration for referrals is illegal because it can distort medical decision-making, cause overutilization of services or supplies, increase costs to Federal health care 25 The anti-kickback statute provides criminal penalties for individuals and entities that knowingly offer, pay, solicit, or receive bribes or kickbacks or other remuneration in order to induce business reimbursable by Federal health care programs. See 42 U.S.C. 1320a–7b(b). Civil penalties, exclusion from participation in the Federal health care programs, and civil False Claims Act liability may also result from a violation of the prohibition. See 42 U.S.C. 1320a–7a(a)(5), 42 U.S.C. 1320a–7(b)(7), and 31 U.S.C. 3729–3733. 26 The physician self-referral law, 42 U.S.C. 1395nn (also known as the ‘‘Stark law’’), prohibits a physician from making a referral to an entity with which the physician or any member of the physician’s immediate family has a financial relationship if the referral is for the furnishing of designated health services, unless the financial relationship fits into an exception set forth in the statute or implementing regulations. programs, and result in unfair competition by shutting out competitors who are unwilling to pay for referrals. Remuneration for referrals can also affect the quality of patient care by encouraging physicians to order services or supplies based on profit rather than the patients’ best medical interests.27 In particular, arrangements with hospitals, hospices, nursing facilities, home health agencies, durable medical equipment suppliers, pharmaceutical manufacturers and vendors are areas of potential concern. In general the antikickback statute prohibits knowingly and willfully giving or receiving anything of value to induce referrals of Federal health care program business. It is generally recommended that all business arrangements wherein physician practices refer business to, or order services or items from, an outside entity should be on a fair market value basis.28 Whenever a physician practice intends to enter into a business arrangement that involves making referrals, the arrangement should be reviewed by legal counsel familiar with the anti-kickback statute and physician self-referral statute. In addition to developing standards and procedures to address arrangements with other health care providers and suppliers, physician practices should also consider implementing measures to avoid offering inappropriate inducements to patients.29 Examples of such inducements include routinely waiving coinsurance or deductible amounts without a good faith determination that the patient is in financial need or failing to make reasonable efforts to collect the costsharing amount.30 Possible risk factors relating to this risk area that could be addressed in the practice’s standards and procedures include: • Financial arrangements with outside entities to whom the practice 27 See Appendix B for additional information on the anti-kickback statute. 28 The OIG’s definition of ‘‘fair market value’’ excludes any value attributable to referrals of Federal program business or the ability to influence the flow of such business. See 42 U.S.C. 1395nn(h)(3). Adhering to the rule of keeping business arrangements at fair market value is not a guarantee of legality, but is a highly useful general rule. 29 See 42 U.S.C. 1320a–7a(a)(5). 30 In the OIG Special Fraud Alert ‘‘Routine Waiver of Part B Co-payments/Deductibles’’ (May 1991), the OIG describes several reasons why routine waivers of these cost-sharing amounts pose concerns. The Alert sets forth the circumstances under which it may be appropriate to waive these amounts. See also 42 U.S.C. 1320a–7a(a)(5). Federal Register / Vol. 65, No. 194 / Thursday, October 5, 2000 / Notices may refer Federal health care program business;31 • Joint ventures with entities supplying goods or services to the physician practice or its patients;32 • Consulting contracts or medical directorships; • Office and equipment leases with entities to which the physician refers; and • Soliciting, accepting or offering any gift or gratuity of more than nominal value to or from those who may benefit from a physician practice’s referral of Federal health care program business.33 In order to keep current with this area of the law, a physician practice may obtain copies, available on the OIG web site or in hard copy from the OIG, of all relevant OIG Special Fraud Alerts and Advisory Opinions that address the application of the anti-kickback and physician self-referral laws to ensure that the standards and procedures reflect current positions and opinions. 2. Retention of Records In light of the documentation requirements faced by physician practices, it would be to the practice’s benefit if its standards and procedures contained a section on the retention of compliance, business and medical records. These records primarily include documents relating to patient care and the practice’s business activities. A physician practice’s designated compliance contact could keep an updated binder or record of these documents, including information relating to compliance activities. The primary compliance documents that a practice would want to retain are those that relate to educational activities, internal investigations and internal audit results. We suggest that particular attention should be paid to 31 All physician contracts and agreements with parties in a position to influence Federal health care program business or to whom the doctor is in such a position to influence should be reviewed to avoid violation of the anti-kickback, self-referral, and other relevant Federal and State laws. The OIG has published safe harbors that define practices not subject to the anti-kickback statute, because such arrangements would be unlikely to result in fraud or abuse. Failure to comply with a safe harbor provision does not make an arrangement per se illegal. Rather, the safe harbors set forth specific conditions that, if fully met, would assure the entities involved of not being prosecuted or sanctioned for the arrangement qualifying for the safe harbor. One such safe harbor applies to personal services contracts. See 42 CFR 1001.952(d). 32 See OIG Special Fraud Alert ‘‘Joint Venture Arrangements’’ (August 1989) available on the OIG web site at http://www.hhs.gov/oig. See also OIG Advisory Opinion 97–5. 33 Physician practices should establish clear standards and procedures governing gift-giving because such exchanges may be viewed as inducements to influence business decisions. documenting investigations of potential violations uncovered by the compliance program and the resulting remedial action. Although there is no requirement that the practice retain its compliance records, having all the relevant documentation relating to the practice’s compliance efforts or handling of a particular problem can benefit the practice should it ever be questioned regarding those activities. Physician practices that implement a compliance program might also want to provide for the development and implementation of a records retention system. This system would establish standards and procedures regarding the creation, distribution, retention, and destruction of documents. If the practice decides to design a record system, privacy concerns and Federal or State regulatory requirements should be taken into consideration.34 While conducting its compliance activities, as well as its daily operations, a physician practice would be well advised, to the extent it is possible, to document its efforts to comply with applicable Federal health care program requirements. For example, if a physician practice requests advice from a Government agency (including a Medicare carrier) charged with administering a Federal health care program, it is to the benefit of the practice to document and retain a record of the request and any written or oral response (or nonresponse). This step is extremely important if the practice intends to rely on that response to guide it in future decisions, actions, or claim reimbursement requests or appeals. In short, it is in the best interest of all physician practices, regardless of size, to have procedures to create and retain appropriate documentation. The following record retention guidelines are suggested: • The length of time that a practice’s records are to be retained can be specified in the physician practice’s standards and procedures (Federal and State statutes should be consulted for specific time frames, if applicable); • Medical records (if in the possession of the physician practice) need to be secured against loss, destruction, unauthorized access, unauthorized reproduction, corruption, or damage; and 34 There are various Federal regulations governing the privacy of patient records and the retention of certain types of patient records. Many states also have record retention statutes. Practices should check with their state medical society and/or affiliated professional association for assistance in ascertaining these requirements for their particular specialty and location. 59441 • Standards and procedures can stipulate the disposition of medical records in the event the practice is sold or closed. Step Three: Designation of a Compliance Officer/Contact(s) After the audits have been completed and the risk areas identified, ideally one member of the physician practice staff needs to accept the responsibility of developing a corrective action plan, if necessary, and oversee the practice’s adherence to that plan. This person can either be in charge of all compliance activities for the practice or play a limited role merely to resolve the current issue. In a formalized institutional compliance program there is a compliance officer who is responsible for overseeing the implementation and day-to-day operations of the compliance program. However, the resource constraints of physici...
Purchase answer to see full attachment