The CERT study gives one the opportunity to identify potential errors the same way that the auditors do.
With nearly a million physicians in this country, how do auditing organizations determine who to audit? As of 2011, a total of 100 percent of Medicare fee-for-service claims started being passed through the Fraud Prevention System: a series of predictive analytics algorithms that help identify claims that may have been billed incorrectly.
But while those results help to target particularly high-risk providers, there is much more to the “audit/don’t audit” decision than just risk. For most auditors, because they are private contractors, their remuneration, bonuses, and/or contract continuation are tied to results – and make no mistake, results are measured in dollars returned to the trust fund. So before an auditor embarks on an audit, it may engage in some form of expected value (EV) calculation that they use to determine the return on investment (ROI).
Calculating EV and ROI requires some advance notion of how much the auditor is likely to find in overpayments versus the cost of doing the audit. And for these types of calculations, many will rely upon the CERT, or the Comprehensive Error Rate Testing study.
CERT
The Centers for Medicare & Medicaid Services (CMS) established the CERT program to calculate a national paid claims error rate for all Medicare fee-for-service programs. The CERT program calculates the error rates for all Medicare Administrative Contractors (MACs), carriers, and fiscal intermediaries (FIs). Reading the CERT documentation, one might find themselves under the impression that records are obtained only from the contractor. This, however, is not the case. In order to assess things like medical necessity, proper documentation, and the like, the agency also requests the medical records from the practices that match the claims samples, adding to the administrative costs of doing business. In general, the sampling methodology includes the following:
It’s also important to note that CMS counts underpayments as errors, as well as overpayments. For the 2017 fiscal year, CMS paid out some $390 billion in claims, and of these, around $36 billion (9.5 percent) were paid in error. This simply means that, in the opinion of the auditor, the claim was paid in part or full disagreement with established guidelines, rules, and regulations – or in contrast to the documentation provided. Regarding the 9.5 percent error rate, 0.3 percent represented underpayments. Now, while that may seem trivial, 0.3 percent of $390 billion is over $1 billion, which I would not consider to be crumbs. For example, procedure code 99212 was underpaid 16.9 percent of the time. If you reported 10,000 of these last year, it is statistically likely that some 1,700 were underpaid (or under-documented). So while you are creating your risk assessment, it is probably a good idea to create an opportunity assessment as well.
Within the study, CERT specifies the reason for the improper payment. For example, for 2017, a total of 64.1 percent of claims were paid when it was later determined that there was not sufficient documentation to support the procedure or service. A total of 13.1 percent of payments were made in error due to incorrect coding, while medically unnecessary errors accounted for 17.5 percent of all improperly paid claims. I find the latter statistic interesting, because my experience is that many in our industry consider medical necessity to be the most important coding and billing issue. According to CERT, insufficient documentation accounts for nearly five times the number of error determinations.
From the compliance officer’s perspective, CERT can be a gold mine for building a risk assessment because the study looks at error rates for specific procedure codes, which brings us back to our point on profiling. If CERT identifies specific procedure codes that are associated with high error rates, then it’s only a matter of time before those same codes are used by the auditing agencies as a primer to develop an audit risk profile. Looking at the error rate also provides the auditors with the base data for their EV calculations.
Looking at the 2017 report, for example, we see that CERT reported that of all the 99233 codes reviewed, over 50 percent were paid in error. Of the 99214 codes reviewed, 7.1 percent were paid in error. For calendar year 2016, a total of 23,702,514 claims that included 99233 were submitted to CMS, which paid out $1.8 billion to those providers. If, as stated above, half were paid in error, then nearly $900 million was paid improperly. Imagine for a moment that you are an auditor and you come across a practice that got paid a million dollars on code 99233 last year. Statistically speaking, that means that there is a 50 percent probability that at least half of those were overpaid. This is an easy step from EV to ROI. For 99214, CMS paid out around $7 billion for 103 million encounters, at an error rate of 7.1 percent; this would account for nearly $500 million in potential improper payments. And the list goes on.
The point is this: these auditing agencies, some of which are paid a commission on what they are able to recover from a practice, are going to go for the low-hanging fruit first. So a practice that is reporting a higher number of these 99233 and 99214 codes than their peers may substantially increase their risk of audit and review.
The takeaway here, at least for me, is that the CERT study gives me the opportunity to identify potential errors the same way that the auditors do. And for my money, that’s something you can take to the bank.
And that’s the world according to Frank.
Combat is often described as hours of boredom intermixed with moments of sheer terror. I fear that that metaphor is increasingly applicable to Medicare enrollment. Few
Let’s start with a recent (U.S. Department of Health and Human Services Office of Inspector General) OIG audit of a Medicare Advantage plan. Now these
Please log in to your account to comment on this article.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s second quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
