Skip to main content
  • Savvy Coder

    Put on Your Audit Armor, Part 1

    By Sue Vicchrilli, COT, OCS, Academy Director of Coding and Reimbursement

    Download PDF

    It’s not a matter of if but when a third-party payer sends you a request for records. And when that day ar­rives, having a written protocol in place will help to ease your angst. Here’s how to get started.

    Be Audit Ready: Create Written Protocol

    Use the protocol below as a starting point, and customize it to fit your practice.

    You receive a request for records. What do you do next?

    1. Do not toss the envelope. It shows the postmark date. The letter inside may be dated much earlier than the date when you received the request.

    2. Determine the type of audit or investigation. The government has assigned auditing duties to several types of organization, each with its own type of audit. These include the following:

    • CERT: Comprehensive Error Rate Testing
    • OIG: Office of Inspector General investigation
    • RA and RAC: Recovery Audit (RA) and Recovery Audit Contractor (RAC)
    • SMRC: Supplemental Medical Re­view Contractor
    • TPE: Targeted Probe and Educate
    • ZPIC: Zone Program Integrity Contractor

    The mechanics of the audit may vary, depending on which type of audit is performed.

    3. Identify the due date for sending records. Respond within the time limits provided, or immediately request an extension. Make sure you document written confirmation of new due date.

    4. Look for the common theme. Does the auditor seem to be zeroing in on a particular level of E&M or Eye visit code? A consistent modifier? A particular testing service? A high-volume surgery? Is it a single date of service versus a series of encounters?

    5. Note the date of service request­ed. Make sure that you are gathering documentation for the correct date of service.

    6. Check the records for signatures. For paper charts, is the physician signa­ture present and identifiable? If signatures are illegible, immediately prepare a signature log. Include the names of all who document in the medical record and identify their title (i.e., MD, DO, OD, technician, scribe, receptionist, etc.). If the signature is missing from the medical documentation, it is acceptable for the author of the medical record entry to add a signed attestation that he or she had entered the original information into the record.

    If you use electronic health records (EHRs), provide documentation that the physician signature is “secure” and nobody else has or uses the physician password. Most audits also request EHR signature protocol. Without an identifiable, secure physician signature, the auditors do not have to complete the actual audit—they can just deny payment.

    7. Provide a list of abbreviations used. Don’t assume that the auditor will understand the abbreviations used in your records.

    8. Check whether LCD(s) apply. If the payer has a Local Coverage Deter­mination (LCD) on a test or surgery performed, quote chapter and verse from that LCD. Be sure to use the LCD that was in place at the time the test or surgery took place.

    9. Make sure tests are fully docu­mented. If testing services are part of the audit, make sure there is a written order that identifies by name what test and which eye(s). Furthermore, the medical necessity for the test should be obvious in the medical record; the phy­sician should provide the interpretation and report as soon as possible; and if the delegated test falls under direct su­pervision, make sure the payer is aware that one of the practice’s physicians was on site during the test.

    10. Self-audit. If the auditor is looking at E&M or Eye visit codes, audit internally before submitting the documentation, so you can gauge your worst-case scenario. Next, you can estimate how much money the auditor might seek to recoup and plan accord­ingly.

    11. Make sure that a physician re­views the documentation. Physicians should have the opportunity to review all records before that documentation is sent to the auditor.

    With paper charts, if the handwrit­ing is not readily legible, physicians should take the time to dictate (not embellish) the notes. Include the actual chart note plus the dictation. After all, only that which can be read can be audited.

    With EHR, check whether all fields are populated. For example, if doc­umentation shows only those body systems that have a problem and not those that are normal, you won’t receive credit for reviewing 10 or more systems. Work with the vendor to make sure all fields show when the record is printed.

    12. Remember that the Academy is here for you. Email

    Two Real-Life Scenarios

    Scenario 1: The dutiful but ill-informed staff member. A staff member opens the mail and finds an audit request for 40 charts. In an effort to be helpful, he compiles what he perceives to be the appropriate documentation. He submits it without telling the physician.

    The audit results are not favorable, and a substantial refund is requested. Now the employee needs to plan for an appeal or a refund and must tell the physician. If the refund is not made within the allotted time frame, future pay­ments will be withheld until the recoupment is paid in full. This can have some awkward repercussions. Suppose, for instance, the physician’s partner submits the next few claims to this payer. It will be the partner who is impacted when the payer withholds payment for those claims. Patients may also be affected, as the practice won’t be able to post a payment to a patient’s account if actual funds aren’t available for deposit.

    Scenario 2: Kicking the can down the road. A request for 30 records is re­ceived. Rather than putting her best foot forward and making sure all the doc­umentation that the auditor requested is submitted, the practice administrator determines that the practice will just send in records and hope for the best, knowing that the practice can always appeal. While appealing denied claims is always an option, it is a costly one. Best practice is to review the request and carefully compile the documentation. When you send the documentation, include a cover letter that can provide further explanation and can help set the tone for the audit.

    Codequest 2018

    Strengthen your audit armor. Stay up to date with shifting regulations by attending Codequest 2018, a half-day event that will be tailored to the region where you practice.

    New for Codequest’s 2018 program. Audit-proof your documentation with payer-specific checklists for the top surgical procedures for each subspe­cialty. Learn about new CPT, HCPCS, and ICD-10 codes as well as new CCI edits. Get tips on coding for telemedi­cine, blepharoplasty, and much more.

    When is Codequest coming to your state? Codequest will have vis­ited 15 states by the end of April and several more by the end of the year. Here are the first 16 Codequests:

    • Columbia, S.C. (Friday, Jan. 12)
    • Nashville, Tenn. (Saturday, Jan. 13)
    • Southern California (Friday, Jan. 19)
    • Little Rock, Ark. (Thursday, Jan. 25)
    • Northern California (Friday, Jan. 26)
    • Lubbock, Texas (Friday, Feb. 2)
    • San Marcos, Texas (Saturday, Feb. 3)
    • Greensboro, N.C. (Saturday, Feb. 3)
    • Paul, Minn. (Saturday, Feb. 17)
    • Salt Lake City, Utah (Saturday, March 3)
    • Manhattan, N.Y. (Thursday, March 15)
    • Long Island, N.Y. (Friday, March 16)
    • Detroit, Mich. (Saturday, March 17)
    • Rochester, N.Y. (Thursday, March 22)
    • Albany, N.Y. (Friday, March 23)
    • Dallas, Texas (Saturday, March 24)

    For the full schedule, plus informa­tion on educational credits (including CME for physicians), visit