Responding to Record Requests Update – Mike Miscoe

lick here to download the transcript.

Disclaimer: The following is an actual transcript. We do our best to make sure the transcript is as accurate as possible, however, it may contain spelling or grammatical errors.  We suggest you watch the video while reading the transcript.

Hello everyone. This is Michael Miscoe with Miscoe Health Law for this week’s installment of the ChiroSecure Growth Without Risk Presentation. And today we’re gonna trot out an old topic. I’ve done this before. I do it every other year, and it has to do with recording or I’m sorry, responding to record requests now.

This is a somewhat of a timeless topic because as long as you’re billing third party insurance companies, there are going to be record requests and we’re gonna talk about the types of record requests, which ones you absolutely need to pay attention to and which ones you may need to respond to but are not problematic from the standpoint of your normal post-payment audit.

Now, before we start into. The analysis or this pertains to analysis, but before we start into the issue of responding, the first thing you always have to consider when dealing with a record request unless it’s from a court or Medicare, is HIPAA and the Health Insurance Portability and Accountability Act does place restrictions on records that you can send to a health plan such as a commercial insurance payer like the Blues, Cigna, Aetna, UnitedHealthcare, and so forth.

Now, they believe because they have authorization from the patients to obtain their records the patients give that authorization as part of their contracts. That does not create a duty. For you to send them, that duty has to arise under a contract with the insurance company. So first and foremost, if you’re a non-par provider with an insurance company and they’re deciding that they want to do a post-payment analysis of your records and billing, Understand that you have no legal duty to send those records.

And there are some legal defenses that operate as complete defenses to any overpayment demand. So if you’re in a situation where you’ve been billing a third party insurance payer on behalf of your patients, but you’re non participating, you probably want to get counsel involved right away so that they can advise you as to.

Whether it makes any sense to voluntarily participate in that process. Because usually when payers do this, it’s because they’re looking for money. So sometimes it’s more efficient to get it shut down before the records ever go out. There are some blow back issues, when You’re non-par with a payer and you put them on notice that, look, you paid it, it’s done.

There’s what’s called the voluntary payment doctrine that operates in each of the 50 states, albeit a little bit different in each state, but usually what that proposition stands for, if you build accurately for services that you accurately performed, so you used the right C p T codes, you actually did the services, and you submitted them to the payer for coverage analysis and they paid.

With at least constructive knowledge of all the facts. If it turns out later that they made an error as to their coverage obligation either factual or legal, depending on the state. The law operates under principles of equity to preclude repayment. So with that in mind you can resist those type of record requests because one, HIPAA doesn’t require you to send the records.

And two, you have no legal duty to send the records. And three even if you did send the records The voluntary payment doctrine may be statutes of limitation or other provisions in a particular state law would operate as a complete defense to any recovery. Now you have to understand insurance companies don’t believe that and even though they’re not legally entitled to, sometimes I’ve seen payers just recoup money out of future claims.

Which creates a problem, and there’s ways to get around that. But it starts a process when you send the records that is very difficult to get stopped. Sometimes it’s more efficient to stop it in the beginning. However, sometimes payers come back over the top, put you in prepayment review, which is what they should do for non-par providers so that in fact they’re making informed payment decisions.

But and that may influence whether you elect. To bill on behalf of those patients anymore convert to non-covered services for cash for those payers. But that’s something that you should reason through before your staff just willy-nilly sends a bunch of records to the payer and then all of a sudden they’re coming back with a big refund demand that we have to deal with.

Some other issues to consider is that HIPAA also limits the amount of data that you’re permitted to send to a health plan. Meaning that you, they have to provide the purpose of their audit and then understanding their purpose. You have to determine what constitutes the minimum data set so that while they may compress or request complete charts, That doesn’t mean that you have to or can send the patient’s complete chart, especially where it can, it includes information about services that weren’t billed to that payer, like maybe auto or work comp records.

Now, there are justifiable reasons why they may need those, or an autopay may want commercial payer records, for purposes of causation analysis, preexisting conditions, and that such but. The point of the the minimum necessary disclosure rule is that you’re only disclosing information that’s necessary for the purpose of their audit.

So when you evaluate the record request for a participating payer you have to determine. Are they giving me enough information about what they’re looking for? Are they only evaluating coding? Are they only looking at time-based codes? Are they looking at medical necessity? All of those things will influence how much information you need to disclose and sometimes.

Especially with respect to medical necessity if they identify a particular service, you may need to disclose records about prior dates of service to put that date in context where medical necessity is the issue. If they’re only looking at coding, however, maybe you only. Provide the treatment order and your treatment note for that day.

Evaluating the request to determine if it provides sufficient information for you to meet your obligations under the minimum necessary. Disclosure rule is critical. In many cases, the request does not do that. And Clarification is necessary. And that clarification also provides you, some additional time to get your records together, determine if you need to do addendums and that can all be done with assistance if you’re not clear as to what your, whether your records are gonna meet the grade or not.

There’s another kind of request that I get a lot of calls on that turns out to be not problematic. Doctors are standing on the ledge ready to jump, and it’s whoa. Come back inside. This isn’t about you. And these are what are called risk adjustment audits. Now, these record requests will usually come from a third party, like a xox or somebody like that is working on behalf of a blues payer or some other Medicare advantage insurer.

And if you look at the patients, I guarantee you they will all be Medicare Advantage patients that you’re billing through the blues. So you don’t notice that they’re Medicare Advantage patients. But the language of the request will always have something in it, like risk validation or risk adjustment.

And if you read carefully, what they’re looking for the records for is to validate the risk adjustment score that carrier submits to Medicare. Because for Medicare Advantage, part of the payer’s compensation from Medicare is based upon how sick the patient is, in which case the carrier collects. And data mines.

Diagnosis ICD 10 data from all the claims that it receives, and it builds what’s called a risk adjustment score from that data. And when they’re trying to validate that risk adjustment score is justified, they will request records from the provider. To substantiate that the diagnosis codes that the payer is using are justified and therefore the risk adjustment score is justified.

This is usually an audit that a Medicare Advantage payer does on itself through a third party. And it has nothing to do with you or your services, and there’s no refund demand coming on the backside of one. So if you get a risk adjustment or risk validation, Audit record request, you can go ahead and send those records.

And in fact, you’re required to send those records. And the you don’t have to worry about those cuz that audit is not about you. Now, We talked a little bit about participating, non participating, but as a fundamental rule, when you participate, you have agreed to, usually you’ll find these provisions in your contractual agreement or your participating provider agreement whatever it’s called with the payer, that you agree to provide These records usually provide them without cost.

Sometimes it’s buried within the context of a utilization review. Provision of the contract, but that is what creates your legal duty to supply those records. Now, if you weren’t to not supply the records a couple things have happened. One, they would probably deem all of the services to be undocumented and therefore overpayments and demand all the money back or two that would terminate your contract with the network with that particular plan.

Now If you are participating and you get a record request, you need to make sure that your staff knows to alert you. So when you see a record request for services or about services that you’ve already been paid for, that is a whole different thing than getting a record request for services that you’ve submitted for payment, and the payer has questions.

In either case, I think you should train your staff to alert you because both are potentially significant. A pre-payment review might cause a post-payment audit because when they see issues in the records that they think might occur on a more broad scale basis, maybe that information gets referred over to the contractors or the payers S I U unit.

And they elect to open a case. Usually s i u cases only get opened based upon data analysis, but I have seen them get opened because the folks that evaluate records in the prepayment review department see a problem and then they refer it over. So before you send records either prepayment.

Analysis and most certainly post-payment analysis. You need to get somebody who’s familiar with post-payment records review to evaluate your records and see if there’s anything that they believe is missing. And some of the more common things are, complete descriptions of the therapy services that you’re providing.

Some payers even require with respect to modalities, identification of the equipment. So you need to take a look at. The express documentation policies of the payer, make sure you’re absolutely in conformance with them and to the extent that you’re not, and you need to provide additional detail, get assistance with the construction of addenda or addendums to your record that they’re properly attested and then submitted.

With your records. Now, you can’t create addendums to identify specific exam findings on a specific day, but if in fact, you do therapeutic exercises, for example, and you have standardized protocols, you can prepare documents with those standardized protocols and then write an addendum in each record to identify which protocol you used on that patient.

If you only have one, it becomes very simple. If you have many then it becomes a little bit more complex. But in any event, if you don’t know how to do that, and most docs don’t, get assistance because you do not want to alter your records, because alteration of records is a federal crime, and I have seen more than one case go from a simple overpayment case to a criminal situation where the government was prepared to indict the provider for false statements related to a healthcare matter which is a Title 18 crime.

And It changes the dynamic of the defense substantially. It also changes the cost and it changes the risk of a very ugly outcome. And I remember in one case what happened was is the provider got a record request from his local Blue Cross payer. I believe it was Anthem. And gave the records and all the bills to an associate and said, make sure these records substantiate all the procedures we bill for.

So rather than evaluate the records for what was in them, the associate decided to take a shortcut. And this was back in the paper days before EMR and actually wrote in all the procedures in the remarks column. The remarks section of the notation at the bottom. It didn’t take a rocket scientist on the payer side to figure out that handwriting was different than the handwriting on the form.

The ink was different. Everything was different, and the more horrifying thing was, is that it didn’t matter. because the services were already documented, but because they altered the record, they referred it to the Department of Justice, it took three years to get it shut down. And this doc is Mike, you don’t understand.

I can’t go to jail. I got a new baby. And I was like, doc, you don’t understand. They don’t care. A crime’s a crime to them and we need to convince them that this was an innocent. Just Miscoemmunication between you and your associate. His associate wasn’t helping. His associate rolled over for the government big time cuz he was scared to death.

And and then it morphed into a whole bunch of other issues with incident two billing because it was a multidisciplinary practice. And then some e and m and 25 modifier issues. And after three years he finally pled to a misdemeanor and paid off. Whole ton of money back when in reality.

But for that mistake, it would’ve been something that would’ve a, been resolved within six months. B, would’ve cost him about one 10th of what it cost him in return overpayments and and certainly would’ve avoided the horror of a criminal investigation. So be very careful. As much as you see, even if you see errors or mistakes in your record, they can be corrected.

They just have to be corrected the right way. And you need to be absolutely certain you’re doing that correctly. And that is definitely an area where I would advise you to seek legal counsel for assistance in that regard. Now assuming you have a. Requirement to, to disclose a couple things that you should think about what to include, and then ag and that, as I mentioned before, depends on the scope of the audit.

So once we understand the scope or we’re making reasonable presumptions based upon what we’re reading and the request as to the scope if they have a date range. . It’s the same for every patient. Let’s say they’re looking at a six month period. Some patients are, and certainly not every patient started their course of care at the beginning of that six month period.

I have to assume some of them started it beforehand. In which case we need to go backwards. Prior to the initiation of the rec, the record request period, and maybe include the initial exam progress exams leading up to, so that we can place the visits that they’re actually looking at in context. Think of it this way imagine you have a request for a page out of the middle of a book which sometimes is what?

Record requests look like they’re looking at a singular data service, usually because of some particular coding there. But if medical necessity’s part of the equation, then they can’t possibly understand what’s going on in that visit unless they can see some of the history leading up to it, in which case, we may make the decision to go ahead and include that.

Now, if medical necessity’s not on the table, then we won’t include that. and will reserve the right to supply additional information if they change the scope of the audit. Even when it’s they just want the treatment records, maybe they’re looking at your time-based codes whether you provided direct one-on-one contact, who provided the the contact associated or necessary with the service.

And you, that only comes up with procedures usually but sometimes modalities. But if that is the scope then we might want to include the treatment order, where hopefully. That is where you’re putting all the details about how you’re gonna perform the treatment. You put that in your record once as an order, and then in your subsequent notes, I performed electrical stimulation as ordered for X Minutes.

I performed mechanical traction as ordered for so many minutes, therapeutic exercises as ordered with direct one-on-one contact for so many minutes. So you can. Achieve brevity in your treatment notes with statements like that, but only where you have an order that specifies the details of how that service is to be performed.

And it, you’ll find, and this is off topic, but that approach to documentation is much more efficient and it precludes you. Hopefully from changing your therapy order, visit the visit without an explanation as to why you’re doing it, which unfortunately I’ve seen and it’s the most impossible thing to explain.

And while I don’t doubt that it made sense at the time in the mind of the doc, it doesn’t make sense on paper when the doc didn’t explain the reason for the change. In some cases, where the medical necessity argument is gonna be a little weak based upon the documentation. Because let’s face it, you’re documented or you’re trained to record or document findings.

The patient entered the office today complaining of this, that, these, and those on examination, I found, let me guess. Subluxation, palpable tenderness, restricted range of motion, myospasm, edema, whatever. And you’re gonna find this stuff somewhat repetitively over the course of care.

And what you are failing to do is documenting how those findings are changing, which is what hands a payer, a medical necessity challenge. Very easily. So in some cases the only evidence in the record that the patient got any response or any benefit is in the visual analog scale of their symptoms, which as that tends to flutter.

But. Even then, we’ll prepare summaries that try to provide a more expanded explanation of what was going on with the patient throughout the course of care, demonstrating that they did achieve a benefit. How the care ended. Were they dismissed? Did they go away on their own something.

So there are ways to recover from, rather let’s say from a medical necessity perspective deficient information that demonstrates what benefit the patient got from the care that they were received. In doing this, we can do summaries we can do amendments. If there are actual errors, and there’s a way to do those sometimes you can do them in the record.

If you do them in your emr, it needs to do a strike through of what you’re taking out. Identify the information that you added, when you added it and why you added it. So sometimes I prefer to make those strike throughs in the record and then use a cover page to explain what we corrected and why addendums are documents that we add to the record because they’re adding content.

They’re explaining things that aren’t presently explained in the record. And like I said, addendums can’t be for identifying like a precise level of subluxation on a particular day because you’re not likely to remember that it’s not gonna be credible. But to the extent that you are employing treatment protocols in your office and your addendum explains what protocol you used for that patient.

Things of that nature those would be credible. You can, let’s say you don’t have a radiographic report in your record cuz you can’t find it. The image hasn’t changed. Write another one and date it today and we’ll just explain what happened to the original one. Maybe you never wrote it in the first place.

That can be done. Attestations are statements where you swear under the penalty of perjury or other horrifying thing that can happen to you in the law when you lie on paper, like false statements related to a healthcare matter that the additions, corrections, whatever are true. As well as the contemporaneous record to your knowledge and belief.

And that is a process that even Medicare permits. I’ve als already mentioned alteration of records, but I can’t underscore the importance of don’t succumb to the temptation to fix your records under the belief that they’ll never know. It’s weird how this stuff comes out, even in EMR records because there is a metadata document trail that will identify in many cases when that record was edited and how it was edited.

If you have, like a Cche certified EMR program or something like that, just don’t do it. You don’t have to. , but get help so that you can make these modifications the right way and tell the story that we need to tell in order to get the payer the information they need. And it’s also beneficial, before you start this process, look at the actual medical policies and the standards that you’re gonna be held to, and you get help.

Because sometimes payers try to hold you to standards that aren’t in their policies. And if they if. You don’t have substantial experience with post-payment review, get assistance from somebody who does. I think that’s all we have time for today. So I hope that was helpful and you can expect to hear this presentation again in another two years.

And I hope if you’ve heard it two years ago I apologize, but it’s something that I think that needs to be redone every so often so you don’t forget. Thanks for your attention and we’ll see you next time.