If you have trouble viewing this email, view Best Practices Review online.

Volume 7, Issue 3 July 2012

Audits and reviews of medical claims are nothing new. However, we are seeing an unprecedented increase in the number of these audits in both the hospital and in the physician practice setting. Public and private payers alike recognize the excellent return on investment (ROI) of medical claims audit initiatives. Yet as good as the ROI is on the recovery of overpayments, it is even better if the overpayment can be prevented. Therefore, providers should expect to see more pre-payment audits and reviews in the future.

In this issue, I will provide a review of why audits and reviews are increasing, the entities auditing your claims and tips on preparing for and responding to audits. Risë Marie Cleland



The increase in audits is directly related to the growing numbers of entities that are auditing medical claims and the increased focus on identifying and preventing overpayments.

In fact, provisions in the massive health care reform legislation, the Affordable Care Act (ACA), provides new enforcement tools and resources for identifying and preventing overpayments as a result of fraud, abuse, and billing errors. The ACA provides an additional $350 million over ten years to increase antifraud activity through more prepayment audits and reviews and new highly sophisticated data analytics.

The ACA also expands the successful Recovery Audit (formerly known as the Recovery Audit Contractor or RAC) Program to Medicaid, Medicare Advantage (Part C), and Medicare Part D programs. The Center for Medicare and Medicaid (CMS) reports that they expect to save $2.5 billion over the next five years in the Medicaid RA program alone.

Reducing fraud is a high priority for CMS; nevertheless, the identification and recovery of overpayments due to errors remains a key initiative. Because of the recent changes to the False Claims Act, inadvertent claims errors, the lack of adequate documentation to support billed claims, or inattention to billing errors or overpayments can rapidly snowball and threaten a clinic’s financial viability.

In 2009, Congress amended the federal civil False Claims Act to include that the knowing concealment or the knowing and improper avoidance of an obligation to pay or transmit money to the government was a basis for liability under the False Claims Act. This is referred to as the “reverse false claims” provision, as it is the knowing retention and failure to refund federal funds that were paid in error that triggers the violation of the False Claims Act. In 2010, the ACA further strengthened this provision of the False Claims Act requiring providers to report and return any Medicare overpayment by the later of, 60 days after the identification of the overpayment or the date the applicable cost report is due. Failure to refund promptly could result in a violation of the False Claims Act, which includes civil penalties between $5,500 and $11,000 per violation, plus three times the government’s losses.

In addition to liability under the False Claims Act , a determination that an individual or entity knowingly concealed overpayments from federal healthcare programs may constitute grounds for additional civil money penalties, criminal penalties (including fines, imprisonment, or both), as well as exclusion from the Medicare and Medicaid programs.

Finally, in recent rulemaking, CMS proposed extending the “lookback” period for reporting and returning overpayments to 10-years. CMS reports that the proposed 10-year lookback period was selected because it is the outer limit of the federal False Claims Act statute of limitations. CMS also suggested amending the rules to provide for a 10-year reopening period consistent with the proposed lookback period. Comments to CMS from national and state societies and health care organizations were overwhelmingly negative regarding the proposed 10-year lookback period citing the unreasonable burden it would place on providers.


Given the continued expansion of efforts to reduce improper claims payments you can safely assume that regardless of your diligence to billing compliantly at some point your practice will be subject to external audits. Therefore, it is important to have an understanding of who is reviewing and auditing providers' claims. In this section we will look at the various audit contractors and what they focus on.

Medicare Administrative Contractors
A/B Medicare Administrative Contractors (MACs) process and pay claims for both Part A and Part B services, they are also responsible for auditing providers and reducing the Medicare claims payment error rate. MACs perform both postpayment and prepayment reviews, the latter of which may negatively affect providers' cash flow.

The MACs perform postpayment audits through the Medical Review (MR) program with the goal of reducing payment error by identifying and addressing billing errors concerning coverage and coding made by providers. MR audits focus on atypical billing patterns identified through analysis of fee-for-service (FFS) claim data, Recovery Audit (RA) Program vulnerabilities, Comprehensive Error Rate Testing (CERT) data and Office of Inspector General (OIG)/Government Accounting Office (GAO) reports.

Prepayment reviews performed by the MACs include the application of the National Correct Coding Initiative (NCCI) Edits and the Medically Unlikely Edits (MUEs). These two programs review Part B claims containing HCPCS/CPT codes before they are paid through the application of automated prepayment edits. Both programs are designed to prevent inappropriate payments.

The NCCI Edits seek to control improper coding and to prevent improper payment when incorrect code combinations are reported. An MUE is the maximum units of service that a provider would report under most circumstances for a single beneficiary on a single date of service. MUEs were developed to prevent billing errors. Both of these programs have the goal of reducing the claims paid error rate and providers retain the right to appeal NCCI and MUE denials.

The NCCI and MUE edits are updated quarterly and are published on the CMS website. However, not every HCPCS/CPT code has an MUE and not all MUEs are listed in the MUE file. Currently, most drug MUEs are unlisted and confidential.

The prepayment NCCI and MUE program edits are generally a seamless process that occur behind the scenes during the claims adjudication process and they do not affect or delay payment unless the edits are triggered resulting in a denial of a HCPCS/CPT code. However, the prepayment MR program does delay payment as the claims selected for MR review are suspended while a medical review is performed to confirm that services rendered are reflected in the claim, coded correctly, and meet Medicare coverage criteria. In most cases, additional documentation is requested from the provider, via the electronically generated Additional Development Request (ADR) process. CMS requires Medicare contractors to complete medical review of the documentation within 60 days after ADR responses are received.

MACs may perform probe reviews when data analysis indicates that a potential provider or service specific error exists, but cannot confirm the existence of such an error without reviewing documentation. Probe reviews are data driven, consist of a sample of representative claims, and are conducted for the purpose of validating potential provider billing errors. The process may include either provider or service specific reviews and may be performed either prepayment or postpayment.

MACs are required to inform prior to initiating a provider-specific review by sending an individual written notice. The MACs must include information on whether the review will occur on a prepayment or postpayment basis and the specific reason for selection. If the basis for selection is comparative data, CMS further instructs the MAC to provide the data on how the provider varies significantly from other providers in the same specialty, jurisdiction, or locality.

CMS explains that the purpose of a probe review is to ensure that medical review activities are targeted at identified problem areas. CMS also instructs the MACs to make certain that the probe sample is large enough to provide confidence in the result, but small enough to limit administrative burden. Providers may appeal MAC MR denials.


  • Contractors may examine 20–40 claims per provider for provider-specific problems.
  • Contractors also conduct widespread probe reviews (involving approximately 100 claims from multiple providers) when a larger problem, such as a spike in billing for a specific procedure, is identified.
  • In either type of review, providers are notified that a probe review is being conducted and are asked to provide medical documentation for the claim(s) in question.
  • Medical records are reviewed and providers are notified of the results.

CMS states that the MACs may initiate a targeted provider-specific prepayment review only when there is the likelihood of sustained or high level of payment error. MACs are encouraged to initiate targeted service-specific prepayment review to prevent improper payments for services identified by CERT or RAs as problem areas, as well as problem areas identified by their own data analysis.

The MACs may select target areas based on the following criteria:

  • High volume of services;
  • High cost;
  • Dramatic change in frequency of use;
  • High risk problem-prone areas; and/or,
  • RA, CERT, OIG or GAO data demonstrating vulnerability. Probe reviews are not required when targeted areas are based on data from these entities.

Providers with identified billing problems may be placed on prepayment review, in which a percentage of their claims undergo medical review before the MAC authorizes payment. The length and scope of the prepayment review is based on the severity of the identified problem. It is recommended that providers, who are placed on prepayment review by Medicare, contact their attorney and request a meeting with the Medicare Integrity Program (MIP) provider education specialist assigned to their case in order to gain an understanding of the medical review process and their situation. Physicians placed on prepayment review maintain appeal rights on all claims audited by Medicare.

Recovery Auditors
There are currently four A/B Recovery Audit (RA) contractors (see Figure 1). The Medicare RAs perform postpayment claims review to identify improper payments made by Medicare. The RAs are paid on a contingency fee of between 9% and 12.5% of all underpayments and overpayments identified and recovered from physicians and other health care providers.

RAs must follow Medicare regulations, billing instructions, National Coverage Determinations (NCDs), coverage provisions and the respective MAC’s Local Coverage Determinations (LCDs). Furthermore, they are limited to reviewing CMS approved issues listed on the RAs website.

The fact that relatively few physician practices have reported RA activity to date is because the RAs first focused their efforts on hospital services where high errors rates and high-dollar claims provided them an excellent return on their investment. As shown in Figure 2, the American Hospital Association reports in their 1st Quarter 2012 Survey that 2220 hospitals have participated in their RAC Trac survey and 87% of those hospitals have reported experiencing RA activity.

Figure 2 – Source AHA RACTrac Survey, 1st Quarter 2012

Providers may appeal RA denials, and in fact, as physician practices prepare for the onset of increased RA activity they should heed the successes that hospitals have had in appealing RA denials; nationwide hospitals reported appealing more than one-third of all denials and of those claims that have completed the appeals process, 75% were overturned in favor of the provider.

According to CMS, the RAs have collected $986.2 million in overpayments and have returned $86.4 million in underpayments so far in FY 2012 (October 1, 2011 through March 31, 2012). The continued success of the RA program has led to the current expansion of this program to Medicare Part C, Part D and the Medicaid program.

The Medicaid RA program is separate from the Medicaid Integrity Contractors (MIC) audit program and is in various stages of implementation throughout the country. Information on the status of the Medicaid RA program may be found at www.cms.gov/medicaidracs.

A further expansion of the RA program was announced in November 2011, when CMS reported they would be implementing a demonstration project that would allow the RAs to conduct prepayment reviews on certain Medicare claims. The Recovery Audit Prepayment Review demonstration project, originally scheduled to start January 1, 2012, will now begin on or after June 1, 2012.

The demonstration project will focus on the types of claims that typically have high rates of improper payments. The prepayment reviews will begin in seven states that CMS has identified as having high populations of fraud and error prone providers (FL, CA, MI, TX, NY, LA, IL) and four states with high claims volumes of short inpatient hospital stays (PA, OH, NC, MO).

The Recovery Audit Prepayment Review demonstration project is in line with CMS’ expressed desire to lower the error rate by preventing improper payments rather than identifying and collecting improper payments after they have been made. If found to be successful, providers can expect to see this demonstration project become a permanent national program.

Medicare A/B RAs


Website & E-mail

Telephone Number

Region A:
Diversified Collection Services
States: CT, DE, DC, ME, MD, MA, NH, NJ, NY, PA, RI and VT.


Region B:
States: IL, IN, KY, MI, MN, OH and WI.

Region C:
Connolly, Inc.
States: AL, AR, CO, FL, GA, LA, MS, NM, NC, OK, SC, TN, TX, VA, WV, Puerto Rico and U.S. Virgin Islands.


Region D: HealthDataInsights
States: AK, AZ, CA, HI, ID, IA, KS, MO, MT, ND, NE, NV, OR, SD, UT, WA, WY, Guam, American Samoa and Northern Marianas.


Part A:
Part B:
Figure 1 Source: CMS    

Zone Program Integrity Contractors
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established the Medicare Integrity Program (MIP). A main function of MIP is to develop program safeguard functions to detect and deter potential fraud, waste and abuse in the Medicare program. With the establishment of MIP, CMS created the Program Safeguard Contractors (PSC) to carry out the program integrity functions.

As a result of the Medicare contracting reform mandated in the Medicare Modernization Act (MMA), CMS created the Zone Program Integrity Contractors (ZPICs) to perform program integrity functions (replacing the PSCs) in seven program integrity zones.

Medicare’s Program Integrity Manual (PIM) states that the primary goal of the ZPICs is to identify cases of suspected fraud, to develop them thoroughly and in a timely manner, and to take immediate action to ensure that Medicare funds are not inappropriately paid and that any mistaken payments are recouped.

ZPICs perform proactive identification of potential fraud through data analysis of billing practices, patterns, or trends, and reactive identification through evaluation of complaints and referrals from law enforcement, MACs and other contractors. The ZPICs are not paid on a contingency basis like the RACs; instead, they are paid directly by CMS on a contractual basis.

In MLN Matters® Number: SE1204, CMS outlines some of the functions and actions the ZPICs may undertake to detect and deter fraud, waste, and abuse in the Medicare Program including:

  • Investigating potential fraud and abuse for CMS administrative action or referral to law enforcement;
  • Conducting investigations in accordance with the priorities established by the Center for Program Integrity (CPI’s) Fraud Prevention System;
  • Performing medical review, as appropriate;
  • Performing data analysis in coordination with CPI’s Fraud Prevention System;
  • Identifying the need for administrative actions such as payment suspensions and prepayment or auto-denial edits; and,
  • Referring cases to law enforcement for consideration and initiation of civil or criminal prosecution.

In performing these functions, ZPICs may:

  • Request medical records and documentation;
  • Conduct an interview;
  • Conduct an onsite visit;
  • Identify the need for a prepayment or auto-denial edit and refer these edits to the MAC for installation;
  • Withhold payments; and,
  • Refer cases to law enforcement.

ZPICs are not required to notify providers before beginning a review. ZPICs routinely provide little or no notice prior to a site visit or audit. If you are contacted by a ZPIC or receive a letter advising you of an audit, it is recommended that you contact a health care attorney familiar with ZPIC audits. It is very important that you respond to ZPIC requests in a timely and appropriate manner. Providers retain appeal rights.

Comprehensive Error Rate Testing
CMS developed the Comprehensive Error Rate Testing (CERT) program to produce a national Medicare Fee for Service (FFS) error rate. The CERT performs postpayment reviews. AdvanceMed, the CERT Review Contractor, randomly selects samples of claims from each Medicare claims processing contractor for medical review. For each claim selected, the CERT Documentation Contractor requests medical records from the providers who billed for the services, and prepares the documentation for review by AdvanceMed. Based on the medical record documentation received, AdvanceMed verifies that the services were billed correctly and that the payment and processing of the claims were accurate and based on sound policy. The CERT contractor follows Medicare regulations, billing instructions, NCDs, and the respective MAC’s LCDs. Claims that are billed, paid, or processed incorrectly are categorized as errors.

Through the CERT program, CMS calculates a national Medicare FFS paid claims error rate and a provider compliance error rate and publishes these annually on the CMS CERT website.

CMS requires Medicare MACs to review and validate the CERT results for their jurisdiction to determine the education needed to reduce medical necessity and incorrect coding errors and to develop Error Rate Reduction Plans identifying the specific causes of the improper payments and outlining corrective actions for the errors.

Therefore, the CERT reports, which are usually posted on the MAC websites, provide insight into future targets of RAC and MAC audits. The most recent Medicare Improper Payment Report (CY 2010) shows the leading driver of claims errors for physician services is insufficient documentation. In 2012, Part B CERT, RAC and MAC audits continue their focus on documentation. In an effort to help providers and to lower their own error rate, Medicare MAC Palmetto GBA, published a CERT E/M document checklist (see Figure 3) which lists essential elements that should be included when responding to a CERT E/M documentation request.

Recent CERT audits in medical oncology have also focused on drugs, and providers who do not include signed orders in the submitted documentation have seen the payment for the drugs and their administration recouped. Most often, it is the supportive care drugs that lack a signed order but all too often even chemotherapy drugs lack a signed physician order.

CERT Error Rates
Paid Claims Error Rate = (Dollars overpaid + Dollars underpaid)/Total dollars allowed
Provider Compliance Error Rate = Dollars submitted incorrectly/Total dollars submitted

Checklist for CERT E/M Documentation Requests

When responding to a request for E/M documentation the submitted documentation should include, but is not limited to:

  • Name of beneficiary and date of service on all documentation
  • Signed physician’s orders, if applicable
  • Test results, if applicable
  • Documentation based on counseling and/or coordination of care, to include:
    • Total time
    • Amount or percent of time involved in counseling and/or coordination of care
    • Description of the discussion with the patient
  • Signed physician progress notes, if applicable, to include:
    • History
    • Physical exam
    • Decision making for the dates of service in question
  • If you use electronic medical records/signatures include documentation validating the process

Figure 3 Source: Palmetto GBA

Medicaid Integrity Contractors
The Medicaid Integrity Contractors (MICs), are similar to RAs, but conduct audits of Medicaid claims under a contract with CMS. There are three types of MICs:

  • Review MICs: Analyze claims data to identify aberrant claims and potential billing vulnerabilities and provide leads to Audit MICs.
  • Audit MICs: Conduct post-payment audits of all types of Medicaid providers to identify overpayments.
  • Education MICs: Work with Review MICs and Audit MICs to educate health care providers, state Medicaid officials and others about Medicaid integrity issues based on discovered issues.

Unlike RAs, Audit MICs are not paid on a contingency fee basis; however, they are eligible for financial bonuses based on the effectiveness of their audits. State law determines how far back the MICs can review Medicaid claims as well as any limitations on the number of claims they can request records on and the time that providers have to respond to the request for documentation. In addition, the laws of the particular state program determine providers’ appeal rights for MIC denials.

A March 19, 2012 OIG report entitled “Early Assessment of Audit Medicaid Integrity Contractors”, states that initial MIC audits in state-administered Medicaid programs were largely ineffective. However, the OIG reports that identified correctable issues associated with the application and analysis of Medicaid data would significantly improve the Review and Audit MIC’s capabilities to identify overpayments. CMS is committed to this program and they report spending approximately $30.5 million on Review and Audit MICs in 2010, with $17.2 million of that going to the Audit MICs.

Commercial Insurance Audits
Many of the same companies that have contracts as auditors for the Medicare and Medicaid programs are also providing their services to commercial (private) payers. Moreover, there exists a multitude of entities that are actively pursuing commercial payers and self-insured health plans with promises of lowering their costs through pre and/or post payment reviews and audits.

In an effort to control costs, private payers often employ prospective payment reviews such as prior-authorization programs. They also employ retrospective reviews through which they review past medical claims for any improper payments.

These retrospective audits are arguably the most burdensome to physicians as they may result in a demand for repayment dating back several years. Providers should review private payer contract provisions dealing with medical necessity, audits, and the appeals process prior to signing the managed care contract.

The American Medical Association (AMA) website contains resources to help providers deal with managed care audits and to perform internal audits and identify risk areas in their practice. In addition, the AMA’s National Managed Care Contract (NMCC), available free of charge to AMA members, provides model contract language that complies with insurance laws and regulations in each of the 50 states plus the District of Columbia. Through these resources, the AMA provides physicians with the necessary information to analyze and improve key physician contracting issues including medical necessity, contract termination and overpayment recovery efforts.

Payers often analyze claims data looking for aberrant billing patterns suggestive of abuse or fraud. They commonly perform retrospective audits of those physician practices whose E/M billing patterns differ from those of their peers. One way to benchmark your E/M services would be to compare yourself to your peers in the same specialty in the same locality.

The Part B Carrier Summary Data Files published annually by CMS, are summarized at the carrier level by Healthcare Common Procedure Coding/Current Procedural Terminology, (HCPC/CPT), code ranges. Each data set displays the allowed services, allowed charges, payment amounts by HCPCS/CPT codes and prominent modifiers.

Alternatively, if you prefer, you can purchase a book or online database that uses regional Medicare averages for your specialty to provide easy to use benchmarks. For a quick look at how your practice compares to the national Medicare average you can access the AAPC’s free online E/M Utilization Benchmarking Tool, as of July 1 the AAPC benchmarking tool was using the 2009 Medicare figures.

Still, data analysis showing that a provider’s E/M coding frequency is outside the norm does not necessarily mean the coding is incorrect. Providers who fall outside the norm for E/M distribution will want to ensure that their documentation justifies medical necessity and the level of E/M service billed. Performing internal audits are a good way to identify your practice risk areas.

The OIG recommends that practices perform a self-audit at least once a year to determine whether bills are accurately coded and accurately reflect the services provided, that documentation is being completed correctly, and that services provided are reasonable and necessary.

Furthermore, the OIG recommends auditing five or more medical records per payer or five to ten random medical records per physician. Random samples may be drawn from paid claims, claims by payer or claims containing the top denials by payers.

The AMA article, “How to perform a physician practice internal billing audit” suggests the following items be included in a claims analysis checklist:

  • Was the service performed and documented appropriately?
  • Are the correct physician and practice identification numbers listed on the claim?
  • Is there a CPT code that would more accurately reflect the service performed?
  • Is the appropriate modifier appended to the CPT code to more exactly reflect the service performed?
  • If this medical record was reviewed by an outside auditor who does not know the patient, does the record support the CPT codes selected?


  • Assign a staff member to act as Audit Coordinator, this person must be detail oriented and have sufficient time to devote to audit activities.
  • Organize your audit team and assign responsibilities.
  • Identify your practice risk areas by evaluating patterns of current denials, issues identified internally through audit and compliance activities, and issues posted to the RAC web sites.
  • Review the Medicare Quarterly Compliance Newsletter, the OIG Work Plan, audit reports and CERT reports.
  • Review medical record documentation for:
    • Proper diagnoses
    • Medical necessity
    • Orders
    • Signatures
    • Correct coding and use of modifiers
  • Develop tracking process:
    • Track record requests, type of service audited, records submitted, date of response, whether there was an overpayment, date of recoupment, requests for redetermination and/or appeals, outcome of appeals.



This issue available for download

Published by Rise Marie Cleland. Sponsored by Lilly Oncology


  • Promptly deliver the auditor’s request for medical records or other documentation to the individual assigned as your “Audit Coordinator.”
  • The Audit Coordinator establishes a contact at the office of the entity requesting the documentation.
  • Establish the type of audit being performed.
  • Assess your risk by conducting your own independent analysis of the services being audited.
  • Contact your health care attorney if significant risk is identified or if the audit is focusing on suspected fraud or abuse.
  • Respond promptly and comply with all deadlines. Request an extension if you think you need more time to gather supporting documentation or literature.
  • Date and page stamp all correspondence and track and verify receipt of correspondence.

All too often providers fail to exercise their right to appeal, either because they miss the appeal deadline or because they believe it is easier and safer to pay the requested amount (particularly when the amount to be recouped is relatively small).

Nevertheless, providers should appeal when they do not agree with audit findings to avoid being subject to additional documentation requests and claims denials for the same service on different dates of service or for other patients.

Prior to requesting an appeal, review the payer’s appeal guidelines including where to file the appeal, deadlines, and information that must be included in the appeal. CMS provides detailed appeals information for original (fee-for-service) Medicare claims on their Appeals website.

One of the best resources I have found is the AMA’s booklet Appeal that Claim, this 65-page booklet is free of charge and available on the AMA website.

Finally, for private payers, if you have exhausted the insurer’s internal appeals process, inquire about the external appeals process. In some cases, denials (particularly those for medical necessity) can be successfully resolved through the external appeals process or going directly to the patient’s employer.


2010 Newsletter Archives

Volume 7, Issue 2
Volume 7, Issue 1
Volume 6, Issues 4 & 5
Volume 6, Issue 3
Volume 6, Issue 2
Volume 6, Issue 1
Volume 5, Issue 6
Volume 5, Issue 5
Volume 5, Issue 4
Volume 5, Issue 3
Volume 5, Issue 2
Volume 5, Issue 1


Risë Marie Cleland

Oplinc, Inc.
113 W. 7th Street
Suite 205
Vancouver, WA 98660
360.695.1608 office
360.326.1733 fax


Comments and suggestions for future issues are welcome, please forward correspondence to Risë Marie Cleland by email at: Rise@Oplinc.com


Access all of our
previous newsletters.


Risë Marie Cleland is the Founder and CEO of Oplinc, Inc., a national organization of oncology professionals. Through Oplinc, Inc., Ms. Cleland publishes the weekly Oplinc Fast Facts focusing on the timely dissemination of information pertaining to billing, reimbursement and practice management in the oncology office and Oplinc’s Best Practices Review, which provides a more in-depth look at the issues and challenges facing oncology practices. Ms. Cleland also works as a consultant and advisor for physician practices, pharmaceutical companies and distributors.


Please note that this newsletter is presented for informational purposes only. It is not intended to provide coding, billing or legal advice. Regulations and policies concerning Medicare reimbursement are a rapidly changing area of the law. While we have made every effort to be current as of the issue date, the information may not be as current or comprehensive when you review it. Please consult with your legal counsel for any specific reimbursement information. For Medicare regulations visit: www.cms.gov.

CPT® is a Trademark of the American Medical Association Current Procedural Terminology (CPT) is copyright 2012 American Medical Association. All Rights Reserved. No fee schedules, basic units, relative values, or related listings are included in CPT. The AMA assumes no liability for the data contained herein.

Copyright ©2012
Oplinc, Inc.
Oplinc, Inc., grants permission to distribute this newsletter without prior permission provided it is forwarded unedited and in its entirety.

Remove me from this distribution list | Sign up to receive this newsletter