Let’s continue our look at some of the 2015 hot topics in medical billing impacting health care providers. While some may be obstacles, others may become opportunities. Staying abreast of changes is now more important than ever- the financial health of your practice depends on it!

ICD-10-CM: 6 months and Counting! Are You Ready? 4 Steps to Success

Last year at this time, ICD-10 was surprisingly delayed yet again through a tiny language insertion into the SGR Patch Bill. This year SGR was repealed with a permanent fix and ICD-10 was nowhere in the bill.

What does that mean? It means ICD-10 is on for October 1, 2015! 6 Months and Counting- Are you ready? Have you begun to transition your practice to ICD-10? What should you do?

1. Training Is Crucial. Your staff, including providers, should all be taught the differences in ICD-9 and ICD-10! Stop and realize that medical coding is the mechanism by which you get paid! What could be more important than having all clinic employees on the same page regarding the fastest, most efficient and legal way to get reimbursement! Info Services offers affordable classroom in May (OBGYN focus), June, July and August or specific topic based online training! Learn about it here.

2. Practice. After your staff has been sufficiently trained, they should practice! Dual coding provides the opportunity to practice what they’ve learned with exposure to cases they encounter on a daily basis.

3. Analyze. In addition to coding the daily charges into both ICD-9 and ICD-10, coders should pull listings of the top diagnoses used by the practice as well as the most-used and highest reimbursement non-office visit procedures performed by the clinic. MediSoft provides both a Diagnosis Ranking as well as Most Frequently Used Procedure Codes Report to assist in this exercise. Reviewing this information will allow you to isolate the procedures with the most dollar risk attached should the ICD-10 coding and documentation not be accurate. Using the CMS National Coverage Determination (typically labs) and Novitas’ Local Coverage Determinations (future), you can research the payable ICD-10 diagnosis codes and the required documentation for those procedures. This will reduce “not medically necessary” denial codes when you begin sending ICD-10 codes. Rank your diagnoses and procedures based on the last 12 months, last 6 months, 3 months, etc. to get a true picture of your risk. The non-office visit codes are reviewed because these are the procedures which would have medical necessity coverage information.

4. Review Documentation. Assess the quality of your chart documentation including your superbill! Medical Coding is just an extension of medical record (chart) documentation. If it’s not documented- you cannot bill for it. While there are some changes in current terms and definitions, ICD-10 does not technically change the requirements of medical record documentation. There has always been the requirement to include the all the details and highest specificity information. ICD-10 just requires that specificity to be included in the code where ICD-9 did not. For example: if a provider performs cataract removal surgery on a patient’s right eye, he or she most likely has indicated “right eye” in the chart documentation. In ICD-10 “right eye” must be included in the code submitted for reimbursement. It is imperative that documentation be reviewed compared to ICD-10 requirements and for providers, coders and billers to communicate the new required details for each patient encounter to ensure successful coding. Here is an example of a worksheet that could be utilized to examine documentation for all procedures:

Meaningful Use- Modified Stage 2(and 1)

In April, CMS issued another proposal for “meaningful use” with the goal of aligning Stage 1 and Stage 2 objectives with the long-term proposals for Stage 3. The change from the original Stage 2 requirements are to reduce reporting requirements which would allow providers to focus on advanced use of EHR technology and quality improvements and better promote interoperability. The plan would not be issued as a final regulation until August of this year; however, it applies to MU for years 2015, 2016 and 2017. So in August of 2015, providers will receive the final rule affecting 2015.

The proposal reduces the number of MU objectives to focus on the advanced use of EHRs; removes measures that have become redundant or have reached wide-spread adoption; realigns the reporting period to a calendar year instead of fiscal year; and allows for a 90 day reporting period in 2015.

Modified objectives of particular interest are the patient electronic access and patient electronic messaging. The original MU measure was 5% while the modified MU is 1 patient for electronic access and a “functionality fully enabled” for electronic messaging.

If a provider is currently attempting Stage 1 MU, it also was modified for Stage 2 criteria, but with smaller less comprehensive measures.

Meaningful Use Stage 3 Released

The proposed rule for stage 3 of “meaningful use” EHR Incentive Program was also recently released. It contains 8 objectives focused on advanced use of EHRs. The rule proposed significant change to the structure of the program by establishing a single stage for MU (Stage 3) starting in 2018. This would require eligible professionals to comply with MU requirements by 2018, regardless of their prior participation in the program. It is predicted that the cost to purchase and implement a certified EHR would be $54,000 and $10,000 annually for maintenance. The patient engagement requirement jumps from 5% in the original stage 2 to 25% of patients in stage 3. Starting in 2018, CMS would require electronic quality reporting for providers who would need to implement 5 clinical decision support interventions related to four or more quality measures. CMS insists that stage 3 includes some flexibility to help providers successfully attest. By 2019, MU will be rolled into a consolidated program under Merit-Based Incentives.

PQRS, VBM, MU EHR and now MIPS- Alphabet Soup That Isn’t That Tasty! Act Now to Avoid Penalties!

By now, everyone should be aware that fee-for-service payment is on its way out and a value-based payment system is on its way. But all the program abbreviations being tossed around can be confusing! To read more about PQRS, VBM and MIPS see our Medicare Billing Boosters for April 2015.

Coding Catches

Evaluation and Management Coding. Are you coding a lot of high level 99214s and 99215s? Is every visit a 99213 because you are afraid of coding higher? As a provider, you should be reimbursed for the services you have provided. Review this CMS document on E & M Coding and check out this CPT Coding Review Audit Tool online.

Chronic Care Management Code Help

At the first of this year, Medicare began paying for chronic care management (CCM) in an effort to recognize the value that primary care services provide to patients. CPT code 99490 can be billed once per patient per month by one provider. At least 20 minutes a month of care management activities (non face-to-face) by clinical staff (not necessarily a physician) is required to be able to bill once a month. CCM is a nice benefit for a primary care provider (think about getting paid around $40 each month for each of your patients with chronic diseases whether you see them or not), however, as usual, there are stipulations. CCM pertains only to patients with two or more chronic conditions; participation requires eight elements, including access to care 24/7, continuity of care and management of care transitions between all of the patient’s providers; a written care plan; the provider must utilize an EHR; and the patient must sign an agreement to receive the services. CCM is not exempted from coinsurance, so normal deductibles and copays will apply. Since the services are not face-to-face, patients may be confused on what exactly they are being charged. There are also still some unanswered questions regarding the billing of CCM, such as what date of service should be used, and no specific patient consent form template has been published by CMS.

The American Academy of Family Physicians (AAFP) has issued several good tools to assist in offering and documenting Chronic Care Management Services. They are linked here simply as a tool for providers as AAFP has done. Info Services did not develop these documents nor do we own any rights to them. They are shared as available information. www.aafp.org

• Plan

• Agreement

• Excel Log

• Patient Letter

HIPAA Security Penalties- Can You Afford To Ignore Them?

HIPAA Security penalties can be costly. Anchorage Community Mental Health Services has to pay $150,000 to settle potential HIPAA violations after the organization failed to install patches for their systems and continued to run outdated, unsupported software that eventually led to a malware data breach affecting almost 3,000 individuals.

Penalties can range from $100 to $50,000 per violation, depending on the conduct at issue. If the violation results from “willful neglect” the party is subject to mandatory fines of $10,000 to $50,000 per violation. A provider can also rack up penalties because a single data breach may result in numerous violations. Providers are required to self-report breaches of unsecured protected health information not only to HHS but to the patient.

To avoid penalties, provider need to get a lock on their practice’s security policies and procedures and do the following:

• Conduct a security risk assessment and keep it updated.

• Implement the HIPAA required safeguards: administrative (policies/procedures), technical, physical.

• Review Business Associate Agreements to make certain they contain the new HIPAA Omnibus Rule changes.

• Train staff effectively on requirements, policies and procedures.

• Research immediately any suspected breach to possibly mitigate and avoid the requirement to self-report.

• Report breaches timely. Seek knowledgeable legal counsel before reporting.

• Document, document, document. Covered Entities and Business Associates are required to maintain documentation for 6 years. Documenting proper actions will help in the defense against HIPAA claims.

Need help with HIPAA security? Look at these helpful tools:

• HHS.gov

• Heathit.gov Security Risk Assessment

• HHS.gov Business Associate Contracts Sample Agreement

• Healthit.gov Guide to Privacy and Security of Electronic Health Information

• Info Services, Inc. 10 Ways You May Be Violating HIPAA Security

Patient Balances 2015

The American Health Insurance Plans lobbying group found that the number of people with high deductible plans rose from $1 million in 2005 to $15.5 million in 2013. If the historical growth rate of 15% per year continues, 2015 will approach $20 million.

With the continual decline of insurance reimbursements, providers have no choice but to be intentional about collecting all that is owed at the time of service. The chances of getting paid significantly decline once a patient leaves the clinic. Intentionally waiving copays and deductibles put the provider at risk for insurance fraud. If your fee is $125 and you waive the $40 copay, you’ve just reported an incorrect charge amount to the insurance company. By waiving the copay you have, in essence, adjusted your fee.

Collect co-pays, deductibles and balances prior to seeing the patient. McKinsey & Company found that a patient was 90% likely to pay prior to receiving services when required; 70% likely to pay at checkout and 40% likely to pay after they leave the clinic.

Get creative in your collection approach: How many times does your front office hear this? “Oh goodness- I’ve forgotten my wallet and checkbook!” – No problem. Just explain to the patient that they can call in their credit card payment by the end of the day to avoid an additional late fee.

Have you tried actually calling a patient who is delinquent? It is estimated that 75% of providers don’t call and ask for payment. Use a prepared script (a form perhaps) for your staff to utilize including these guidelines: (1)confirm you are speaking with the patient and tell him/her with whom they are speaking (2) request payment in full but at very least establish a payment plan (3) document the conversation- what has the patient agreed to? (4) reiterate that noncompliance with the plan will result in the patient being sent to collections (5) gather any new information about the patient such as addresses, employer, etc. (6) always be polite and respectful. Don’t have a form? Contact us to receive a sample form.

When a patient statement is required do they appear professional and easy to understand? Does statement preparation cost you valuable medical billing follow-up time each month? Are you manually sending collection letters? BillFlash Statement service includes professional and customizable statements that include a return envelope. This allows the practice biller to spend more time on insurance follow-up instead of printing and stuffing statements. [For more information click Here.] [Revisit our blog “Let’s Face It- Patient Collection is Mission Critical” Here.]

Business -End Topics

There are so many medical related rules surrounding providers, we sometimes forget that running a clinic is a business. Take note of these business topics:

Credit Card Rules. Businesses that accept credit and debit cards must comply with privacy laws that aim to protect customer identity. There are regulations of which many merchants are unaware. The Fair Credit Reporting Act is the federal law that establishes the foundation of consumer credit rights. It regulates the collection and use of consumer credit information by merchants. The Fair and Accurate Credit Transaction Act is an amendment to that law which prohibits merchants from showing credit card numbers on receipts. Card information must be truncated on electronically printed receipts, including no more than the last 5 digits of the card number and must delete the expiration date. This does not apply to imprinted or handwritten receipts; however, merchants using these are required to also protect the identity of the customer. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID.

Payor Contracts. Are you keeping up with your payor contracts? Your reimbursement may depend on a thorough review. An annual review ensures that the terms still work for your clinic. Have you added a new service recently that wasn’t in the original contract? Have you discontinued a service because costs were too high? Has the payor put in a clause for the clinic to accept virtual credit cards as payments? In addition, are you reviewing your EOBs compared to the contract terms? Is the payor reimbursement as negotiated? If the payor is making a mistake, you could be leaving significant money on the table. More and more patients are obtaining exchange insurance policies. Should you credential with some of them to gain reimbursements or are the high-deductible amounts a deterrent?