How to Address Medicare Meaningful Use
Audits Effectively
Medical billing for EHR incentive payments must be done accurately to receive the due reimbursement from CMS. The Office of Inspector General (OIG) is planning to conduct a review of EHR adoption and Meaningful Use in order to ensure that these payments are being disbursed correctly to eligible providers as per their work plan for fiscal year 2015. Here are some steps that will help ensure a smooth audit and protect your practice.
Conduct a Pre-Audit within Your Practice
The best thing to address an audit is to remain prepared as early as possible before the audit. Ask eligible professionals to perform a pre-audit within your practice and retain the documents the auditors will ask for. By verifying that the physicians meet the specific requirements for Meaningful Use
participation
program
and
retaining
the
records
of
registration/attestation processes and documentation will provide a solid foundation to respond effectively to the audit process.
www.outsourcestrategies.com
Respond to Audits Promptly Once you receive an audit letter, it is important to respond right way with the necessary documents even though getting those documents in order can be time-consuming. Typically, auditors allow 14 days to respond to an audit. Physicians are advised not to engage the auditors on their own, outside of the document exchange. This is because physicians sometimes are mistaken in thinking that the information provided during an offline exchange is sufficient with regard to a particular request and may end up getting penalized for failing to send the required documentation. Responding to certain document requests with a simple statement is not adequate. Auditors like screenshots more. Dispel Any Kind of Discrepancies The auditors actually check for discrepancies between what was already submitted during the attestation process and what was actually done. Whether it is a prepayment audit or post-payment audit, providers will receive an e-mailed letter alerting them to the audit along with a document request list. Every physician who is audited must produce the same documents in the following three categories to avoid discrepancies.  Proof that clarifies the EHR system used to meet meaningful use requirements is certified  Documentation that explains quality measures, core and menu objective data were accurate  Proof that a security risk assessment was performed and a corrective action plan has been drafted accordingly
www.outsourcestrategies.com
Be Sure about EHR Certification In order to meet the EHR certification requirements, physicians will require documentation from their vendors confirming the version of the electronic record system they are using. Some vendors may have older versions of EHRs that are not certified. You can find a list of certified EHR products on the Office of the National Coordinator’s website, with which you can confirm whether your system is certified. In addition to that, you should monitor any upgrades to your systems to make sure that the changes don’t affect the certification status. Ensure Adequate Documentation It is critical for providers to have an auditable source for all data that is used for registering and attesting to Meaningful Use. This not only includes the data on the Meaningful Use reports produced by the EHR, but also the proof for all ‘yes/no’ objectives. The objectives that need the generation of reports involving
numerators
and
denominators
must
include
supporting
documentation that shows the denominator is accurate and a report that shows the numerator met the required threshold. It may be necessary to cross reference with the practice management system patient population data to show the denominator is accurate. The ‘yes/no’ objectives actually relate to the functionality which is turned on during the duration of the reporting period. Physicians can print dated screenshots from their EHR system to show the function was turned on during the reporting period. Since eligible professionals are only required to show certain functions were turned on, not actually used, it is crucial to check multiple times throughout the reporting period that those functions are really turned on. www.outsourcestrategies.com
Security Risk Assessment Though risk analysis has been in place since the implementation of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule in 2005, many practices are not familiar with it. Security risk assessment is one of the critical requirements for a successful and stable practice. Avoiding risk assessment can not only place physicians at the risk of paying back the incentive money, but also face a penalty from the U.S. Department of Health and Human Service’s Office for Civil Rights for not meeting the requirements of HIPAA compliance. Since risk assessment is an everevolving document, physicians find it difficult to understand and comply with. Every time a change is made in the practice or a new technology is adopted, make sure that the risk assessment specifically addresses it. A risk assessment typically involves the following elements. The scope of the assessment that includes the potential risks and vulnerabilities to the confidentiality, availability and integrity of all protected electronic data created, received, maintained or transmitted. Ensuring the security of data collected by identifying where the protected data is stored, received, maintained or transmitted. Identifying and documenting the potential threats and vulnerabilities. Assessing the current security measures your practice uses to safeguard the protected electronic healthcare data. Assessing the potential impact of threat occurrence and performing relevant documentation Determining the level of risk Finalizing the documentation Periodic review and updates
www.outsourcestrategies.com
Each of these steps should be accomplished with great attention so that you can give the right explanation to the audit letter at the right time and avoid paying back the incentives. Most of the physician practices are running out of time to provide quality care to the increasing number of patients after the implementation of the Affordable Care Act (ACA). With the support of a reliable physician billing company, it is easy for providers to follow up with the EHR incentive payments. Trained staffs in the company will conduct pre-audit risk assessment and reply to the audit letter with the relevant documentation on your behalf so that you can concentrate on your core tasks.
Contact Us 8596 E. 101st Street, Suite H Tulsa, OK 74133 Main: (800) 670 2809 Fax: (877) 835-5442 E-mail: info@managedoutsource.com URL: www.outsourcestrategies.com
www.outsourcestrategies.com