MACs Flex Their Muscles with Recent CERT Audit Findings
I. What is a CERT Audit?
The “Comprehensive Error Rate Testing” (CERT) program was created as a tool for the Centers for Medicare and Medicaid Services (CMS) to assess whether Medicare Administrative Contractors (MACs) are paying claims properly. Essentially, the CERT audit serves as an integral management tool for CMS as well as an important feedback mechanism for the MACs. When problem areas are identified, they can be addressed by Medicare contractors with audit responsibilities. Notably, several of the MACs around the country have been aggressively reasserting their program integrity roles.
Essentially, MACs write reimbursement checks on behalf of CMS. As a result, they play a central role in the Medicare reimbursement process. Therefore, when a CERT auditor finds that a MAC has been incorrectly reimbursing providers for claims which may not qualify for coverage, it is very important that the MAC immediately address this system-wide deficiency.
II. Recent Actions Taken by MACs in Response to CERT Audit Findings
In response to certain CERT audit findings, one MAC recently sent notification to providers of Evaluation and Management (E/M) services explaining that new “stringent corrective actions” will be taken to address some of the more common claims errors identified by the CERT auditors when conducting their reviews of MAC payment practices. As recent correspondence to a provider reflects, MACs are taking the results of CERT audits quite seriously, and are expanding their program integrity efforts. As one MAC recently wrote, the contractor stands ready to:
- Suspend a provider if that provider has “too many” payment errors (it does not state how many is “too many”);
- “[R]efer every physician” to that region’s ZPIC if those providers continue to bill for services which may constitute payment errors;
- “[R]efer every physician” to the ZPIC if there is a pattern of past payment errors; and,
- “[C]onduct prepayment reviews” of future claims, up to 100% of a provider’s claims.
To be clear, none of these potential corrective actions represent new authorities. Nevertheless, the fact that MACs are now reasserting these points is reflective of CMS’ ongoing concerns regarding the prevalence of improper claims. Indirectly, CMS is making it crystal clear that as the initial recipient and screener of Medicare claims submitted by providers for payment, MACs play an essential role in screening out improper claims and bad providers. As Medicare’s primary gatekeepers, MACs are responsible for identifying both improper claims and providers who may be engaged in abusive and / or fraudulent practices.
III. What Should You Do if You Are Notified of a CERT Audit?
Should you receive a CERT audit request for documents from a CERT Documentation Contractor (CDC), it is important to keep in mind that your practice or clinic is not being accused of fraud or wrongdoing. Fundamentally, a CERT audit is primarily designed to identify deficiencies and mistakes made by Medicare contractors. Nevertheless, it is imperative that you take a CERT audit request quite seriously. At the end of the day, it will be you, not the MAC, who is responsible for any overpayments identified as a result of the audit. Moreover, bad results on a CERT audit may lead to further auditing in the future.
IV. What Actions Should a Compliance Officer Take to Avoid Being Audited?
As an organization, if you are subjected to a CERT audit, the “horse is already out of the barn,” so to speak. Your goal is to review and monitor your organization’s coding, billing and utilization practices on an ongoing basis so that improper claims are never submitted to your MAC in the first place. In most cases, you can check your MAC’s website to determine if their CERT auditor has already identified certain areas of concern. For instance, one MAC recently reported that out of 508 errors identified in a CERT audit of certain Medicare claims, the contractor found that:
- 311 errors were due to “insufficient documentation.” Notably, a majority of the errors in this category were because the medical record “did not contain a valid physician’s signature” or because a diagnostic test performed “did not contain a valid physician’s order” or an identification of the provider who rendered the service.
- 132 errors were due to “lack of medical necessity” based on the medical documentation submitted.
- 37 errors were due to “incorrect coding” (primarily related to laboratory testing).
- 10 errors were due to “invasive procedures that were assessed to be without medically necessity.”
- 9 errors were due to an “incorrect procedure code” used when billing the service.
- 6 errors were the result of “billing for services that were not rendered.”
- 2 errors were due to “other errors.”
- 1 error was due to an “incorrect discharge code being used.”
Compliance Officers can take these “general” risk areas, add them to the “practice-specific” risk areas already noted, and take special note of these concerns when conducting internal reviews. The only way to avoid the scrutiny of Medicare’s various administrative contractors (MACs, ZPICs, RACs and CERT auditors) is to avoid payment errors altogether. While no provider is perfect, the development, implementation and adherence to an effective Compliance Plan can significantly reduce the number of improper claims submitted by a provider to a MAC for reimbursement.
V. What Actions Should a Compliance Officer Take After Receiving a CERT Audit Letter?
As Compliance Officer, upon receipt of a CERT audit request, you should carefully review the request and take steps to assemble a complete set of medical records and other supporting documentation related to the specific claims at issue. It is important not only to make sure that your documentation is complete when sending in records to a CERT contractor, but to make sure that compliance is a daily part of your practice. Ensuring that your documentation is appropriate and accurately documents both medical necessity and the level of services performed can greatly assist you in avoiding trouble down the road.
Now, more than ever, it is important that you have an effective Compliance Plan in place. Your Compliance Plan should explicitly set out your organization’s policies about how to correctly assess the need for, and document the services provided to a Medicare beneficiary. Otherwise, as demonstrated by the tough stance being taken by the MAC discussed above, CERT audits and other Medicare post-payment audits could raise serious problems for your practice.
Liles Parker attorneys represent health care providers in CERT, MAC, ZPIC and RAC audits and investigations. Our attorneys have extensive compliance experience and can conduct “gap” analyses designed to place your practice or clinic on solid regulatory footing. To speak with one of our attorneys, call 1-800-475-1906 for a free consultation today.