The increased focus in compliance requirements and oversight is requiring healthcare organizations to take an in-depth look at their billing compliance, auditing, and revenue integrity processes. For many, that means considering a change from being reactive to taking a more proactive approach to uncover problems before they negatively impact the organization. Implementing a comprehensive monitoring and risk-based auditing strategy is one way to address the challenge.
The Growth of Compliance Demands
Healthcare providers do not need to be reminded of the relentless growth in compliance requirements. Changes in the healthcare landscape have resulted in increased scrutiny for providers who face expanding oversight in a number of areas. Auditing agencies and their sphere of influence have increased substantially in the past decade. The OIG investigates fraud and abuse, Recovery Audit Contractors (RAC’s) monitor hospitals for billing errors, Medicaid Integrity Contractors (MIC’s) look for Medicaid overpayments, and Zone Program Integrity Contractors (ZPIC’s) track Medicare fraud and abuse. This increased focus has forced providers to take a more in-depth look at their operations.
Organizations who hope to avoid the risks of non-compliance need to consider changing their billing compliance approach from being reactive to becoming more proactive. This means examining the operation to uncover and resolve issues before they can negatively impact the organization. Waiting until one of these agencies uncovers a problem will likely cost significantly more than if the organization can find it and fix it beforehand.
But it’s not just compliance risk that is worrisome. Ensuring proper billing and claims submittals also affects your revenue cycle. Incorrect coding and
insufficient charge capture can result in missed or under billing for services performed and can negatively impact cash flow and the bottom line.
As a result, more organizations are shifting from just scheduled audits to incorporate proactive, risk-based auditing. With only so much time available for auditing, it’s critical for organizations to target specific areas of interest and limit the time spent on areas with little or no significant impact. Making the move to incorporate risk-based audits could be one of the most important moves you can make to defend against the siege of compliance challenges.
Meeting the Challenge
Implementing a proactive approach to auditing requires a more in-depth analysis of processes and data than currently exists in most organizations. Much auditing is still done through manual sampling, so increasing the level and volume of reviews means consuming more resources – something in short supply for many organizations.
An effective mentality for organizations to meet this challenge is to work smarter, not harder. There are two critical functions needed to build your proactive approach; The ability to continually monitor the performance of your organization, and the ability to take a strategic data-informed approach to auditing.
Continuous Monitoring
Continuous monitoring enables management to frequently review charges and denials for adherence to and deviations from intended levels of performance and effectiveness. This enables revenue integrity and billing compliance teams to gather data on an ongoing basis from charge and denial data to identify anomalies and risk. It enables your team to quickly pinpoint where they should be directing their resources to optimize the quality of their auditing program.
A monitoring program enables you to process every case through screening analysis to find likely problems. With a static, prescheduled audit program, you will typically review less than one percent of cases. By using analytics to monitor 100% of your transactions, you eliminate the chance that outlying issues will remain undetected for long periods of time.
Risk-Based Strategic Approach to Auditing
Another way to work smarter is to incorporate a risk-based approach. Traditional periodic auditing processes where every provider is reviewed at a predetermined schedule can often be a “hit or miss” proposition when it comes to identifying risk areas. Many times the limited resources of a compliance group can be tied up reviewing providers who show a low chance of risk while high-risk providers continue to operate under the radar.
Shifting to incorporate a risk-based auditing model can help by focusing auditing resources on the areas that pose the highest risks. It also increases the chances that issues will be uncovered and resolved earlier, saving your organization time and money. A risk-based approach implemented on its own may focus on the most commonly denied charges, those procedures and services being targeted by the OIG or newer providers. When combined with continuous monitoring, a risk-based approach becomes incrementally more successful by focusing audits on known anomalies and risks.
Types of risk to consider focusing on:
• E&M risks for undercoding and overcoding
• New providers
• Metrics identified risks
• Department/facility based risk
• Risky diagnosis and procedure codes
Steps to Implementing a Data-Driven, Risk-Based Proactive Approach
1. ESTABLISH YOUR TEAM
The move to risk-based auditing is an organization-wide shift and is most effective when both the compliance and revenue cycle audit teams are involved. Breaking down silos should be your first order of business since everyone in the organization needs to be committed and pulling in the same direction.
The first step in accomplishing that goal is to make sure the team encompasses representatives from each group. Consider including members of your internal IT group as well as a representative from your system vendor. They know the capabilities of your auditing software and will be critical in helping to integrate the technology with the decisions you will need to make. If there are limiting factors in the software, it will be crucial to understand and resolve at the beginning. The transition team needs to work closely with all stakeholders to gather feedback and gain commitment from the entire organization.
2. REVIEW YOUR EXISTING AUDIT PLAN
Prior to planning your future state, you need to review your existing audit plan to establish a baseline. This will provide you with valuable insight into what pieces of the current plan are working effectively and should remain active in the new program.
This is a good time to consider a potential redesign of your current compliance processes and methodologies and possibly update them based on best practice analysis. This would include reviewing existing audit standards and development of an audit standards reference manual if one doesn’t exist.
This will also give you a good idea of what resources both the compliance and revenue cycle audit groups are expending and how they can most effectively be deployed when risk-based auditing is included.
3. DEVELOP YOUR NEW AUDIT PLAN
It’s not realistic or prudent to move from traditional to risk-based audits all at once. It is more likely that the two audit tracks will exist together in your new program. Over time, you will probably see a significant shift to risk-based, but traditional auditing may still have a place in your overall auditing program.
You must also consider key areas of your program including system settings, audit escalation plans, new provider onboarding process, risk area identification methodology, suspending and releasing claims, data sources and resource assignments.
Another consideration as you develop your new plan is if you would like to incorporate prospective audits into your program. Prospectively auditing your claims can make a big impact, especially if your organization is finding an increase in the number of denials.
There are several other details to work through if you do begin implementing prospective audits such as building a workflow to allow your charges to be held and the commitment from your coding department to address issues found quickly.
4. ESTABLISH YOUR AUDIT TARGETS
The next step in developing your risk-based auditing plan is to identify the greatest risks to the organization. Here are some basic ways to develop your targets:
External Guidance – Stay in tune with agencies that regulate Medicare or Medicaid and review the annual OIG work plan that outlines what federal regulators are focusing on in their audits. Monitor provider questions, payor requests and hotline submissions. CBR and PEPPER reports are also an effective way to uncover trouble areas. Consider any major trends related to COVID-19, complex claims, telehealth, coding and denials.
Benchmark Other Organizations – An auditing and analytics solution such as MDaudit may provide benchmark data that can be used to compare your organization’s data against other organizations to uncover trends. You can benchmark your performance against real-world data from peer organizations or CMS to better understand your efficacy and identify potential risk areas for further analysis.
Internal Review – Be aware of chatter or rumors of potential risk areas within the organization. Review prior internal audit results for trends that could lead you to potential risk areas. Look at referral relationships and arrangements, prior privacy breaches and quality-related events.
Monitor and Mine Your Data – One of the most effective methods is to analyze claims and billing data that may reveal trends that could lead to problems. Comprehensive dashboards and drill down capabilities help visualize and identify your organization’s trends and anomalies. Keep in mind, the areas identified might not always be related to the highest charges but may present a higher compliance risk which could lead to penalties and take-backs.
Analyzing this data systemically is much more effective and productive for anomaly detection than laboriously combing through Excel spreadsheets manually.
5. EVALUATE TECHNOLOGY SOLUTIONS
The key to success of a proactive approach lies in the ability to extract, analyze, and convert data into actionable information. Leveraging claims and system data for an effective analysis and auditing program requires the use of an audit analytics tool that delivers much more than simple reporting.
There are a variety of audit automation, anomaly detection, and visualization software packages on the market, but which ones are right for you? The key to success is an integrated solution that performs all three functions in one continuous loop, not a series of systems working separately. Using data analytics to improve and monitor the audit and compliance functions must be an iterative, investigative process. The tool your organization chooses must be able to dive into your identified risk areas— something not possible with a periodic, static, or traditional audit and testing solution. The analytics tool needs to support the ability to explore, investigate and make judgments as well as utilize the developed skills and experience of your auditing and compliance teams.
6. INSTITUTE A REGULAR REPORTING PROCESS
It’s critical for a risk-based audit program to include a feedback loop that is best accomplished with a comprehensive reporting process. This is crucial for keeping all members of the organization up to date on the effectiveness of the program. It’s important to establish a schedule for regular reporting cycles to senior managers, staff, and other stakeholders in the organization. This is also an effective process for gathering feedback from the staff involved with the program on a day-to-day basis.
7. ESTABLISH AN ONGOING MONITORING, VERIFICATION AND VALIDATION PROCESS
Another key requirement for your audit analytics tool is the ability to enable continuous monitoring, something that can’t be accomplished with static reports. Ongoing monitoring is necessary to make needed adjustments to ensure the program is working. You need a solution that integrates the process of gathering the data and then seamlessly feeding it back into the audit outcome reports in an automated fashion. That ensures that nothing is lost in the transfer, which can be the case when using separate tools for data gathering and testing.
Summary
Government agencies have become more aggressive in trying to recover overpayments. Profit margins are being squeezed by increased costs of regulation and compliance oversight. These challenges can be met and overcome through a proactive approach to billing compliance and revenue integrity.
Continuous monitoring and risked-based audit programs can be more effective because they proactively seek out areas that could be problems allowing for earlier, faster resolution before any damage is done. They provide more frequent education for those who need it and offer consistent reporting, keeping compliance and revenue cycle optimization in the forefront rather than making audits simply an annual presence.
MDaudit Enterprise Can Help
The MDaudit Enterprise platform offers robust auditing workflows, advanced analytical capabilities with AI powered insights and the ability the dive down into the performance of your auditing team and individual contributors.
