Coding: How to Survive a Payer Audit

July 15, 2006

Have your payers been reviewing old charges and asking for refunds? Payer audits are becoming more common as physicians get aggressive with code selection.


Are payers asking you for refunds?

In recent months, I’ve noticed an increase in the number of commercial payers auditing E&M services. They appear to be clearly targeting the higher levels of new-patient, established-patient, and consulting services.

Why the added attention?

Partly because physicians are - finally - getting a bit more aggressive with their use of higher-level E&M codes.

EMRs help. When a machine helps you document your services completely and tells you a Level 4 is OK, you feel a little more confident billing it. But payers are getting a bit tired paying out the extra cash for higher-level visits, especially when encounter notes are so redundant that every chart looks the same. Automation means uniformity and can lead to sloppy repetition - not what a payer wants to see in a chart. They want to know if a patient did indeed receive a unique service, not that you simply checked off the same template boxes for each patient you saw.

Even physicians without EMRs are getting a little more grabby these days, further increasing payer scrutiny. In recent months, several primary-care magazines have run articles on how easy it is to document 99214s, arguing that providers aren’t claiming their fair share of these services. Consultants in the field (author included) have long opined on the inaccuracy of published Medicare utilization data and have said that true performance data would indicate higher-intensity visits. Specialty societies have also joined this chorus, and various specialties have seen localized spikes in higher code use. No wonder payers are scrutinizing their claims so closely.

That being the case, what can you expect from an audit, and what’s your best defense?

Audit the audit

Providers need to be critical of the auditing process. Learn how your payers operate. Ask your payers for a copy of their audit protocols, standards, and forms. If you are actually audited, be sure to ask for all details of the analysis - not just the end result. And get some help. If your lack of coding and documentation awareness got you into this, it will take more than some of your best thinking to get out of it.

Here is a legitimate concern: If a payer recoups funds based on a review that was itself not adequately handled then not challenged or even reviewed by an expert in the field, what’s to prevent that payer from coming around, say quarterly, to collect on more “overpayments?” Take this seriously. You need to learn the rules of engagement.

An audit usually pits the standards of the payer against the coding and documentation prowess of the provider. I recently spent two hours speaking to a physician client I’ve been working with for over five years, explaining in great detail why a commercial payer had “flunked” his physical exams in an audit of Level 4 and Level 5 new patients. I ended up e-mailing PDFs of the payer’s 1995 and 1997 CPT documentation guidelines and tried to explain what the payer’s auditor was talking about in his cover letter that requested a payback amount. It’s difficult enough explaining to providers what is expected of them in terms of coding and documentation. Adding the details of what auditors can do with a chart opens a new universe of uncertainty that can be truly shocking to them.

Recognize that an audit itself is likely performed by someone you will never meet - the payer requests records that support a set of identified charges, you send the records, and a faceless someone makes determinations that result in a request for repayment.

There is great variation in skill level among auditors, audit standards, audit tools, and even intent. Which E&M charts are being audited? Typically, only those with Levels 4 and 5. Auditing Level 3 charts would more than likely only turn up undercoding -which a payer is unlikely to point out to a physician.

So to some degree, audit findings are predictable based on the sample payers request. Payers sample only the charts they hope to benefit from.

As to audit tools and parameters, beware. The payer auditing the client I mentioned above claimed to be using the 1995 and 1997 E&M documentation guidelines for its review and claimed that the review was conducted by a certified coding professional. But when I reviewed the claims the payer deemed “over-coded,” I found that the exams in questions were in fact coded properly under the guidelines. The payer used its own unique version of documentation requirements to conduct the audit.


All providers must realize that whether they are dealing with private or government payers, the outcome of an audit is more influenced by interpretation and nuance than by science and hard facts. Even the Centers for Medicare and Medicaid Services note that “carriers have great latutide in their interpretation of the guidelines,” and commercial payer audit activity is even less regulated. This suggests that the burden of proof lies most squarely on the shoulders of the provider. It’s not about whether the need for concrete documentation is fair - you need it to defend your work.

My provider client will be appealing his payers’ findings about his claims.

Appeals are often a step physicians never consider taking. Go to your payer’s medical director prepared to discuss the merits of the audit, the legitimacy of the tools used, the medical necessity of the services rendered, and any other contributing factors. Typically, if the medical director upholds the orignal finding - unless that company has a specific protocol for more appeals - the provider’s only remaining course is legal action, an unpleasant prospect at best.

Besides E&M

While E&M codes are getting lots of loving attention these days, they are not the only area in which you need to be prepared to defend yourself. Audits or reviews can also target:

  • Billing for services not actually rendered;

  • Billing for medically uncessary services;

  • Unbundling;

  • Upcoding or incorrect code usage;

  • Incorrect modifier usage;

  • Duplicate billing;

  • Routine waiver of copayments;

  • Inappropriate balance billing;

  • Failure to refund overpayments; and

  • Misuse of provider identification numbers.

Each of these areas can be audited separately or as part of a general claims audit. Of them, one of the most challenging is the medical necessity issue. Medicare will pay for only what is considered “medically necessary,” as defined by the Social Security Act. Such necessity is determined based on a “statutory obligation to pay,” not purely on the clinician’s perception of medical necessity. Private payers may also have specific limitations or requirements regarding E&M services and diagnostics, either to limit perceived excessive utilization or to ensure appropriate preventive and health maintenance services. Often commercial audits are focused on quality of care, outcome, and wellness concerns. In those cases, the audit is actually geared toward protecting the health of the beneficiary and long-term actuarial health of the plan. But commercial payers typically reserve for themselves the determination of what is medically necessary - and providers need to learn their rules as well.

Responsible providers carefully review their contracts for definitions of medical necessity, and most important, who determines it relative to the provision of specific patient services.

Once upon a time it seemed the principle problem providers faced was getting paid for their services. Lately it seems to be actually keeping their payments. A good defense, as they say, is the best offense.

Bill Dacey is principal in The Dacey Group, a consulting firm dedicated to coding, billing, documentation, and compliance concerns. Dacey is a PMCC-certified instructor and has been active in physician training for over 16 years. He can be reached at billdacey@msn.com or via editor@physicianspractice.com.

This article originally appeared in the July/August 2006 issue of Physicians Practice.