Back to the basics: Post-pandemic enforcement of coding compliance issues

© sasun Bughdaryan - stock.adobe.com

During the COVID-19 pandemic, the last thing most healthcare providers were thinking about was the need for run-of-the-mill coding compliance audits. In addition to the most important and obvious need to care for patients, the pandemic brought sweeping and immediate changes to the regulatory and reimbursement landscape, causing providers to shift focus to implementing new requirements. Many standard compliance and Health Information Management (HIM) audits became lower priority.

As a consequence, we are seeing increased focus from the Department of Justice (DOJ), the Office of the Inspector General (OIG), and Medicare contractors on coding compliance issues, both for claims denials and future audits. To minimize potential liability for these issues, providers should go back to the basics, and familiarize yourself with high-risk areas for coding and billing audits and enforcement, both overall and specific to your own billing patterns.

Issues receiving audit and enforcement focus

The “basics” that are receiving high enforcement right now include:

• Misuse of modifiers 24 and 25 applied to evaluation and management (E/M) services. Modifier 24 is used to bill an unrelated E/M service by the same physician or other qualified health care professional during post-operative period. For the purposes of Modifier 24, Medicare defines “same physician” to include physicians in the same group practice who are of the same specialty. Modifier 25 is used to bill a significant, separately identifiable E/M service by the same physician or other qualified health professional on the same day of the procedure or other services. Both modifiers are routinely misused, resulting in inappropriate payment of an E/M visit.
• Billing for critical care codes.Critical care codes are time-based codes, used to report the time a physician spent engaged in working directly related to the individual patient’s care. The high enforcement issue with critical care codes is medical necessity.
• Coding the incorrect place of service. Improper coding of place of service can result in improper payment in a number of scenarios. This is particularly high-risk for physician billing for inpatients at hospitals and skilled nursing facilities, where the amount Medicare reimburses for physician services tends to be lower than for office visits.
• Telehealth enforcement. Most telehealth enforcement against providers centers around high utilization, including billing for duplicate claims, high-volume billing, and inappropriate billing for the most expensive level of services. OIG is still drafting its toolkit to assess program integrity risks with telehealth, but every indication so far is that enforcement will be driven by data analysis and focus on high utilizers.

Identifying areas of focus

Providers should continuously update these areas of focus. The OIG Work Plan, which is accessible and searchable on OIG’s website, is a good first step to identifying which issues are likely to become high-priority for audits and other enforcements.

The best resource for provider-specific information is a provider’s own Comparative Billing Reports(sometimes called CBR or PEPPER report). CBRs are available for free for provider types and procedures viewed as a current enforcement priority. Each provider can download his or her own CBR, which compares the provider’s own billing patterns to peers in their state and across the country. CBRs are individual-specific data analyses that highlight the areas where Medicare has determined there might be a risk of improper payment, yet the vast majority of providers do not download them. Providers with comparatively higher billing patterns should take note that they are at higher risk of audit and enforcement actions.

What To Do If You’re Concerned You Have An Issue

Certainly, in the event any high-risk billing is noted, an important next step is to implement processes to prospectively prevent or flag these issues before claim submission. This can include training providers responsible for coding on proper coding practices and billing, coding, and other staff on flagging certain claims, implementing edits in the EHR to prevent certain claims, and regular HIM and compliance audits.

Providers should also note their obligations to look retroactively at claims that might have been impacted by these issues because they can result in overpayments. For federal payers, a person who has received an overpayment must report and return the overpayment within 60 days of identifying it. Failure to report and return an overpayment can result in liability under the False Claims Act, which carries with it triple damages and per claim penalties of $13,508 to $27,018 per claim. It can also result in sanctions by OIG, including civil monetary penalties and even exclusion from Medicare and Medicaid. These draconian rules are challenging to implement, with questions often arising about the scope of what should be considered and whether certain issues result in an overpayment.

It is important to note that the issues that can create liability in healthcare are much broader than what many people think of as true “fraud,” such as paying of kickbacks, upcoding, billing for services not provided, and other intentional acts. Regulatory misses and coding mistakes can land providers in hot water. As the Public Health Emergency winds up, providers should re-commit to their pre-pandemic standard compliance and HIM operations.

Jordan Kearney is a partner and founder of the Medicare Audits and Appeals Practice Group at healthcare law firm Hooper, Lundy & Bookman, P.C. She can be reached at jkearney@hooperlundy.com.