At the beginning of the COVID-19 Public Health Emergency, CMS reprioritized their audit activity and allowed Medicare Administrative Contractors (MACs) and Qualified Independent Contractors (QICs) more flexibility in their auditing processes.1 As a result, there were far fewer audits of physician practices in 2020 and most of 2021. That hiatus seems to have come to an end. In late 2021 and through 2022, many ophthalmic practices have been, and continue to be, asked to provide medical records to support claims submitted for reimbursement. In this month’s column, we’ll look at the salient points regarding these audits.
Q: What types of audits are currently active?
Ophthalmologists are getting chart requests for Targeted Probe and Educate (TPE) audits, Supplemental Medicare Review Contractors (SMRC), Recovery Auditors (RA) and Unified Program Integrity Contractors (UPIC) auditors.2-5
Many practices have recently received comparative billing report (CBR) letters, but these aren’t audits. The CBR program was intended to enhance accurate billing practices and support providers’ internal compliance activities. A CBR discusses the billing and/or prescribing patterns that may be prone to improper Medicare payments.
Receiving a CBR is not an indication of a current audit or an indication that an audit may be initiated.6 Furthermore, a CBR doesn’t require a response. Also, you can access your CBR online.7
Q: What ophthalmic services are getting the most audit attention?
Cataract surgery and injections—both intraocular injections and botulinum toxin injections—have been the focus of TPE, SMERC and RA audits.
For cataract procedures, these reviews focus on the medical necessity of surgery, as well as the accuracy of the coding on claims. Carefully review your Medicare LCD for cataract surgery, especially the language in the “Indications for Coverage” and the “Required Documentation” sections. Common requirements include patient “Activities of Daily Living” affected by decreased vision, a best-corrected visual acuity and a statement that a change in glasses will provide a satisfactory improvement in vision. Some LCDs also require the use of the VF-8 form or similar questionnaire. Others require a physician attestation stating that other ocular conditions have been ruled out as the source of the decreased vision.
Q: What deficiencies have been seen in reviews related to injections?
Primarily, the reviewers are looking to ensure the billing rules are being followed and the procedures are well documented. Billing-rule issues include:
• the timing of injections; procedures repeated on the same eye within 28 days may be “off label,” depending on the medication used;
• valid clinical indications, diagnosis, test results and clinical findings; and
• minor surgery rules as they pertain to billing an exam on the same day as the injection.
Don’t presume that since these are office-based procedures they don’t require a procedure note. Also, very abbreviated notes are difficult to defend. Appropriate documentation for injections includes:
• a surgical plan including the name of the drug, the dosage, and the indication;
• documentation of physician informed consent;
• a procedure note including the volume and dose of the injected drug, the lot number and expiration date, as well as how much (if any) was wasted or discarded;
• documentation of any complication (including medication errors); and
• discharge or follow-up instructions.
Q: How should I craft a response to an audit letter?
Organization is key. You should assign one ‘captain’ to oversee the project but you may need to assemble a team to gather the notes and formulate a response. In the event you’re undergoing multiple audits at once, treat each as its own project. This is not uncommon in group practices where the separate records requests are made of each physician.
Carefully read the entire audit response letter—then read it again. First, pay attention to deadlines. Ask for extensions, if given the option. Next, take note of the documents being requested, perhaps create a checklist to be used in gathering and organizing the data. Some requests specify the order in which they want the documents arranged. Send everything the reviewer needs to support the claims in question, even if that includes forms or dates not specified in their request.
If options are provided, determine how the documents will be given: I.e., via an established digital portal; as shipped paper copies; or through a secure email system. Keep copies of everything you send and keep a log of any correspondence (e.g., phone calls, emails, letters) related to the project.
Q: The SMRC audit response offers a Discussion and Education period. What’s involved with this, and should we agree to it?
The D&E period allows the reviewer the chance to discuss the rationale of their review findings, communicate recommendations and educate the provider on coverage, coding and payment policies related to the services audited. This is done to avoid future denials and provide another opportunity to submit missing documentation. Practices should take advantage of this. The audit-result letter gives you 14 days to submit your request for a D&E. Note: even if you miss this deadline for scheduling this D&E, request one anyway. The SMRC reviewer is likely to agree and schedule the D&E session within 14 days of receiving the request.
Q: If our review results are unfavorable, can we appeal the auditor’s decision?
Yes, there’s a standard audit appeal process. This is usually conveyed in the audit response letter you receive. Often, you’re allowed to provide additional information for a re-review. The appeals process usually begins once a demand letter is received. Visit the website for the Medicare Administrative Contractor for its instructions and forms.
Q: We’ve responded to the request with the appropriate documentation, now what?
Though you might prefer to “sit and wait,” this is a good time to review your work and make changes that may improve your compliance with the billing rules moving forward.
As you prepared your response to the auditor, you may have uncovered areas where improvements could be made in your process or in your team. For example, it may be time to assess current forms, templates, EMR use, billing office procedures or overall revenue cycle process. Make updates as needed. Consider educating, or re-educating, physicians and staff on the importance of accurate documentation and coding. Revisit the role of, and the tasks assigned to, each member of your team, and confirm they’re provided with the tools and resources needed to complete those tasks.
In conclusion, while you can hope your practice never gets audited, that isn’t a management strategy. Instead, practice in way that you can withstand any payer scrutiny if or when it occurs. To summarize:
• establish a compliance or quality assurance program;
• stay up to date on coding and billing rules;
• review and adhere to payer policies;
• conduct ongoing employee training; and
• monitor your accuracy using internal audit programs.
Mary Pat Johnson is a senior consultant at the Corcoran Consulting Group and is based in North Carolina. She can be reached at firstname.lastname@example.org.
1. CMS website. https://www.cms.gov/files/document/medicare-advantage-and-part-d-plans-cms-flexibilities-fight-covid-19.pdf. Accessed October 14, 2022.
2. TPE Audits. https://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Medicare-FFS-Compliance-Programs/Medical-Review/Downloads/TPE-QAs.pdf. Accessed October 14, 2022.
3. SMRC Audits. https://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Medicare-FFS-Compliance-Programs/Medical-Review/SMRC. Accessed October 14, 2022.
4. Recovery Auditors. https://www.cms.gov/research-statistics-data-and-systems/monitoring-programs/medicare-ffs-compliance-programs/recovery-audit-program. Accessed October 14, 2022.
5. UPIC Auditors. https://med.noridianmedicare.com/web/jddme/cert-reviews/upic. Accessed October 14, 2022.
6. CBR Notices. https://cbr.cbrpepper.org/Home. Accessed October 14, 2022.
7. Locating your CBR. https://cbrfile.cbrpepper.org/.