Fig. 1 An active compliance program includes regular internal audits to ensure coding patterns are generally in sync with Medicare data. The E/M Analyzer included in AAOS' Orthopaedic Code-X product is an electronic spreadsheet-based tool that enables practices to view and compare E/M usage patterns. For example, this sample graph identifies but does not preclude the usage of Level 4 if medical necessity and a review of corresponding documentation support the coding. Practice compliance programs should include regular tests to ensure that higher level codes are supported.


Published 7/1/2016
Cheryl Toth, MBA

OIG Says "No Bonus Points" for Having a Compliance Plan

New announcements and guidance push providers toward an active program
If your practice is targeted for a Medicare audit, the Office of the Inspector General (OIG) will no longer give you points for having a compliance plan on the shelf. Unless you've operationalized that plan into an active program, it's not going to garner any leniency with the auditors, according to Inspector General Daniel Levinson, who announced new compliance guidance at the 2016 Health Care Compliance Association conference.

"This announcement is a sea change for physicians," cautioned attorney Michael Sacopulos, JD, founder and president of the Medical Risk Institute in Terre Haute, Ind. "OIG's perspective is that physicians have had more than enough time to develop active programs and implement self-monitoring through regular internal reviews, training, and self-reporting. But most haven't done it. So the OIG is taking a new approach and will be looking for evidence that providers have active programs in place, not just written plans."
Therefore, if your compliance plan is collecting dust, or if your practice does not have an up-to-date plan, it's time to get serious. "Given the government's recent interest and latest guidance, physicians should assume that increased enforcement is not far away," predicted Mr. Sacopulos.

From carrot to stick
The new guidance is the latest by the OIG, which also has an array of program development tools and educational materials on its website. Unfortunately, the documentation has not prompted many medical practices to integrate compliance and self-monitoring into billing and practice operations, as the following examples show.

In April, Boston Medical Center and two of its physician practice organizations agreed to pay $1.1 million to resolve allegations that included billing Medicare and Medicaid for preoperative visits that should have been included in the global fee. Atlanta's Toccoa Clinic Medical Associates recently agreed to pay $1.9 million to settle claims that it violated the False Claims Act by incorrectly billing Medicare evaluation and management (E/M) services. Notably, its physicians billed for E/M services on the same day as a procedure, when the E/M service was not a significant, separately identifiable service.

It's no wonder that the OIG's newest guideline is more stick than carrot. "Any time there is a little terror mixed in, it livens things up," quipped Mr. Sacopulos. "If OIG finds a pattern it considers fraudulent billing, it can throw the providers in jail, ask for their money back, and exclude the physicians from the Medicare and Medicaid programs."

The OIG always intended that practices would actively audit and correct themselves, contends Mr. Sacopulos. This latest guidance clarifies what happens (including the penalties) if a practice does not.

"As I read this latest guidance, the only way physicians won't have problems is if they actively find their own problem, self-report, and pay the money back," said Mr. Sacopulos.

"If the Feds find the problem and you don't, your practice could end up in the consequence area of the enforcement spectrum. That could result in OIG bestowing a corporate integrity agreement (CIA) upon you."

CIAs vary depending on OIG's perception of the organization's level of risk in submitting false or fraudulent claims. They can require activity such as reporting overpayments, undergoing investigations or legal proceedings, allowing independent chart/coding reviews, and providing annual reports to OIG on the practice's compliance activities.

Based on Mr. Levinson's announcement and other recently issued guidance, "if you are selected for an audit, don't even bother to talk about your compliance plan," advised Mr. Sacopulos. "As far as the OIG is concerned, you should have done that 20 years ago."

Turn your plan into a program
"Practices have to pivot from having a compliance plan to operating an effective compliance program," said Mr. Sacopulos. "You've got to go from having things on paper to putting them into action.

"Compliance must become part of what you do and how you operate—not just a plan you have. Auditors will be looking for active signs of a practice's desire to consistently code correctly and follow overpayment and documentation rules."

For instance, do you send the billing team to annual coding training? Do you review each surgeon's coding patterns against Medicare's state and national data and audit the charts of significant outlier physicians? Do physicians conduct peer reviews of their documentation on a regular basis, actively discuss findings, and document the areas that require education and improvement? Has the practice developed a self-disclosure protocol?

Your practice can take the following six steps now to activate your compliance program.

1. Designate a compliance activator.
All orthopaedic practices need a designated compliance officer. You need an implementation champion. Appoint someone and make sure it's not just a title but also an active role.

2. Bring your compliance plan up-to-date.
"Dust off the binder and crack it open to find out when the plan was last reviewed and updated," Mr. Sacopulos suggested. For example, are training records up-to-date? Has billing staff been regularly logging coding edit rule changes for frequently used codes and payer-specific guidance? Do you have policies for handling appeals and validating coding information and "advice" from online discussion groups?

If you don't have a plan or need some help getting yours current, OIG provides educational material, roadmaps, and other materials to support the seven elements of an effective compliance program (Table 1).

3. Map out an activation timeline.
"Practices need an active coding and billing compliance program," explained Mr. Sacopulos. "An active compliance program is one that is used to correct, train, and implement good coding practices."

That means when you identify incorrect code usage in the practice, you also provide evidence of your action plan to address it, including follow-up that ensures proper improvements were made. When a payer-specific edit or code usage rule is identified, you add it to the compliance log and include it on an upcoming staff meeting agenda to ensure it is discussed.

4. Conduct regular internal audits
"A good compliance program includes regular internal assessments to ensure E/M coding patterns are congruent with state and national norms," said Mr. Sacopulos. "Review 5 to 10 charts per provider per quarter to verify that documentation matches the billed codes. Discuss both positive and negative results in physician meetings. Excellent coding performance should be recognized as well as patterns that require corrective action."

If your internal reviews indicate a lack of accuracy, create a written improvement plan. For example, a Chart Audit Improvement Plan might include the following steps:

  • sending a staff member to a coding course
  • having the staff member conduct an in-service educational session within 3 weeks of the course for staff and physicians
  • pairing physicians for one-on-one training and coaching on documentation for established patient visits
  • reviewing all 992XX codes for one month to validate accuracy prior to submitting them to payers
  • alerting physicians when an incorrect E/M code is identified and obtaining the correct code before submitting the claim

Mr. Sacopulos also suggested practices document what was learned from the improvement activity and engage an outside resource to examine coding practices on a periodic basis.

The E/M analyzer included in the Academy's Orthopaedic Code-X software can help you take the first risk-assessment step. When each provider's E/M code frequency is entered into this electronic spreadsheet-based tool, the analyzer builds graphs that compare usage patterns against Medicare's state and national data, enabling rapid identification of outliers (Fig. 1).

5. Develop a self-disclosure procedure.
The OIG wants physicians to provide evidence of a self-disclosure protocol and its use in addressing corrective actions. Your practice must develop and implement a system of disclosing coding errors when identified and documenting the training and new processes to avoid future errors. "Imagine that you are a government official," suggested Mr. Sacopulos. "From that vantage point, what information or processes illustrate that the practice is doing its best to submit quality charges?"

6. Provide training for staff and physicians.
"It's dangerous for staff to be in the dark about rule changes and regulatory updates," warned Mr. Sacopulos. "Medicare webinars and emails are helpful, but structured, annual training is a must to have a complete understanding of high-priority compliance issues and code changes.
"The OIG has given fair warning," said Mr. Sacopulos, "and physicians had better get their billing and coding in order because stricter enforcement is just around the corner."

Cheryl Toth, MBA, is a business writer with KarenZupko & Associates, Inc., which develops and delivers coding and reimbursement workshops in partnership with the AAOS and provides practice management consulting and coding education and audits for orthopaedic surgeons.

What to Do if You Identify a Compliance Issue
Addressing compliance issues once they've been discovered can get sticky. Mr. Sacopulos suggests that a practice's compliance policy state that when identified, both positive and negative compliance issues are addressed in face-to-face conversations.

"From a practical standpoint, the manager or compliance officer can send an email to a physician or staff member, requesting a conversation to discuss corrective action or commend them for doing a good job," he explained. "A policy like this indicates practice leaders support all types of compliance activity and recognize the importance of having occasional conversations with physicians who are doing well as well as with those who need improvement."

The full discussion takes place in person, not by email or in writing. "After you come up with a plan for modifying negative behavior," added Mr. Sacopulos, "put that in writing and implement it, documenting follow-up actions and improvements that have occurred over time."

Additional Information: