Category: News

Over the past few years, there has been an alarming increase in cyberattacks targeting the healthcare system that represents one of the most pressing challenges to come along in this industry in quite some time. Between the prominence of ransomware, malware and phishing attempts that can be used to compromise protected health information (PHI), to the value of this confidential information on the black market, it’s easy to see why even smaller providers are being impacted in such large numbers.

Even something as seemingly simple as losing a mobile device (or having one stolen) is no longer a “minor inconvenience”, if that device had access to a network filled with private health information of patients. At that point, that could be a backdoor onto the network and a potential source of a cyberattack – pointing to a situation that must be addressed at all costs.

Thankfully, creating a more secure environment and safeguarding patient information is less the result of any one major move and is more about a series of smaller ones. When taken together, they offer up the best chance at making sure all private information stays that way for as long as possible.

The Reasons Why Smaller Medical Providers are More at Risk

It is absolutely true that even the largest healthcare providers are prone to experiencing a cyberattack, the number one reason why smaller medical practices are actually more at risk comes down to a lack of resources.

A lot of smaller practices simply do not have the human resources necessary to create a secure environment. They lack an IT team or even an employee with the skills needed to monitor systems and close security vulnerabilities. Even if they do, they probably do not have access to the type of financial resources they would need to replace older, vulnerable equipment with newer, more secure alternatives.

Many smaller medical practices in particular suffer from a lack of cybersecurity awareness. You cannot expect your average healthcare employee to successfully defend against a phishing email if they don’t know what one looks like in the first place.

Safeguarding the Records: What You Need to Know

Thankfully, there are a few straightforward best practices that you can follow to help make sure your own environment and network are as protected as possible moving forward. These include things such as:

• Creating a cybersecurity policy that involves the use of encryption on all mobile devices in the event that they are lost or stolen. This way, even if the physical device itself should fall into the wrong hands, that person won’t be able to access any of the information contained on it – or use it as a backdoor opportunity to infiltrate your network.
• Always make sure that both your computers and the software you install on them are updated whenever possible. Oftentimes people do not realize that software and operating system updates do more than just tweak the user interface or add new features. They patch security vulnerabilities that could potentially be exploited by someone who knows what they are doing.
• Create different Wi-Fi networks for your staff and for patients. That way, even if the patient network is compromised due to the presence of insecure devices, you do not have to worry about that spilling onto your primary practice network.

Along the same lines, you will also want to make sure that all user passwords are changed on a regular basis and that strong passwords are already used. A password manager will be a key part of this by allowing employees to free up their brain power rather than forcing them to remember a long list of passwords. Most password managers will also automatically generate stronger, non-repetitive and unpredictable passwords as well.

It is also important to use multi-factor authentication whenever possible, which requires a password and an additional input before someone can gain access to an account. This can be a PIN from a phone, some form of fingerprint verification, facial recognition, or something else. Regardless, it is far more secure than just a password alone.

At the same time, always make sure that any vendor you use to store and process information (like your coding and billing company, for example) has safety measures put in place to protect that data. No matter what steps you take, if your vendor is not secure and compliant, you are not either.

The Importance of Staff Training

Finally, understand that investing in staff training is and will always be one of the keys to staying safe in the modern era. Never forget that most data breaches happen due to social engineering – meaning that people who lack cyberattack awareness training are being taken advantage of on a regular basis.
You should hold training sessions for your employees at least once a year with a particular focus on the types of behaviors that cause violations and breaches in the first place.

Symbion Coding: A HIPAA Trusted Partner

At Symbion Coding, we are a secure and HIPAA compliant coding and billing vendor. In addition to offering a true multi-layered approach to protection that keep your PHI safe and secure at all times, we also work directly with our partners to make sure that they feel safe throughout the entire process. We sign and abide by a business associate agreement whenever we engage with a new client, which helps make sure that we always act as a true partner to your practice in every sense of the term.

If you are looking for a coding and billing vendor that is HIPAA compliant with the knowledge and expertise in revenue cycle, please give us a call at (800) 672-8249 or visit us at www.symbioncoding.com today.

DOCUMENTATION TIPS

Medical record documentation of patient diagnoses that is clear, concise, and described to the highest level of specificity facilitates:

• Quality patient care with better outcomes
• Accurate diagnosis code assignment
• Appropriate and timely health care provider payment for service rendered

History versus active

• Please do not use “history” to describe a current or chronic condition that is still present
• If a condition is in remission, please describe the condition as in remission instead of using the word “history”

Consistency
Be watchful when using template that might introduce contradictory and/or conflicting information in the progress note. Many templates may default to “normal” value for review of systems (ROS) or in the physical exam which may conflict with information in the HPI or in the assessment. For example, a patient with severe major depression and PHQ-9 score of 23, but ROS states “patient denies depression” can be problematic to support the diagnosis for severe major depression.

Provide a clear picture of patient’s health status

Providers should document all conditions that impacted the patient’s care on the date of service. Also, all co-morbid conditions that currently exist should be documented and address in the plan. It is a good idea to include a specific treatment plan for each diagnosis such as status (stable, worsened, improved) medication changes, dietary recommendations, scheduling of diagnostic testing, etc.

By applying the above tips can help your practice achieve better outcomes for your patients and more accurate reimbursement for your value-risk contracts. At Symbion Coding, we believe in helping medical practices, MSO, ACO achieve accurate reimbursement. Please give us a call at (800) 672-8149 or we can meet in person at a place and time that is convenient for you.

ABOUT SYMBION CODING INC

Founded in 2015, Symbion Coding is a dynamic group of coding and HIM experts, working to create solutions to help medical practices, ACO and MSO achieve optimal risk score accuracy. We focus primarily on helping healthcare providers with value-risk contracts to achieve better financial results in today’s healthcare new payment models.

There are many benefits to working in the healthcare field. Not only do you get to ensure people in your community live their best and healthiest lives, but you get to be a support system during some of the most challenging times they will ever encounter.

However, that extra level of trust your patients put into your practice also comes with a large dose of liability. To help protect the business and your reputation, it is a good idea to have certain safeguards in place when it comes to billing. Here is what you need to know about having a medical coding compliance program.

Why Is It Important to Have a Coding Compliance Program?

There are numerous reasons why your medical practice should have this type of program in place.

For starters, there can easily be a high error rate in claims submitted by staff due to things like insufficient documentation, incorrect coding, and lack of medical necessity. This is just leaving money on the table for your practice due to errors that could easily be prevented.

In addition, the government is cracking down on issues related to fraud and abuse. In fact, many government agencies are taking certain steps to combat this problem. If you bill Medicare or Medicaid, this can mean a delay in payment or even losing the ability to submit claims. Examples include:

• Increased number of prepayment reviewed
• Increased post payment reviewed
• Overpayment recovery

Having a coding compliance program in place can help protect your income and keep issues like these from happening. In fact, it is a good idea for every medical practice and not just major healthcare providers like hospitals or surgical centers.

What Should Be Included in a Coding Compliance Program?

Now that you know you need a medical coding compliance program in your healthcare clinic, it is important to discuss what you need to include. This list certainly is not comprehensive, as only you and your administrators know what is most beneficial to your practice. However, it is a good rule of thumb to include all or most of the following in your plan.

Written Policy and Procedures

You need to have some form of written policies and procedures for your medical billing department. This guide should, at a minimum, include things like internal coding practices and minimum documentation requirements for progress notes.

Also consider plans for technological issues. If computer software is used for coding, there should be a section on what to do when a coding error is detected. For example, your medical billing software might have instances where an ICD-10 code does not match the service description. What should your staff do in this instance?

By keeping everyone on the same page, you can ensure that mistakes are caught immediately before bigger issues arise.

Education

One way to reduce and minimize coding errors is to have a written plan for employee education. The overall policy should include the type of education and/or certification expected for anyone in a coding position within your clinic or practice and these standards should be adhered to as close as possible.

There should also include a section that requires coders to complete continuing education units. And when you do host coding education in-service sessions, keep thorough records of all types of training (both internal and external) with notes on who was trained, what they were trained on, and the exact dates of the training.

Auditing to Monitor Results

Finally, your medical coding compliance program needs some form of auditing to monitor results. For example, you want to monitor coding accuracy by performing periodic audits of each coding employee’s work. You should also set an accuracy standard for the medical practice to ensure everyone is meeting that benchmark.
If this seems like it would be too tedious or your practice is small, you might consider hiring an external auditing company. These firms look at your files, let you know where there are errors, and provide you with written reports. Select a firm who can do a totally unbiased audit with no incentive to maximize reimbursement for errors caught.

Disciplinary Action

Now that you know that you need an audit component to your medical coding compliance program, it is also important to consider having a disciplinary action plan. Why? If you notice a coding employee is continually making errors or a bigger situation occurs, you need to know how you want to proceed and when it is time to make a staffing replacement.

Understand that human nature is to make small errors, but if the auditing program continually finds big issues, there needs to be a set action plan in place. Only you will know what works best for your clinic and staff, but examples include intervention, probationary periods, warnings, and even ultimately firing.

Likewise, you need to have a correctional action plan when employees make mistakes and need some form of disciplinary action. Decide how long coding staff should be held to whatever action you have decided on or how you will provide training to keep the issue from happening again.

Wrap Up: Why Your Healthcare Clinic Needs a Compliance Program

Medical coding compliance programs are important, but they are only as effective as your staff makes them. By putting everything into writing and following procedures exactly, you can help reduce errors, save money, and minimize the risk of payment delays or repayments from happening.

Coding errors are a significant problem in the healthcare industry. According to Healthcare Business & Technology, every year medical providers lose more than a billion dollars, and one of the primary factors is linked to billing errors due to incorrect coding. Coding errors have a severe impact on a healthcare facility’s bottom line and can have legal and financial consequences as well.

Impact of Coding Errors

Healthcare is a multi-trillion-dollar industry, yet each year healthcare providers struggle due to poor billing practices directly related to coding errors. Underpayment, overpayment, and legal exposure are common consequences associated with billing errors. Here are some ways incorrect billing can have an impact.

• Underpayment means the healthcare provider is one of those collectively losing about $125 billion per year per Healthcare Business & Technology.
• Overpayment can be considered a false claim and, if deemed to be the case and/or the coding errors are consistent, it can be deemed as fraud and treated as such.
• Healthcare providers who are wrongly paid for their services can face legal consequences under the False Claims Act.

To avoid these costly problems, it is important medical facilities and provider’s offices correctly enter the codes associated with a patient’s diagnosis and procedure. For this to happen, underlying causes must be identified. These can be linked to a number of things, such as the coder, provider documentation, computer systems, or even an institutional problem.

Coder Lacks Knowledge or Experience

If the person doing the coding does not have sufficient clinical knowledge of disease process, knowledge of coding convention, and application of coding guidelines and coding advice, this could potentially lead to errors in the billing process being made. Ineffective work habits, such as selecting ICD-10 from the index instead of the tabular list, is another root cause.

A healthcare provider can avoid many of these problems by hiring certified medical billing coders. This doesn’t necessarily solve all problems but will go a long way towards ensuring correct codes are entered since professionals should possess strong knowledge about the process and with experience, they should be able to identify any red flags made by other underlying causes associated with errors.

Provider’s Documentation Contains Problems

Providers often inadvertently contribute to medical billing errors. For instance, if they provide the coder with incomplete or conflicting documentation, this can result in the billing person entering the wrong codes into the system. Late documentation by the provider or non-specific documentation are also common contributors to wrongful billing. Upcoding is another problem. For instance, if the provider meets with the patient for a few minutes to do a med check, but bills for a full hour physical exam, this could potentially create a compliance risk for the medical practice. A competent biller can help avoid many of these problems associated with provider documentation because he or she will notice the documentation does not support the level of visit selected by the provider.

Computer Systems are Outdated

Technology has emerged to be a major disruptor in the healthcare industry. It is important for healthcare facilities and providers to ensure their software is up to date. If billing personnel are using older computer software not equipped to accommodate current coding requirements, this can results in problems. For instance, outdated codes in computer systems being used to generate bills will result in incorrect billing and code descriptions will not necessarily match the official code descriptions of ICD-10 codes, CPT, and HCPCS. Additionally, a faulty interface between clinical and billing systems may result in codes not correctly transferring from coding to billing.
Many healthcare providers and facilities turn to third-party billing vendors because of their expertise and the fact they use updated technology. Hospitals, doctors’ offices, and other medical facilities know they are covered from a technology standpoint and they do not have to absorb the cost of upgraded technology themselves.

Institutional Standards are Not Up to Par

Sometimes the root cause of billing errors is linked to institutional policies and practices. For example, if there is an absence of accountability processes, medical staff may be slacking in completing progress notes in a timely manner and providing accurate and complete documentation. Other issues may be a lack of coding quality or regular coding education and training for all staff. These can all lead to colossal billing mistakes.

According to the website Baby Boomers, 30% – 80% of medical bills contain errors. However, connecting with expert certified coders can significantly mitigate the problems associated with coding errors and reduce the number of returned claims or duplicate billing. They understand the fundamentals associated with medical coding and are up to date on the changes occurring in a consistently changing healthcare landscape. In short, they will be diligent and help ensure you are paid correctly, and organizations do not inadvertently break any healthcare laws, ultimately saving both time and money.

Providers who want to avoid coding errors should ensure an up-to-date system is used for billing, policies and procedures are in place for the medical and coding and billing staff, and provider education is offered on a regular basis.

Sources

https://www.ama-assn.org/practice-management/cpt/8-medical-coding-mistakes-could-cost-you
https://www.beckershospitalreview.com/finance/medical-billing-errors-growing-says-medical-billing-advocates-of-america.html
https://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Medicare-FFS-Compliance-Programs/Medical-Review
https://mticollege.edu/blog/healthcare/medical-billing-and-coding-professional/common-errors-in-medical-billing-and-coding-and-how-to-avoid-them/
https://www.cdc.gov/nchs/icd/icd10cm_pcs_background.htm
https://news.unchealthcare.org/icd10/icd10/content/what-is-icd-10
https://www.physicianspractice.com/view/five-common-coding-errors-medical-practices
https://www.healthitoutcomes.com/doc/the-impact-of-technology-on-medical-billing-and-coding-0001

Every year healthcare providers collectively lose approximately $125 billion due to poor billing practices (Healthcare Business &Technology). Problems associated with these losses include billing errors and a failure to stay up-to-date on the latest rules and regulations associated with medical billing.

To reduce these issues many doctors, hospitals, and other healthcare providers look to third-party partners for their medical billing needs to increase chances insurance companies will accept claims. Selecting a company to provide medical billing services is a decision not to take lightly. Healthcare providers should be prepared to understand several different aspects of third-party billing before partnering with a vendor.

Costs and fee structures

One of the primary factors healthcare providers should look at when selecting a medical billing vendor is cost because exploring billing options many find there is no one-size-fits-all solution. When making a decision, healthcare providers will want to factor in the number of claims they need to be processed, the size of their practice’s facility/office, and if their practice operates in different states. Questions to consider asking potential vendors include:

• Does the company charge set-up fees? If so, how much?
• What amount does the company charge for annual administrative fees?
• Is a flat fee, percentage of money collected, or an hourly fee the more feasible payment structure?

The last question is essential, it’s important to understand the difference.

Percentage of money collected can result in more claims being paid because these vendors tend to be more aggressive. In other words, if the practice doesn’t get paid, they don’t get paid. The drawback for small and medium-sized practices is they can lose a lot of their profits with this type of fee structure.

A flat fee structure means the medical billing company gets a set amount per claim (averaging $4-$6 per claim) which means they’ll be more inclined to pay attention to all claims, no matter how small (Medical Billing Services Review). However, denied claims aren’t always aggressively pursued since the vendor is paid either way.

Healthcare providers with small offices might find an hourly fee structure to be the best option. Essentially, the billing company gets paid for actual hours worked. This is similar to an in-house billing specialist, but without the salary and benefit responsibilities employers are obligated to pay.

What is included in billing services?

Service providers can offer accurate medical coding, filing claims, determining insurance eligibility, posting payments, following up on denied claims, following up with patients, and sound advice on better claim filing processes.

• Compile a detailed list of exactly what’s included (and not included) in the contract.
• Determine what gaps the practice needs to be filled, and what capabilities and resources the vendor can offer.
• Ask what type of transparency in the billing cycle the vendor offers.

Many healthcare providers immediately look to the bottom line when selecting a vendor. This is a critical mistake. Billing companies charging noticeably lower prices than their competitors likely won’t provide the same quality or level of services. This can lead to problematic issues down the road.

Education and certification of employees

Partnering with a medical billing vendor should alleviate the hardships associated with billing. However, for that to happen, it’s important to determine if the vendor’s employees are educated and certified to perform vital tasks.

• Most people who work in this field typically have completed a 2-year associate’s degree or a 1-year certification program.
• Certification is voluntary, but many vendors will seek out employees who have been certified as it only strengthens their services. The most common certifications to look for Certified Coding Assistant (CCA), Certified Professional Coder (CPC), and Certified Coding Specialist (CCS). The latter is for senior coding specialists).
• Several other specialized areas of medical billing are available for workers to become certified in.

Taking a look at education and certification often provide health providers with a sense of confidence when choosing a vendor. Ideally, healthcare providers are best-served by partnering with a company with expertise in their particular practice area of medical specialty.

Measures put in place to safeguard data

Data breaches are serious, especially in an industry such as healthcare, where there are legal and financial repercussions for any mishandling or mismanagement of data that puts patients at risk for identity or financial theft. It’s imperative for all healthcare service providers to be well-versed in HIPAA and safe practices when it comes to handling patient data. This includes partners who perform billing tasks.

• Look for a partner who is willing to share what software they employ and how it is run. For instance, is it a cloud-based system in one central place, or are there several decentralized pieces involved?
• What security measures are taken to protect sensitive data in storage or in transit?
• How are passwords stored?
• What is the process for destroying records no longer needed?

The best medical billing companies put a heavy emphasis on HIPAA-compliant billing processes.

Bottom line, when selecting a vendor, don’t focus solely on price. Instead, look at the whole package for what level of services are received for fees paid. A few extra dollars may be worth the fewer headaches associated with the complexities associated with medical billing and coding.