Every payer conducts audits. Given the number of types of audits, the diverse areas they target, and their randomness, the sad reality is that it would be rare for a physician to avoid being audited at least once during his or her career. The time is now to protect your revenue by establishing protocols to ensure that your documentation is sufficient to prevent payers from recouping your funds. This article examines the most frequent audit types, what they are meant to achieve, and how you can best prepare for them.


Detailed information on each audit type is available on your specific Medicare Administrative Contractor (MAC) website.1 Look under each type, see if it applies to your practice, make sure your documentation meets the criteria as soon as possible, and inform everyone in the office who needs to know. If you participate in the free MAC listserv, audit information updates are shared each week.


What is CERT?

The CERT program was established by the Centers for Medicare and Medicaid Services (CMS) to monitor the accuracy of claim payment in the Medicare fee-for-service program. In other words, CERT is Medicare auditing itself by auditing you. For example, if you submit CPT code 99213 Office or Other Outpatient Visit, and the auditor agrees that the documentation supports that level of service, then it is a win for Medicare. It demonstrates that your MAC has taught you well through its educational services.

If documentation is requested, it must be submitted within 45 days. Should you need an extension, request one immediately. Failure to submit will result in an automatic recoupment from future claim payments to you or other practitioners in your group practice.

What Are the Targeted Areas?

They vary by MAC. Noridian, the MAC for California, Hawaii, Nevada, American Samoa, Guam, and the Northern Mariana Islands (JE), as well as Alaska, Arizona, Idaho, Montana, North Dakota, Oregon, South Dakota, Utah, Washington, and Wyoming (JF), has been reviewing documentation between ordering and referring physicians to ensure the following:

“The patient’s medical record must contain sufficient documentation to support the need. This should include the patient’s diagnosis and other pertinent information, such as duration of the patient’s condition, clinical course (worsening or improvement), prognosis, nature and extent of functional limitation, other therapeutic interventions and results, past experience with related items, and any other information which establishes the need for the requested service. For selected claims, the Part A/B MAC may request that the billing provider, including offices providing lab, radiology or referred services, obtain this information from you so that the A/B MAC can verify that Medicare coverage criteria have been met.”


What Is an RA?

RA contractors have been around for some time, but RAs have been revamped in recent years, with new rules administered by new companies. RA firms are still bounty hunters, in that they are paid based on what they collect, but they are not paid until the appeals process has been completed. RAs can recoup going back 3 years.

What Are the Targeted Areas?

These too vary by contractor. The March installment of Coding Advisor provided examples of automated and complex review audits.2 Palmetto GBA, the MAC for North Carolina, South Carolina, Virginia, and West Virginia, as well as Alabama, Georgia and Tennessee as of February, recently updated its policy on optical coherence tomography (OCT)—or, in the language of CMS, its scanning computerized ophthalmic diagnostic imaging (SCODI) policy. Local coverage determination (LCD) L34431, which became effective on January 29, states:

“SCODI should only be performed at clinically reasonable intervals (ie, consistent with a noted change in clinical status or after sufficient time has elapsed to assess for progression or response to treatment). It is generally expected that conditions requiring more aggressive treatment and monitoring due to changing clinical status or treatment interventions will generally not require SCODI testing more than one (1) per month.”

Is it always a month between OCTs? If the MAC doesn’t implement denials for OCTs performed more frequently than monthly, the result could be a data-driven recoupment for 3 years past that effective date.



What Is SMRC?

CMS has contracted with an independent firm to conduct nationwide medical reviews. The aim of this SMRC is to lower improper payment rates and increase the efficiency of medical reviews. Previously, CMS medical reviews targeted outliers in examinations, tests, surgical procedures, and modifier use; now this function is fulfilled by the SMRC.

When the Office of Inspector General reported that Medicare paid $22 million for potentially inappropriate ophthalmology claims in 2012,3 the SMRC was tasked with assuring compliance. The real reason the claims were paid inappropriately was because MACs did not follow their own LCDs, which required them to set up edits to prevent these payments. They now do so.

SMRC requests can range from 1 to 50 records. Some are prepayment; some are postpayment. Some have a common denominator, such as the level of examination or a particular modifier or test, and some are an assortment of these.

What Are the Targeted Areas?

Primarily, SMRC audits target anything for which there is an LCD established by your MAC.4 For example, as of January 29, First Coast, the MAC for Florida, Puerto Rico, and the Virgin Islands, updated LCD L33670, Fundus photography. It now states, “Fundus photos may be of value in the documentation of rapidly evolving diabetic retinopathy. In the absence of prior treatment, studies would not generally be performed for this indication more frequently than every 6 months.”

As of October 1, the LCD also provided great news regarding the conditions under which fundus photography and OCT can be unbundled:

“Performing Fundus Photography and SCODI on the Same Day on the Same Eye Fundus photography (CPT code 92250) and scanning ophthalmic computerized diagnostic imaging (CPT code 92133 or 92134) are generally mutually exclusive of one another in that a provider would use one technique or the other to evaluate fundal disease. However, there are a limited number of clinical conditions where both techniques are medically reasonable and necessary on the ipsilateral eye. In these situations, both CPT codes may be reported appending modifier 59-distinct procedural service or [the Healthcare Common Procedure Coding System] modifier XU-unusual, non-overlapping service to CPT code 92250. … The physician is not precluded from performing fundus photography and posterior segment SCODI on the same eye on the same day under appropriate circumstances (ie, when each service is necessary to evaluate and treat the patient).”

Another example became effective on January 29. Palmetto GBA LCD L33467 states that CPT code 92250 Fundus photography is covered for:

• Monitoring potential progression of a disease process;
• Guidance in evaluating the need for or response to a specific treatment or intervention;
• Progression of diabetic retinopathy;
• Advanced dry age-related macular degeneration with suspicious areas;
• Nevus or other tumor.

Fundus photography should be ordered only by the treating physician. Baseline photos are not covered. For telemedicine when there is known pathology, the ophthalmologist would submit CPT code 92228 -26, not 92250 -26, when providing the interpretation.


What Is TPE?

TPE is the latest type of audit in Medicare’s arsenal. It provides three rounds of education sessions. Problems that fail to improve after these three rounds are referred to CMS for next steps, which may include 100% prepay review, extrapolation, referral to an RA contractor, or another action.

What Are the Targeted Areas?

Some examples that have recently incurred TPE audits include a missing or unidentifiable physician signature in a paper chart and an unsecure physician’s signature (someone else from the practice logging in as the physician) in an electronic health record. Practices have also reported receiving record requests for Established Patient Eye Visit code 92014.

Most recently, TPE audits have focused on emergency department CPT codes 99283, 92284, and 99285. The timing is right for practices to review the documentation requirements for these codes.

When you examine patients in the emergency department, be sure to assign the correct family of codes, with Place of Service 23. These codes are not based on whether the patient is new or established to you, but rather on the location of the patient during the examination. The examination code family for emergency department visits is outlined in Table 1.


What Is a ZPIC?

ZPICs are the most serious of audit types, as their findings are referred to the Office of Inspector General and the Federal Bureau of Investigation. Their objective is to investigate instances of suspected fraud, waste, and abuse. They do this through requests for medical records and documentation and by conducting interviews and/or onsite visits.

What Are the Targeted Areas?

High volume of bilateral intravitreal injections is the No. 1 reported ZPIC request for records. Bottom line: ZPIC reviewers want to make sure that, when you bill for two vials of a drug, you are injecting both vials and not sharing one vial between the patient’s two eyes. The ZPIC auditors request 23 items of documentation for each patient. These are listed in Table 2.

1. Coding Updates and Resources. American Academy of Ophthalmology. AAO.org. www.aao.org/practice-management/coding/updates-resources. Accessed March 16, 2018.

2. Vicchrilli S. Coding Advisor: How to Trigger Your Own Audit. Retina Today. 2018;13(2) (suppl):7-8.

3. Report (OEI-04-12-00281). Office of Inspector General. https://oig.hhs.gov/oei/reports/oei-04-12-00281.asp. Published December 12, 2014. Accessed March 16, 2018.

4. Medicare Administrative Contractors. American Academy of Ophthalmology. AAO.org. www.aao.org/lcds. Accessed March 16, 2018.

• Director, Coding and Reimbursement, American Academy of Ophthalmology
• Financial disclosure: None