The Centers for Medicare and Medicaid Services (CMS), through its contractors, often perform medical record reviews and audits for new and existing providers and suppliers. These audits are conducted to detect potential fraud and abuse within the healthcare payment system. In the past, the records reviews started with a letter from CMS to the provider with a list of patients. The provider then copied the records and sent them to the CMS contractor. Now, there has been a recent uptick in on-site visits, either scheduled or unannounced. Many insurance payers are following suit and conducting random site visits.
There are many reasons for the on-site visits. For starters, an onsite visit and records inspection would prevent a provider or supplier from unlawfully altering the medical records. In addition, the payers also want to see for themselves the type of equipment being used to verify that it is coded properly. Payers also want to see who is providing services within the office. Sometimes, unlicensed staff is providing professional services or licensed providers are acting outside their scope. These problems are revealed during an on-site inspection.
If a provider receives a letter or fax from a CMS contractor or insurance payer for a site visit, or if an unannounced visit occurs, there are things that a provider should so.
1.Verify that the auditors are who they say they are. Check their credentials including photo ID.
2.If you receive a letter or fax, verify that it is legitimate. If there is an email or call back number, use them as part of your verification process.
3. Immediately call your attorney. You may want your attorney to appear at the site visit or at least your attorney can advise you and your staff how to conduct yourself.
4.Try to arrange another, more convenient time. If auditors appear or want to appear during busy patient hours, you should politely try to re-schedule with them.
5.Clean your office.
6.Perform your own self-audit including making sure certificates are displayed and HIPAA standards are met.
7. Perform a self-audit for safety standards including health department standards and OSHA.
8. Arrange a clean, secure room for the auditors to give them work space. Lead them directly to the room and close all other doors in the office.
9. Try to arrange a time when employees are not there. If the audit is for medical records only, try to obtain a list of patients in advance and have only one person present during the copying/scanning of the records.
10.Keep copies of everything provided to the auditors.
11. Understand your rights and responsibilities. Does your staff have to be interviewed? If so, instruct them how to answer questions truthfully and accurately.
12. Ask the auditors questions to determine why they are there. Do they suspect something? What issues have they been seeing in other offices?
13. Do not volunteer any information.
14. Be pleasant and courteous.
Compliance and proactivity should go hand in hand. Health care providers and suppliers should implement policies and procedures to prevent, detect and correct instances of mistakes, fraud or abuse within the practice. Contacting an attorney to implement a Compliance Program within the office should be the first step. Then, the practice can feel comfortable and secure even when an office site visit occurs.