“Upcoding” remains a common mechanism of improper payments.
“Healthcare compliance is the process of following rules, regulations and laws that relate to healthcare practices,” according to the PowerDMS Policy Learning Center. Although all healthcare organizations have a compliance department, how the clinical documentation integrity (CDI) department interacts with compliance and supports practices compliant with Centers for Medicare & Medicaid Services (CMS) regulations varies across health systems. The purpose of a compliance program is to prevent, detect, and correct non-compliance to avoid fraud, waste, and abuse.
According to the U.S. Department of Health and Human Services (HHS), some healthcare entities pose a heightened risk to the financial security of Medicare due to the volume of improper payments they incur. Healthcare organizations have a duty to submit proper claims to CMS; however, “upcoding” remains a common mechanism of improper payments. Because compliance is the responsibility of everyone employed by the health system, CDI leadership should be actively engaged in monitoring CMS claims data for potential overpayments that could represent simple errors or process issues resulting in institutional non-compliance. In particular, CDI departments should be gatekeepers meant to avoid “billing for services at a level or complexity higher than services actually provided or documented in the medical record,” according to CMS.
An overpayment is defined by Medicare as one that “exceeds regulation and statute properly payable amounts.” Medicare overpayments can occur due to “incorrect coding and/or insufficient documentation,” both of which should be monitored by CDI and coding leadership. Healthcare entities have 60 days from overpayment identification to report and return a self-identified overpayment to Medicare. Reporting of an overpayment should include a written explanation for the overpayment, e.g., coding error, failure to follow organizational billing practices, etc. The concept of “identification” is broadly applied, as the rule states that this means when a person has or “should have, through the exercise of reasonable diligence” determined an overpayment.
Misusing codes on a claim, such as upcoding (when a provider assigns an inaccurate billing code to a medical procedure or treatment to increase reimbursement) and coding errors are examples of Medicare abuse if the incorrect coding or billing practices are not widespread practices, in which case it could be an example of fraud. CDI and coding professionals are both subject to the federal civil False Claims Act (FCA):
“The civil FCA imposes civil liability on any person who knowingly submits, or causes the submission of, a false or fraudulent claim to the Federal Government. The terms ‘knowing’ and ‘knowingly’ mean a person has actual knowledge of the information or acts in deliberate ignorance or reckless disregard of the truth or falsity of the information related to the claim. No specific intent to defraud is required to violate the civil FCA.”
CMS has a variety of tools to monitor inaccurate payments, including the Comprehensive Error Rate Testing (CERT) Program, Medicare Administrative Contractors (MACs), and the Recovery Auditors. According to CMS, the CERT program reviews a statistically valid stratified random sample of Medicare fee-for-service (FFS) claims to determine if they were paid properly under Medicare coverage, coding, and payment rules. CERT findings create the framework for MAC audits and those performed by Recovery Auditors. While CERT leverages a random sample of claims, the Program for Evaluating Payment Patterns Electronic Report (PEPPER) data provides hospital-specific Medicare claims data. Target areas included in PEPPER were identified by Recovery Auditors and MACs, and are updated periodically.
“PEPPER is an electronic report that provides provider-specific Medicare data statistics for discharges/services vulnerable to improper payments. PEPPER cannot be used to identify the presence of payment errors, but it can be used as a guide for auditing and monitoring efforts to help providers identify and prevent payment errors.”
If you manage a CDI or coding department, you should be reviewing your PEPPER data on a quarterly basis; however, the national download rate is currently at 62 percent. Failure to monitor Medicare claims data included in PEPPER can be an example of “deliberate ignorance or reckless disregard,” according to ACDIS, if your organization is an outlier. Although PEPPER data is not specifically distributed to Recovery Auditors or MACs, both of these Medicare contractors have the ability to request charts related to PEPPER target areas, and have sophisticated data mining techniques to identify outliers.
PEPPER target areas are constructed as a ratio. The numerator includes discharges identified from paid Medicare claims per CMS fiscal year (i.e., October to September) quarter that are identified as potentially problematic because they are likely to be miscoded or result in medically unnecessary services. The denominator is the larger reference group that includes the numerator.
For this article, our focus is coding target areas that include:
- Stroke Intracranial Hemorrhage;
- Respiratory Infections;
- Simple Pneumonia;
- Unrelated OR Procedures;
- Medical DRGs with CC or MCC;
- Surgical DRGs with CC or MCC;
- Single CC or MCC;
- Severe Malnutrition;
- Excisional Debridement;
- Ventilator Support; and
- Emergency Department Evaluation and Management Visits.
Each hospital’s ratio is compared to other hospitals at the state, MAC jurisdiction, and national levels, resulting in a ranking by volume percentage. PEPPER data uses the high outlier threshold of the 80th percentile and a low outlier threshold of the 20th percentile. If the percentage of paid Medicare claims for the specific target area ranks at the 80th percentile or above, the organization is considered a high outlier for that target area. In other words, the percentage range for a particular target area may be from 20 to 75 percent. The 80th percentile may result in all those hospitals with a target area ratio of 68 percent or higher. The ratios among all hospitals and the 80th percentile cutoff will vary from quarter to quarter.
If you are new to PEPPER and integrating a compliance focus into your CDI or coding practices, a good place to start is the National High Outlier Ranking Report. This page of PEPPER data will have red if your organization is a high outlier in any target area across the most recently reported 12 quarters of data, as well as the total number of times your organization was a high outlier for each target area. If your organization happens to be a high outlier for any coding target area, that does not necessarily mean there is a compliance issue. A best practice is to investigate why your organization is an outlier by sampling claims and reviewing documentation to validate the assigned codes and billing. Ask yourself, does it make sense for your hospital to be among the top 20 percent of all hospitals for that particular target area?
CDI departments are increasingly renaming the “I” from “improvement” to “integrity.” Integrity is defined as “the quality of being honest and having strong moral principles.” Reviewing PEPPER data is a way for CDI and coding managers to identify areas that may be vulnerable to overpayment. If outliers exist, investigate the associated claims to validate the coding and billing. If coding or billing errors occurred, determine the cause(s) of the errors, e.g., human error or process issues, and look for ways to prevent future non-compliant coding and billing practices. Even if your organization is not an outlier or the internal investigation does not reveal the potential for overpayment, CDI and coding leadership should ensure there are safeguards in place to prevent non-compliance, and monitor staff adherence to those processes.