Third Party Payer Audits: The Importance of Compliance Programs

Any healthcare provider that submits claims to third-party payers is familiar with audits, whether undertaken by private insurers, the Centers for Medicare and Medicaid Services (CMS) or the relevant state Medicaid agency. The most common methodologies used by third-party payers when performing audits is pre-payment review and post-payment review. A post-payment audit occurs when a third-party payor reviews claims submitted by a provider after the claims are paid, to determine if those claims were properly reimbursed. A pre-payment audit involves a review of billing documentation submitted to the insurer by the provider before payment is made, to determine its validity and conformity with the applicable reimbursement policies and guidelines.

Third-party payers conduct audits at random, in response to the billing pattern of a particular provider or in response to a patient/agency complaint/referral. They often utilize data-driven analysis to help determine if the provider submits higher than average billing for certain procedures or higher per-patient visits. They can also focus on a particular code that has been problematic for that provider, or throughout the state or region where the provider is located.  Third-party payers often compare the billing patterns of other, similar specialties within the same geographic area to determine if any particular provider may be over-utilizing certain billing codes. Whatever the reason, virtually all providers can be assured that, if they practice long enough, their billing will eventually be audited by third-party payers.

Any provider can be audited by any third-party insurer, whether they be in-network or out-of-network.  A provider will usually receive an initial notice of an audit by letter from a third-party payor, usually accompanied by a request for specific medical records. Unfortunately, many providers do not respond to these requests in a timely manner or may respond with inadequate documentation or records.  How the initial stages of these audits are managed can make all the difference in the ultimate outcome.  Limited time is afforded for the provider’s response, and the method for appealing the third-party payer’s reimbursement demands can be quite complex.  While retaining a third-party billing company can increase productivity and alleviate the billing workload, it will not alleviate the provider’s responsibility for appropriately coding and billing under the terms of the provider contract and/or applicable laws and regulations.

Even worse, the results of an audit can be devastating to a provider. It is not uncommon for third-party payers to demand inordinate sums of money from the provider, based upon the audit results.  In fact, these recoupment demands can exceed the amount of the provider’s annual revenue. Audits can lead to both civil and criminal fraud investigations by regulatory or law-enforcement agencies, which can result in fines and penalties, exclusion from federal health programs, suspension or revocation of medical licensure and, in the worst cases, potential time incarceration.  For these reasons, it is essential that providers retain legal counsel and involve them in the audit process as soon as possible. Lawyers with considerable background in health care provider-payer law and regulation and appeal of third-party payer reimbursement demands are essential for this task.

An experienced health law attorney can also assist your practice/facility in formulating an efficient tool to reduce the likelihood of being targeted for recoupment by a third-party payer, by creating a solid compliance program.  Having updated compliance policies and procedures in place to ensure proper coding will greatly reduce your chance of being audited.  More important, if your practice is audited, a viable compliance program will enhance your ability to demonstrate that the bills submitted were correct, well-documented and should be paid in full. A compliance program serves as indication that the practice/facility has made real efforts to implement viable guidelines to ensure proper billing and coding. This can go a long way to convince insurers, government regulators or other entities that the provider has made a genuine attempt to utilize best practices by using the appropriate billing codes, submitting adequate supporting documentation and remaining current with changes in guidelines or regulations. Compliance requires continued, long-term monitoring and thoroughly educating all providers and staff on the elements of the compliance program.

The first step in creating a viable compliance program for practices/facilities is to determine the specific risks and vulnerabilities that are specific to the practice/facility. Although every well-structured compliance program should cover some common risk areas, such as reasonable and necessary services, proper documentation, coding and billing, and improper inducements, kickback or self-referral arrangements, there are many categories of billing and coding compliance to consider.  In conjunction with your practice’s/facility’s providers and third-party billing service, a health law attorney can help you focus on some of the specific areas that may leave the practice/facility vulnerable to a large reimbursement claim from a third-party payer and tailor the compliance program accordingly.

The next step is to compile a list of responsibilities for each of the applicable employees involved in billing and coding. This should take the form of both a written code of conduct and policies and procedures for your compliance program.  However, a written set of policies and procedures that are never read by providers and staff, much less obeyed, are not useful either for ensuring compliance or convincing third-party payers that your practice/facility is serious about compliance. As such, it is also essential that a proactive compliance program is continually monitored.

An ideal monitor would be a full-time compliance officer, but most small to mid-sized practices cannot afford to employ someone dedicated full-time to compliance.  A better option is a having qualified employees of the practice/facility assume different aspects of compliance responsibilities, on a part-time basis, as “compliance contacts.”  Whoever takes on these tasks must be properly trained, either through certified health care compliance education or other avenues suggested by your health care counsel.  In any case, it is imperative that the responsible compliance officer or contacts effectively implement a system for monitoring, auditing, training, investigating and updating the compliance program, when required. This must be accomplished in a way that these designated compliance officers or contacts remain independent and cleared of any potential conflicts.

A compliance program does not operate in a vacuum. All staff must be involved and “buy-in” to the program for it to be effective. Merely advising employees that the practice/facility has established a compliance program for them to review is wholly insufficient. Staff must be trained and educated on a periodic basis, conveying the risks and vulnerabilities of the practice/facility, specifically outlining the stakes involved in good compliance and the penalties or sanctions for non-compliance. At the same time, however, a compliance program should never be punitive in nature, but remedial in approach.  Proper risk compliance seeks to identify the mistakes made, without casting blame and retribution. The focus must be on correcting improper habits and recurring mistakes, not punishing individual employees. However, there are times when corrective action, including discipline, is necessary.  An effective compliance program should ensure that standards are enforced and sanctions are imposed. Corrective action can range from warnings, admonishments, suspensions, demotions and dismissal, which should all be documented by the practice. This is another area where health care counsel can provide able assistance, to ensure that all policies are in full compliance with applicable health care and employment laws and regulations.

A well-structured compliance program can provide a strong foundation for the worry-free submission of appropriate claims, prevention of any potential fraud, and safeguard for practices/facilities subject to audits by third-party payers, billing-related investigations by regulators or law enforcement. All providers should strongly consider implementing a comprehensive compliance program.

If you have you have any questions about or would like our assistance with audits/prepayment review or compliance-related matters, please contact Mohamed H. Nabulsi, Esq. at 973-979-1150.

Article Submitted by:
Mandelbaum Salsburg P.C.
Mohamed H. Nabulsi, Esq., Co-Chair, Healthcare Group
Alex Keoskey, Partner
Ronen Yair, Counsel

Subscribe to our Accounting, Tax and Business Insights Newsletter

Email Address:
Name(Required)
Privacy(Required)
This field is for validation purposes and should be left unchanged.
An Update on Employee Retention Credit Claims

An Update on Employee Retention Credit Claims

Did you claim the ERC (Employee Retention Credit) and are you still waiting for it to be processed? The IRS suspended processing of ERC claims submitted after September 14, 2023, amid allegations of widespread fraud. There is good news for the businesses that were...

read more
Listen Up Employers, RetireReady is Here!

Listen Up Employers, RetireReady is Here!

If you are a New Jersey employer with 25 or more employees, you may have received a notice that you are required to register your business with RetireReady NJ or certify that you are exempt.  This program was established by the Legislature to help workers in the state...

read more