Top 3 EHR Compliance Risks - How to avoid Auditor Scrutiny?

Posted by: Suzanne Prasad

Schedule Free Demo & Consultation

EHRs provide physicians with many benefits; however, there are also compliance risks inherent in the technology. Physicians must be aware of these risks and take steps to address them, said Sandy Giangreco, compliance_risk.jpgRHIT, CCS, CCS-P, RCC, CPC, COC, CPC-I, COBGC, coding compliance audit senior manager at CHAN Healthcare, and Kim Huey, MJ, CHC, CPC, CCS-P, PCS, CPCO, independent coding and reimbursement consultant.

Giangreco and Huey both spoke during the 88th annual American Health Information Management Association’s (AHIMA) convention held October 16-19, 2016 in Baltimore, MD.

This article addresses several compliance vulnerabilities that Giangreco and Huey discussed and provides tips on how to mitigate risk.

New Call-to-Action

#1: Upcoding

In a 2012 article, the Center for Public Integrity warned that coding levels may be accelerating due—in part—to an increased use of EHRs.

“As physicians go live with an EMR, we have seen that their coding levels go up. It’s easy to create that detailed patient file with just a few clicks,” said Giangreco.

In an age of EHRs, the long-standing medical coding mantra, ‘If it’s not documented, it didn’t happen,’ has now become, ‘It’s documented, but did the physician really do it?’ she added.

Compliance tips:

  1. Ask your EHR vendor for training on how to correctly select a diagnosis and/or evaluation and management (E/M).
  2. Don’t default to the first code in the drop-down menu. Huey shared a story about a physician who unknowingly selected ‘intractable migraine’ for every patient. Attention to detail is critical, she added.
  3. Beware of automatically pulling historical conditions into the current assessment/problem list. Coders may assume through no fault of their own that the physician is managing those conditions and should thus be compensated those services. What ends up happening is that the physician is ultimately reimbursed for treating previous conditions that he or she technically didn’t address during the current encounter, she added.
  4. Don’t always rely on the automatic code generator. Ideally, the physician can override the generator to assign a higher or lower code, said Giangreco. However, physicians who do use this functionality must ask the following questions:
    • On what set of E/M guidelines are the codes based? “The physician can use whatever set of guidelines is most advantageous, so we want to be able to have it set up for both,” said Giangreco. In some cases, documentation may justify a higher E/M code under one set of guidelines vs. another, she added.
    • Has the coding software been programmed to account for medical policies specific to your local Medicare contractor? “Some of our Medicare Contractors have given us some great detail with E/M … It’s in writing, and you can defend an audit with that,” she said.
    • How does the coding software manage dictated portions of the encounter?

#2: Templates

Templates can save physicians considerable time, but only when they’re designed correctly and compliantly.

Compliance tips:

  1. If a physician creates his or her own template, ensure that someone—ideally a certified medical coder—reviews it, said Giangreco.
  2. Personalize templates for each complaint and/or diagnosis.
  3. Ensure that you can easily identify who contributes to each portion of the template.

#3: Copy and paste documentation

Copy and paste documentation—sometimes referred to as cloned documentation—has plagued physicians since the dawn of EHRs. That’s because copying and pasting information in the record poses several compliance risks, including:

  • Perpetuating outdated or redundant information
  • Making it difficult or even impossible to identify the author and/or date of creation of the information
  • Unnecessarily lengthening notes due to voluminous documentation
  • Causing physicians to inadvertently and unintentionally bill twice for the same work
  • Compromising the quality of care and integrity of the information

In its 2012 Work Plan, the Office of Inspector General (OIG) referenced cloned documentation when it said it would focus on potentially improper payments in the EHR because “Medicare contractors have noted an increased frequency of medical records with identical documentation across services.”

Auditors continue to focus on these documentation patterns, looking for evidence of false claims, said Huey. She shared a story in which an internal medicine physician subject to a ZPIC audit ended up having to repay a significant amount of money because of cloned documentation related to pain management services. The auditor made the discovery by looking at multiple records for the same patient over time—something Huey said is becoming more common.

“They’re comparing visit to visit to see what has changed,” she added.

Compliance tips:

  1. Remember that each encounter stands alone. “We want to be certain that providers are only documenting what they did [on a particular day],” said Giangreco.
  2. Pay close attention to lab data. If you copy and refer to previous lab-related information, be sure to copy the date on which those labs occurred, she added.
  3. Label historical information. This ensures that physicians don’t inadvertently ‘double dip’ for payment, said Giangreco. Preface historical information with a sentence such as, ‘I copied this for historical and continuity of care purposes to show the patient’s trajectory,’ she added.

Looking Ahead : Beware of other Compliance Red Flags

Huey said these other red flags can also make physicians vulnerable from a compliance standpoint:

  1. Not using one’s own log-in information
  2. Clinical contradictions (e.g., patient complains of a rash but the skin exam is negative)
  3. Working or grammatical errors/anomalies
  4. Medically-implausible documentation

Identifying and addressing these and other risks proactively helps physicians avoid costly and time-consuming audits and legal battles.

Click here to learn more about how an EHR vendor can help physician practices ensure compliance.

New Call-to-action

You will find the following posts useful:

  1. Struggling with Practice Revenue Streams? Here are 10 top ways to revitalize them
  2. 7 Remarkably Easy Tips to Prevent and Manage Claim Denials
  3. 5 Key Merit-Based Incentive Payment System (MIPS) Concepts Physicians need to know
  4. Struggling with Practice Revenue Streams? Here are 10 top ways to revitalize them

Topics: EMR Software, EHR Implementation, Coding Compliance

  • There are no suggestions because the search field is empty.

Why RevenueXL

Streamline Your Small Practice With Customized Solutions

EHR Software, Practice Management, Telemedicine, Patient Engagement, Credentialing, Medical Billing Services, Denial Management, Coding Compliance and Audit

All-in-One EHR Software - Tired of Your EHR Software?

Related Posts

EHR Vendor Selection Criteria | EHR Selection Process

EHR Vendor Selection Guide For Small Medical Practices Successful implementation of medical EHR software can only be achieved by following a sound...

Read More

What is MIPS?

Learn More about Merit-Based Incentive Payment System MIPS or Merit-Based Incentive Payment System is a program that falls under the Quality Payment...

Read More

Providers: Mobile Healthcare Revolution Can Change Your Life. Adopt It.

There’s no doubt that mobile healthcare—often referred to as mHealth—has the ability to transform healthcare as we know it. Mobile health technology,...

Read More

Ready to Transform Your Practice?

PrognoCIS EMR Software - Award-Winning Patient Records Learn how it works