Watch past educational presentations and see live events in real time
Reference our medication guides for helpful information
Explore available award and grant opportunities for fellows-in-training.
Make a choice that matters
The best care starts with the best information
The ACR is accepting applications for mini curriculums, which are educational activities or curriculums to enhance the ACR Core Curriculum Outline.
In an effort to reduce fraud, waste, and abuse, the Federal Government is using various audit programs to minimize compliance risk in physician practices. It is vital for physician practices to understand and prepare for external payer audits to ensure that any audit findings are fair and accurate. Below are the key audit programs:
The RAC audits were originally a part of a demonstration program under §306 of the Medicare Modernization Act of 2003. Due to the success of the demonstration program in recouping millions of dollars to the Medicare Trust Fund, it was expanded into a permanent nationwide program by §302 of the Tax Relief and Healthcare Act of 2006. The key mission of the RAC's audit program is to identify and correct improper Medicare payments (both overpayments and underpayments) and to collect identified overpayments. There are four regional RAC contractors that review claims on a post-payment basis from data files they receive from CMS claims processed within its region.
There are two changes related to the payments to the RACs: they can now be paid up to 20% versus the previous 9% - 12.5% of any identified improper payments and they will not receive any payments until after a provider has passed the second level of appeal of the five level appeal progression.
There are two types of RAC audits:
The RACs in Regions 1 - 4 will perform post-payment review to identify and correct Medicare claims that contain improper payments (overpayments or underpayments) that were made under Part A and Part B. The Region 5 RAC will be dedicated to the post-payment review of DMEPOS and Home Health/Hospice claims nationally.
In 1999, CMS developed the Program Safeguard Contractor (PSC) program to support the Medicare Integrity Program, stop fraud, and facilitate provider adherence to CMS payment criteria, as well as conditions of participation in the Medicare program. Currently, CMS is transitioning the PSCs to ZPICs. The ZPIC audit program is considered the top program Medicare uses to initiative a fraud investigation.
ZPICS have the responsibility to:
The zone contractors have been given more discretion when conducting a review for the benefit of integrity. When a ZPIC receives an allegation of fraud or identifies a potentially fraudulent situation, it is charged with initiating an investigation to determine the facts and the magnitude of the alleged fraud. A ZPIC also conducts a variety of reviews simultaneously to determine the appropriateness of payments, even when there is no evidence of fraud. Unless otherwise advised by law enforcement, a ZPIC may use one or more of the following investigative methods to determine whether a provider has a pattern of fraud:
All audit requests should be taken seriously; however, audits from the ZPIC carry additional concerns and must be addressed timely and appropriately to avoid additional investigations.
CERT contractors are charged with statistically analyzing and establishing error rates for estimates of improper payments by claims randomly selected for review in a specific Medicare region. The goal of the CERT is to identify patterns of payment through reviews to determine which claims were reimbursed inappropriately. Keep in mind, CERT auditors are not required to notify providers of their intention to begin a review, but may issue an additional development request (ADR) to the provider for additional documentation if necessary.
The 2010 CERT study reported that approximately 42% of the error rate was due to payment on claims where the documentation did not support the medical necessity of a service or procedure. Nearly 50% of the error rate was for claims reported as having insufficient documentation to report the service. To avoid risk, it is important to ensure that coding and documentation in the medical record support medical necessity and the appropriate level of care.
The MAC scope of work includes managing policy and payments related to reimbursement. They use data from other contractors to target improper payment and vulnerabilities as well as reports from the CERT which have identified problems in a specific region. MACs have the ability to perform medical reviews for all claims, at their discretion, and will do so by issuing an ADR to the provider through the form of a service specific probe.
It is important to understand, if the requested documentation is not submitted, the MAC will make a determination that the claim is invalid and will not be paid. If the documentation is submitted, it is reviewed for the appropriateness to bill the code in question, and will be paid only if the documentation supports the billed code. Usually, the results of a MAC review are forwarded to the providers, with the overall results of the review released on the MAC website at the conclusion of the review.
Commercial insurance carriers also have diverse ways of determining how claims are selected for audit, and for what reasons. In some cases, when billing anomalies are detected for a provider, the claim information is usually forwarded to a third party to conduct a documentation audit.
The third party contractors vary but it is important to know that the audit processes used by these companies are similar to Medicare audit structure.
With the increased scrutiny of clinical documentation and medical necessity through audits, it is important for physicians and their staff to ensure the billing and documentation in the practice is consistent with nationally recognized coding principles and guidelines as wells as payers’ medical payment policies.
For more information on how to respond to an audit request or conduct an internal self-audit, contact ACR's practice management staff at firstname.lastname@example.org