There’s a great meme that goes around during tax season:
Medical chart audits are not quite the same as taxes, but both can inspire fear in the hearts of those involved because of the confusion surrounding them.
While medical chart audits are more straightforward than filing your taxes, the volume of requests (often in the thousands) as well as confusion around what’s being asked and pressure to meet strict deadlines can quickly make this an overwhelming exercise. And because we like to keep things nice and confusing in healthcare, there are many different types of medical record audits and most of them don’t come directly from the actual auditor but rather through a third party.
This blog will explore the different types of audits (spoiler: sometimes a chart audit is not actually an audit at all) and their potential impact on your organization. We’ll also share some key considerations for ensuring you stay compliant while responding to audit and chart review requests.
Medical chart audits 101
Let’s start with the basics – the different types of audits. In general, you can group audits into two main categories.
The first category is government audits; these are the traditional types of medical record audits that tend to cause the most anxiety. In terms of volume, they usually involve either a single patient or a handful of patients but the deadlines for providing this medical record documentation are very strict. These audits can have a direct financial impact to your organization, as the auditors or payers have the right to recoup fees specifically for the claims they are investigating.
Here are the main types of government audits:
|Name||Who They Are||Who They Represent||Details|
|RAC audit||Recovery Audit Contractors (RAC)||Centers for Medicare and Medicaid Services (CMS)||RAC is a third-party contractor for the government who collects data and reports back to the government with findings.|
|MAC||Medicare Administrative Contractors (MAC)||Centers for Medicare and Medicaid Services (CMS)||MAC is a private healthcare insurer that processes Medicare Part A and Part B medical claims or Durable Medical Equipment (DME) claims for Medicare Fee-For-Service (FFS) beneficiaries|
The second category is more of a chart review or risk assessment vs. an actual audit, even though these are often called audits too. In this case, the ask is generally for a bulk list of patient records, anywhere from hundreds to thousands, and the goal is to measure a healthcare provider on outcome-based criteria and adjust reimbursement rates based on the results.
Here are some common types of chart reviews and risk assessments:
|Name||Who They Are||Who They Represent||Details|
|HEDIS||The Healthcare Effectiveness Data and Information Set (HEDIS) is a set of performance measures from CMS designed to measure care quality||Centers for Medicare and Medicaid Services (CMS)||HEDIS is related to the nation’s biggest payer – Medicare. These are different from the audits above in that the focus is on understanding outcomes for patients with chronic conditions like diabetes or cancer or understanding how many patients are adhering to preventive care measures like mammograms or colonoscopies; the result is a HEDIS score which can be used to dictate what Medicare will pay you in the future.|
|Medicare Advantage Risk Adjustment Data Validation (RADV)||Centers for Medicare and Medicaid Services (CMS)||CMS contracts with private companies called Medicare Advantage organizations to offer health plans to Medicare beneficiaries||The goal of a risk adjustment is to ensure that accurate payments and appropriate reimbursements are made to Medicare Advantage Organizations based on the health status and demographic characteristics of their enrolled beneficiaries.|
But there’s an easy out for audits! Or is there…
Now that we’ve got that straight, let’s talk about what the actual audit or chart review involves. In the simplest form, it’s pulling patient charts. But when you layer in all the requirements – dates of service, what data to include, etc. – and consider that these are often coming to you in the thousands, this can escalate very quickly.
Most auditors will offer to come in and perform the chart audit for you. Sounds great, right? But here’s why that is not always the best idea: quality control. When an auditor is conducting the audit for you, there’s no quality control process to catch any misfiles or to ensure that only the requested data is being shared (no more, and no less). There is a liability risk if the wrong information is shared as part of the audit, and the liability falls on you, the covered entity, NOT the auditor.
It’s important to note here that auditors are only entitled to the information that they are paying the claims on. This may sound straightforward, but it can be difficult to determine in certain situations, so it is important to conduct your due diligence up front to prevent unauthorized disclosures. Another important nuance is that audits and chart reviews are tied to patients who use insurance, which means that self-pay patients have a right to be excluded. This is important because an unauthorized disclosure here could potentially impact a patient’s future coverage; for example, if a patient self-pays for genetic testing that could result in future denials.
This is why a rigorous quality control process is so important when responding to audits and chart reviews. At the end of the day, your organization is the one accountable for the information that’s being provided in response to the audit. And without a strict quality control process, you’re at risk.
Chart audits summary
There are three things certain in life: death, taxes and medical record audits. But audits shouldn’t scare you, as long as you have a plan. If you don’t have a plan and a clearly-defined quality control process, now is the time to start mapping that out. Audits and chart reviews can come at any time, but the spring is usually the busiest season. Start your planning now, and you’ll be sleeping like a baby during audit season!