In this episode, Cyndy Kowalski, a manager in our Compliance Services Team at BESLER Consulting, discusses auditing and monitoring for compliant physician documentation and coding.
Michael Passanante: Hi, this is Mike Passanante. I’m glad to be back with you here on the Hospital Finance Podcast. And today, I am joined by Cyndy Kowalski who is a manager in our Compliance Services Team here at BESLER.
Cyndy is going to walk us through auditing and monitoring for compliant physician documentation and coding. Welcome back, Cyndy.
Cyndy Kowalski: Thank you, Mike. It’s good to be back.
Michael: So, let’s jump right in. Auditing and monitoring sound a bit like the same thing. Can you differentiate that for us?
Cyndy: Certainly! When we talk about auditing and monitoring – let’s start with monitoring.
When we think about a compliance plan and we’re going to perform the monitoring, monitoring can be a day-to-day review. It could be quarterly. It will depend on the needs and why something is being monitored.
Monitoring is also not necessarily independent of the department, of the specific department or business unit. And what I mean by that is this can be considered a self-review or a peer review. You’re basically evaluating from within and that’s one of the differentiators.
Monitoring is considered an everyday part of process improvement and evaluation. We put something in place and now we want to know how well we’re doing with what we implemented.
Monitoring as it relates to compliance is also considered more informal – day to day, within the department. And it’s basically a process that’s used to determine how well you’re doing with a specific process, a specific control.
And most frequently when we talk about monitoring, it will either be performed by or directed by management, the director of the unit, something to that effect.
When it comes to auditing, again, as it relates to compliance, we’re now talking about a more formalized approach. It is generally done independently, usually outside of the department. And the intent of auditing is that you’re getting an objective review if you will.
Auditing is performed by someone who has no tie or vested interest in the outcome of the audit itself or in the unit where it’s being performed. And audits have a more established approach and methodology for selecting sample size, how something is going to be done. Again, that’s really where you get that more formal approach.
And I think one key takeaway with auditing and monitoring is when it comes to auditing, you should not be auditing yourself. You can monitor yourself, but you should not necessarily be auditing yourself.
Michael: So Cyndy, how does an organization move forward with establishing an auditing and monitoring plan?
Cyndy: I think when you think about moving forward, first you want to look at what your process is going to be. To start, you want to determine if is this going to be internal or external process?
Certainly when it’s around monitoring, you want to be able to watch your day-to-day progress, watch your day-to-day operations if you will. And I think that in establishing a plan for monitoring, it is important to understand that monitoring in and of itself is not the control. It’s the process to evaluate how well you’re doing with the controls if you will.
Monitoring also, you’d want to establish a monitor for implementing new rules, new practices or maybe you want to identify high risk areas, performing a risk assessment to some extent and just looking at a broad informal cross section of your day-to-day operations.
When you think about establishing a plan for auditing, here probably it’s another time when you need to decide if this is going to be an internal audit outside of your own department or if you’re going to rely on external resources. Again what you want to consider is you really need your results to be objective and the integrity of the auditor is integral to the whole process.
You’ll find auditing utilized for-cause reviews if you’ve noticed a process issue. You may also see audits around risk assessments focusing in detail if you will into high risk areas. Audits can be used following the monitoring of a corrective action plan. You can also then do an audit to validate if you will what you think you saw in the monitoring as far as your corrective action. And I think a key here is the more independent the audit, the more integrity with the audit. It removes all of that subjectivity.
And just a point, auditing is not necessarily better than monitoring. It’s just different. The focus of both is just a little bit different.
Michael: Okay. Would you suggest auditing before any type of education is delivered just to establish a baseline or would you do that after?
Cyndy: You can certainly provide education and monitoring prior to auditing if you are interested in your baseline data, especially if we’re talking about a new process or a new policy. You want to afford everyone the opportunity to learn the new process and understand it prior to actually doing an audit. You want to provide the education, be able to walk people through it, keep an eye on it, make sure there aren’t questions and then perhaps consider auditing.
However, when we were talking about a for-cause audit where you’ve identified a concern or a compliance issue or even if you’re evaluating your corrective action, educating again is not necessarily appropriate. If you have a for-cause audit, you certainly don’t want to educate until you identify what the issues are.
So the short answer is it would depend on the purpose of what you are going to audit or monitor. There is opportunity for both. It just depends on the situation. In cases where you’re concerned about a process or implemented, you certainly could do that. But when it’s for-cause or a process issue, you certainly don’t necessarily want to do that. You want to get a pure investigation, a pure result as to what exactly is going on.
Michael: So how can these audits and monitoring be utilized?
Cyndy: Using audits as an example as part of a due diligence assessments when you’re bringing in new physicians or a new group of providers is and can be very beneficial. This is where it will give you that baseline. It will give you the opportunity through that to outline operational standards, what they may already have in place, what some of the shortfalls may be in their practice or in their policies. And it will also give you an opportunity to identify risk areas that perhaps could be noncompliant.
When you’re also doing these audits and monitoring, you can also include interviews. You can interview employees to gain that understanding. That too can be very helpful when you’re bringing on a new group.
Again, it helps you perform your risk assessment. It helps you perform an effectiveness survey. It will help outline a plan of correction if one is necessary or even if it’s just an onboarding process to establish what type of orientation would be required, especially if you’re taking a smaller group and incorporating them into a larger practice or more of a corporate structure. There may be a balance that you had to develop.
Another area where practices may benefit from auditing and monitoring is with the OIG work plan and the fraud alerts based on what was identified as potential risk areas and any alerts that come out outlining potential risk. There is another opportunity to perform these.
You also can use them to develop any special training specifically if you’ve identified through an acquisition a high risk area, whether it’s coding, billing. It would help you identify it and afford you the opportunity to develop a comprehensive plan as far as education and then monitoring down the road.
A consideration for physician audits would be auditing within three months of bringing the physicians onboard. You would want to be sure that you’re sharing the findings so that you’re establishing that communication, facilitating what the needs are.
But in addition, I think by performing the audit, you also establish the importance of compliance as it relates to the organization. It gives you an opportunity to establish and describe the culture of the organization that there is a commitment to compliance. And in addition, that would then lead to the importance of accurate documentation, accurate coding and where that fits as far as the organization goes. If there’s a solid commitment and a lot of discussion around it, that will become very evident and it just supports the mission of the organization, the objectives of the compliance program and then reiterates that with anyone else that you’re bringing on.
With re-audits, once you’ve done your audit, you’re going to go back to re-audit. Re-audit should be triggered by a set of criteria not just a random timeframe. You may want to establish if you reach this percentage of noncompliant activity. That will trigger re-audit after education. So it’s important to understand the parameters for when you would want to audit or re-audit. You certainly want to again go back to ensure that you’re allowing the time for the education to be performed.
Michael: So what happens when the results of an audit are not good?
Cyndy: When the results of the audit are not necessarily good, it basically opens up the organization, whether it’s the specific practice, whether it’s the specific provider or the entity itself, the hospital, into further investigation if you will. And as we’ve discussed in the past, we know that the government is taking compliance or lack of if you will very seriously.
There are many agencies that are involved. Any one of them at any given time could show up on your doorstep. So I think it’s important to understand that if you choose or for any other reason that you’re not able to have a comprehensive compliance program in place, it does expose you to noncompliance visits from anyone from the OIG to Department of Health, Department of Justice and bad things tend to happen when you start going down that path. So the time and the effort that someone would put into place through an effective compliance program can certainly mitigate part of that.
Michael: Describe for us how auditing and monitoring affect a compliance program overall.
Cyndy: Developing and implementing a compliance program as a whole is not necessarily a one-and-done. It’s important to know that compliance is fluid. It’s never static. Think of it as many moving parts. Establishing controls will help set the stage for a compliance process. These are what we call the checks and balances that we hear about so frequently.
We tend to get caught up in the day-to-day. There may be staff turnover. There’s always a new rule, a new regulation. It’s almost possible to keep track of those changes. So developing a compliance program and specifically performing the auditing and the monitoring is just one opportunity to mitigate those risks and actually afford yourself the opportunity to detect them prior to them becoming a bigger issue.
Michael: So you talked about the benefits of an external audit. How do you determine who should be doing the auditing? Is it an internal auditor or an external auditor?
Cyndy: When we talked about the monitoring, an internal audit would be considered. You could do that within your organization. It could be another department again related to auditing. You may choose to use an external source.
And again we go back to talking a little bit about the objectivity. You may have the need if you’re doing a for-cause survey to use a subject matter expert. So you may want to look outside your own organization.
When you think about doing these audits, your focus is independence. The more independent the audit, the more integrity.
Michael: One last question for you, Cyndy. What does the final product look like for a physician documentation audit?
Cyndy: The OIG guidance talks about all healthcare providers have a duty to reasonably ensure that claims that are submitted are truthful and accurate. Employing these types of techniques, the monitoring and the auditing ensures proper payment of your claims and it guards against violation of federal laws.
This could also lead into physician self-referrals, impermissible kickbacks. So auditing and monitoring increase the accuracy of your documentation by again encouraging that culture of compliance both within the practice and within the organization as a whole.
The commitment to the documentation and compliance generally is going to enhance the patient care. I think when we think about compliance and as it relates to penalties, both civil and federal and things like that, we tend to forget a little bit about patient care and the quality of patient care. But a good solid effective compliance program will enhance patient care.
In addition, it will reduce your billing mistakes. It will streamline operations as you identify areas for improvement, high risk areas. And it will also reduce your audit risk, which is all of our goals, to avoid that knock on the door. And it will also help the physician practice avoid entering into any type of corporate integrity agreement with the OIG. So there is a multitude of aspects if you will to a solid auditing and monitoring program.
Michael: Cyndy, thanks for all that great information today and for spending some time with us.
Cyndy: Thanks, Mike.