When the federal Public Health Emergency (PHE) ended on May 11, many of the waivers that kept external audits in check also vanished. As a result, healthcare organizations are bracing for an influx of demand letters, claim changes, and heightened regulatory and billing practice scrutiny by Recovery Audit Contractors (RACs), Medicare Administrative Contractors (MACs), Supplemental Medical Review Contractors (SMRCs), Unified Program Integrity Contractors (UPICs), Targeted Probe-and-Educate (TPEs), Comprehensive Error Rate Testing (CERT), and commercial payors.
The uptick in audit activity doesn’t have to leave provider organizations exposed, however. Proper planning and a well-designed external audit strategy can ensure a rapid, effective, and compliant response while mitigating future risk.
Endings and New Beginnings
When it was first declared in January 2020, the PHE created waivers, exceptions, and flexibilities for nearly 200 federal regulations. Most fell under section 1135 of the Social Security Act, which allows the Centers for Medicare & Medicaid Services (CMS) to temporarily waive or modify certain Medicare, Medicaid, and Children’s Health Insurance Program (CHIP) requirements to ensure the sufficient availability of healthcare items and services. It also ensures that providers who deliver such services can be reimbursed and exempted from sanctions (absent any determination of fraud or abuse).
CMS processed more than 250,000 such waiver requests throughout the COVID-19 pandemic. By doing so, it eased providers’ regulatory burden, and as a result, reduced the number of audits most had to deal with over the three-year period. That changed with the end of the PHE, which reverted many things back to their pre-pandemic status – including billing patterns. For example:
- The end of Stark Law waivers means CMS will no longer permit the 18 types of referrals and remunerations temporarily allowed under pandemic rules.
- Without the Emergency Medical Treatment and Active Labor Act (EMTALA) waivers, hospitals cannot screen patients at offsite locations.
- A three-day hospitalization is once again required for coverage of skilled nursing facility (SNF) stays.
- Hotlines are being shut down for physicians, practitioners, and Part A certified providers and suppliers that created isolation facilities to enroll and receive temporary Medicare billing privileges.
- Leniencies that meant easy cancellation of and or early enrollment in Medicare to provide care to more patients are over.
The end of the PHE also ushered in a series of changes that require healthcare organizations to pivot when it comes to workflows and processes, including an end to the submission of Medicaid claims using the modifier code CR (Catastrophe/Disaster). It also exposes them to additional documentation requests (ADRs) covering the previous three years, focused on COVID-related charges, aggressive clawbacks, and an uptick in DRG downgrades.
Knowledge is Power
The first course of action for revenue cycle leaders is to arm themselves with as much information as possible about the short- and long-term impacts the termination of the PHE will have on the cadence and volume of external audits. Start by evaluating which waivers and other flexibilities your organization availed itself of during the pandemic, then review CMS guidance to determine what has changed. This information can then be used to help create a roadmap for how the affected changes must be phased out of organizational processes.
It is also important to understand the other trends impacting external audits. Among these are the 2023 Evaluation & Management (E&M) code changes, as well as payors’ use of advanced artificial intelligence (AI) and machine learning (ML) tools to analyze and adjudicate claims prior to payment. Medicare Advantage (MA) plans will also continue to be an area of focus, particularly considering a recent U.S. Department of Health and Human Services (HHS) Office of the Inspector General (OIG) report that determined Medicare made more than $50 billion in overpayments related to diagnoses that were not supported by medical records – funds CMS is determined to recoup.
Our own analysis in the 2022 Annual Benchmark Report revealed specific areas of focus when it comes to external audits, which can help with preparing for this coming uptick:
- Physician billing: surgeries with multiple services performed by the same surgeon – which must be billed together and cannot be billed separately by different physicians – and telehealth.
- Outpatient billing: surgeries such as orthopedic, spine, and neurosurgery; specialty drugs and clinical justification for units administered for treatment; hospital observation care services; implants/medical devices; and laboratory services (chemistry, general classification, hematology, immunology, bacterial).
- Inpatient billing: short-stay inpatient; rehabilitation facility care; DRGs driving higher healthcare costs; sepsis; cardiology; digestive system; and kidney.
- Payor mix: closely monitor payor mix, with a particular focus on Medicare and Medicare Advantage segments for high-cost services (HCCs, CCs/MCCs and DRGs).
Federal agencies have also published fact sheets, which can help when it comes to reassessing post-PHE billing compliance. This should include a re-evaluation of service delivery platforms and business models, particularly as they pertain to telehealth. Solicit feedback from the revenue cycle team on internal controls and monitoring related to waiver-centric billing and conduct a Health Insurance Portability and Accountability Act (HIPAA) evaluation, again with a particular focus on telehealth.
Call for Action
Once you’re fully informed, it’s time to conduct analytics-enhanced pre-emptive monitoring audits of high-target areas, which include telehealth services, sites of services, and laboratory services. Other impacted billing practices should also be scrutinized, particularly as they relate to COVID-19 codes (including boosters and vaccines); high-risk diagnostic codes and HCCs; 2023 and 2024 inpatient rehabilitation facility (IRF) and inpatient psychiatric facility (IPF) care; and specialty drugs and biosimilars.
Implementing a robust ADR program, if not already in place, will help streamline and manage the influx of external payor requests. This should focus heavily – but not exclusively – on COVID-related charges, as use of the CR modifier will no longer be permitted. An ADR program is also a key component of a comprehensive, proactive audit management program that addresses the six measures of audit preparedness:
- Request: management of requests.
- Respond: respond to requests via electronic submission of medical documentation (esMD) or other means.
- Evaluate: determine appeal options based on audit findings.
- Educate: educate providers and coders based on audit results.
- Analyze: identify trends within external audits.
- Audit: proactively identify and correct issues.
Effective audit management processes can mean the difference between success and failure of an organization’s audit response. Those that don’t have robust external audit workflows in place typically lose more than half of the dollars being challenged in an audit. Conversely, healthcare organizations that have a technology-enabled process in place retain as much as 99 percent of all audited dollars – without the need for an appeal. Ohio State University Physicians, for example, implemented an external audit workflow tool, and within six months, they were retaining 99.87 percent of high-risk dollars and saw 97.4 percent of their cases approved with a final outcome.
The most effective external audit management solutions will bring together five integrated components to ensure that audit responses are completed in a timely and compliant manner. These are:
- Workflow: Standard or custom workflow templates streamline the creation and management of a single trackable audit, and monitor progress and results through ad-hoc and management reporting capabilities.
- Task management: Leveraging curated sets of tasks that can be assigned within audits simplifies coordination management of ongoing activities, and results in the tracking of due dates and the creation of reports on assignments and progress.
- Document management: Integrated storage within a centralized HIPAA-compliant repository allows support documents to be attached to audits and shared internally or externally.
- Analytics: One single view of all activity and insights associated with external audits that can outline the efficiency of your process and financial impact of revenue retention to your executives in real time.
- esMD: Expedite audit responses, and subsequently, revenue retention, by eliminating manual processes and paperwork with electronic submission of medical and other documentation.
When integrated with a larger billing compliance and revenue integrity platform, automated external audit workflow tools can also enhance cross-departmental collaboration and productivity, allowing compliance teams to meet demanding audit workloads and schedules.
Prepare for the Inevitable
The addition of the PHE’s end to the list of trends driving up the volume of external audits makes it all but inevitable that any given healthcare organization will soon be on the receiving end of a demand letter, regardless of the care it has taken to ensure compliance. When revenue cycle leadership and their teams are armed with knowledge, strategies, analytics insights, and proper workflow tools, the likelihood of a successful audit outcome and timely revenue retention increases exponentially.
Given the current macroeconomic environment, every healthcare organization has an opportunity to digitize their manual workflows, delivering a rapid return on investment (ROI) through accelerated audit management and more successful outcomes.
About the Author: Ritesh Ramesh is CEO of MDaudit, a leading health IT company that harnesses its proven track record and the power of analytics to allow the nation’s premier healthcare organizations to mitigate compliance risk and retain revenue.