Lori Brocato
Lynne Byrd
Dawn Crump

At a Glance  

  • 2011 will bring a rise in audit threats facing healthcare organizations. Zone program integrity contractor audits, which can look back 10 years, are potentially most onerous.  
  • Providers should take a proactive approach that works in all audit situations.  
  • Implementing a clinical documentation improvement program and focusing on physician education are key to reducing revenue losses.  

Sorting through all the acronyms that represent the increasing number of government audit threats that lie ahead for providers-MICs and MACs, RACs and ZPICs, and more-could leave healthcare CFOs feeling as if they're spooning through a bowl of alphabet soup.

In addition to recovery audit contractor (RAC) requests empowered by the Centers for Medicare & Medicaid Services (CMS), healthcare facilities are being inundated with audits from the Medicare Administrative Contractor (MAC) program and Medicaid Integrity Program (MIP).

At the same time, audits resulting from the comprehensive error rule test, zone program integrity contractors (ZPICs), Medicare's Quality Improvement Organization(QIO) Program, and the U.S. Office of Inspector General (OIG) are gaining momentum.

Most important, audits now cross medical service lines and specialties. Auditors are comparing hospital claims with those from physician offices, durable medical equipment suppliers, and even outpatient physical therapy clinics. Today's auditors break down the silos of health care like never before-and are raising future audit risk for all.

Failure to prepare for this simmering bowlful of audits is no longer an option for healthcare executives and hospitals that expect to remain competitive and minimize financial risk.

Understanding the Alphabet Soup

As CFOs work to cut costs and preserve profit margins, they must also protect their organizations from further revenue erosion. Such erosion could stem from the alphabet soup of audit risks that providers will face.

Hospitals will incur additional costs as they respond to a growing number of records requests prompted by audits, purchase software to track audits across facilities, and even establish new departments to centralize their organizations' audit functions.

In the coming year, providers should brace themselves for a significant financial impact from three types of audits:

  • ZPICs
  • RAC medical necessity audits
  • MAC prepayment reviews


ZPICs combine the audit functions from the Program Safeguard Contractor and Medical Drug Integrity Contractor. Unlike the RACs, which focus primarily on Medicare Parts A and B, ZPICs also will include Medicare Parts C and D, as well as claims from home health, skilled nursing, and durable medical equipment suppliers. In essence, ZPICs create a complete profile of the claim history regardless of where the care occurred.



This database of information will be mined for improper claims to identify problem areas and uncover fraud across providers. Aligned with MACs, the ZPICs will become Medicare's investigative arm. Information gathered will be sent to the appropriate MAC to pursue the overpayment. Worse, if ZPICs see a continued pattern of overpayment or blatant issues, they will refer findings to the OIG and potentially the U.S. Department of Justice.

If a sustained pattern is established by the ZPIC, statistical sampling techniques will "project" the level of overpayments over time. RACs are allowed to look back three years, while ZPICs can look back as far as 10 years. Discovery of a continuous pattern of overpayment can lead to civil or criminal action, with fines, penalties, and sanctions that go well beyond recouping revenue.

At this point, ZPICs are still in their infancy and are not yet flexing their strength. The early focus seems to be on physicians, durable medical equipment supplies, and physical therapy billing. So far, ZPICs are conducting onsite reviews and have not been requesting a large volume of records.

RAC Medical Necessity Audits

RAC medical necessity auditors will present another significant risk to provider organizations, and they will demand a high volume of records, with the result that the impact of their reviews on staffing and human resources will be enormous: CMS predicts that RAC medical necessity auditors will request more than 1 million records in 2011.

The same types of issues that RACs reviewed throughout 2010 are now open to auditing for medical necessity. CMS even suggests that medical necessity issues could eventually trump coding issues as the leading cause of denials. Broad DRGs, such as MS-DRG 237 (major cardiovascular procedures or thoracic aneurism repair not otherwise specified), will be targeted. In Region B alone, the total average dollar amount for claims reviewed for this particular MS-DRG is $25,000. If coding isn't specific, the RAC will almost certainly review the case for medical necessity. Conversely, if a very specific code or MS-DRG is assigned, the documentation must be clearly defined to support the service.

Outpatient surgical procedures performed on an inpatient basis, particularly if the patient was admitted following outpatient surgery, also will be reviewed for medical necessity. Significant physician documentation must be in place to warrant such inpatient procedures, or payment will be rescinded.

Although RACs can review the same case for multiple issues, such as DRG validation and medical necessity, they cannot technically deny payment twice.

MAC Prepayment Reviews

Falling quickly on the heels of RAC medical necessity reviews, MACs funded by the Affordable Care Act are now conducting prepayment reviews.

In effect, CMS is moving the audit process to the front end of the revenue cycle. MACs deny reimbursement up front versus taking revenue retrospectively. Their actions will have a dramatic impact on cash flow and receivables.

MACs are singularly focused on reviewing Medicare-enrolled providers where auditors suspect services are not being billed properly. Target areas will include services where the organization has seen high levels of denials in the past. For some organizations, these may also be the most commonly billed procedures.

With prepayment reviews, providers will be notified via a comment code in the common working file and a request for additional documentation. These are typically two different items and have different reasons behind them. All activity takes place up front, before the claim is paid. Some MACs may post requests only online, so the common working file should be monitored regularly for claim status.

It is not yet known whether providers will be audited by two government entities for the same case. Legally, this type of activity is not allowed, so providers should be on the lookout for it. By tracking claims denied through the MAC alongside those requested by the RAC, organizations can reduce their risk of duplicate denials.

Audit Analytics and Intelligence: A Proactive Approach

To be successful with ZPICs, RAC medical necessity audits, and MAC prepayment reviews, providers must track and learn from audit activity. Receiving requests from different types of auditors and then being able to track activity via a centralized system helps organizations identify comparable trends and mitigate future audit risk. Certainly, the need for audit analytics and audit intelligence is heating up.

All of these "other" audits need to be on the executive radar screen as a concern and a financial risk. The good news is that work done on past audits can be used to mitigate future audit risk. Lessons learned through RAC audits can be quickly applied to reduce risk in other areas. Just as in health, prevention is preferred to treatment.

A proactive approach that is useful in all audit situations is recommended. It may cost more up front in technology and human resources, but it pays off many times over in the long haul.

One successful tool in the audit battle is the audit management dashboard. This snapshot of views should provide overview capability along with drill-down options. Audit intelligence keeps everyone on the same page and lets CFOs know where they stand on potential financial risk.

Lori Brocato is product manager, RAC and revenue cycle, HealthPort, Alpharetta, Ga., and a member of HFMA's Georgia Chapter (lori.brocato@healthport.com).

Lynne Byrd, BSMT (ASCP), is vice president, revenue management, Archbold Medical Center, Thomasville, Ga., and a member of HFMA's Georgia Chapter (lpbyrd@archbold.org).

Dawn Crump, MHR, SSBB, is network director of compliance, SSM Health Care, St. Louis, Mo., and a member of HFMA's Greater St. Louis Chapter (dawn_crump@ssmhc.com).


Sidebar 1

Centralized Audit Management at SSM Health Care  

SSM Health Care St. Louis, serving the St. Louis area, comprises seven hospitals (six acute care facilities and one pediatric facility). As it manages requests from RAC, QIO, and DRG auditing entities, the organization has centralized all audit activity. In 2009, SSM Health Care implemented a single audit management system. Software enables the organization to track data and support audit management across all seven hospitals.

Audit requests are received at a central location and entered into the system. Release of information teams at individual sites can pull and prepare records and handle presubmission reviews. SSM Health Care's health information management department views and approves records for accuracy before they are sent to the auditor. A centralized audit response team monitors timelines, tracks responses, and analyzes trends.

Information from the system is shared with physician advisers to aid in clinical documentation improvement, specifically for medical necessity. This centralized approach also results in better communication among team members, particularly during the appeal process.


Sidebar 2

Audit Analytics at Archbold Medical Center  

Archbold Medical Center in Thomasville, Ga., encompasses four hospitals and three nursing homes with about 600 beds, 2,500 employees, and a medical staff of more than 200 specialists. In preparation for the rising volume of audits, the organization implemented an audit analytics tool to identify cases that fit the criteria defined as potential RAC risk.

The audit dashboard monitors how RAC-related claims are assigned, reviewed, and released to the RAC. All audit results are recorded and available for tracking, analysis, and reporting:

  • A "dollars at risk" report shows all of the pending cases and the potential dollar amount in jeopardy.
  • A "dollars resolved" report shows all closed cases and the amounts that were lost, saved, successfully defended, and/or recovered.
  • A performance report shows the track record for each of the given appeal levels. In addition, information can be viewed by case status-in process, pending, closed-as well as by hospital location.
  • A "response time reminder" report and ROI request summary alert users to potentially missed due dates.

Looking ahead, the Archbold dashboard will provide comparative benchmarking of audit results against other providers.


Sidebar 3

Documentation Requests as a Teaching Tool at Archbold Medical Center  

At Archbold Medical Center in Thomasville, Ga., additional documentation requests from MACs are being used as a teaching tool with physicians. The goal is to have physicians document everything needed to meet audit requirements. To support these efforts, the organization is evaluating the use of clinical documentation specialists to perform concurrent documentation reviews.

Publication Date: Wednesday, June 01, 2011

Login Required

If you are an existing member, please log in below. Username and password are required.



Forgot User Name?
Forgot Password?

If you are not an HFMA member and would like to access portions of our content for 30 days, please fill out the following.

First Name:

Last Name:


   Become an HFMA member instead