Tuning Up Your Medical Records Maintenance and Billing Practices
In the healthcare industry, maintaining medical records in an orderly and compliant fashion is vital to the care of the patient and the success of the health care provider. Missteps in this area can lead to costly consequences. Most are familiar with federal requirements related to medical records such as the Health Insurance Portability and Accountability Act (“HIPAA”) or the Centers for Medicare & Medicaid Services (“CMS”) guidelines. Additionally, Accountable Care Organizations (“ACO”) are under certain obligations regarding record retention and maintenance. A sometimes overlooked side of these requirements is in the private payor context. Private payors generally have strict medical recordkeeping requirements that go hand-in-hand with their claims auditing processes. The amount of oversight over medical records can be extensive.
This oversight means that industry actors need to be sure they are maintaining medical records in a way that meets their obligations both from a compliance perspective and a contractual perspective. For example, how does your organization ensure medical records are completed on a timely basis? How does your organization handle mistakes in medical record entries? Does your organization maintain a policy regarding medical record entries and retention? How does this relate to your organization’s billing processes? These are questions to think about and have answers to. Recent cases can highlight the risks when these issues are not addressed.
Cigna False Claims Case and OIG’s Audit of Anthem
Early in 2021, Cigna was awarded $5.8 million in a case involving certain improper billing practices. The defendants were composed of three different health clinics, an advanced practice registered nurse, and the business manager of the clinics. They were accused of engaging in the following:
- falsifying medical records;
- submitting claims for more dates of service than actually occurred;
- submitting claims that had the wrong licensed physician performing or supervising the services; and
- submitting claims using physicians’ credentials without their authority.
According to Cigna, each of these practices led to overpayments, which provoked them to sue for, among other things, common law fraud, civil conspiracy, unjust enrichment, negligent misrepresentation, and money had and received. The clinics were accused of billing Cigna for pain management treatments that were never actually performed, and having physicians sign off on medical records that were never reviewed. It is important to note that regardless of the individual responsible, or how much each individual practice was actually involved, Cigna pled, and the Court agreed, that the clinics were jointly and severally liable for the $5.8 million judgment. This case highlights the importance of timely and proper medical record maintenance. Lack of oversight and the actions of even one person within an organization can lead to issues that impute liability to the entire organization.
Similarly, the Department of Health and Human Services Office of Inspector General (“OIG”) has brought actions against those who fail to properly maintain medical records. OIG recently found that Anthem failed to comply with federal coding requirements because it provided medical records that did not support the diagnosis codes being submitted to CMS. Specifically, through a comprehensive audit, OIG found that the medical records did not support the proposed diagnoses related to acute stroke, acute heart attack, a combination of acute stroke and heart attack, embolism, major depressive disorder, and vascular claudication. The OIG audit provided multiple examples of notes in the medical records at issue. For example, in one progress note, there was reference to an MRI report with negative indications for acute stroke; however, a confirmed acute stroke diagnosis was still submitted. Additionally, Anthem was unable to locate any medical records to support some of the claims submitted. OIG alleged that such actions resulted in overpayments in the amount of $3.47 million.
Documentation Issues and the Consequences That Follows
Certain improper medical record practices tend to lead to the neglect, mismanagement, or poor organization identified in the foregoing case discussions. One such practice is late completion of medical records. We are aware of many practices having difficulty getting medical records completed on a timely basis. Although CMS does not have a specific deadline for completion, late completion risks inaccurate information and billing compliance issues. Another improper practice is the cloning progress notes. Cloning (i.e., copying and pasting) progress notes allows users to select information from one source and replicate it to another location. For example, progress notes from one visit are replicated to progress notes for a completely different visit on a different day. It is presumed that this practice has become more popular due to the simplicity of record completion (and possibly the increased need to complete records days if not weeks after the actual visit); however, such a practice significantly increases the likelihood of inaccurate information in the patient’s medical record which, in turn, leads to inappropriate and possibly fraudulent billing. How can one legitimately argue that the exact same facts occurred on two separate occasions? Moreover, such cloning could give rise to an inference that the service was never even performed, performed but at a different service level, or not medically necessary in the first place. CMS has clearly stated its concerns related to cloning records, and we have defended more than one instance of cloned records being identified in medical record audits. This is not a practice to be condoned.
CMS has highlighted other suspect issues in documentation as well. For example, “upcoding” results in billing for a service which provides a higher payment than the service that was actually performed; this usually results in fraudulent claims and improper payments. Another problematic activity occurs where medical record author identification is not properly facilitated and notes are revised without proper documentation of who is doing the revisions. Editing and revising is not so simple in the context of medical records. It is important to take into consideration guidance from CMS and private payor contract provisions when implementing policies and procedures regarding editing and revising records.
CMS states that when making changes to medical records, the provider should: clearly and permanently identify any amendment, correction, or delayed entry as such; clearly indicate the date and author of any amendment, correct or delayed entry; and clearly identify all original content, without deletion. If the record is a paper record, CMS provides that authors should use a single strike line so that the original content is still readable and have the author sign and date the revision.
These recommendations should be followed even in the private payor context. In addition, authors should take into account whether there are any specific contract provisions that require editing and revising of records in a way to maintain compliance with contract terms. It would be wise to establish policies and procedures that use the CMS guidelines as the minimum guidance and implement additional safeguards as necessary. Private payor contracts often require specific medical record documentation, audits of medical records, and reporting requirements for medical records. Failure to comply in the private context can lead to common law claims such as breach of contract, unjust enrichment, restitution, fraud and misrepresentation, and negligent interference with prospective economic relations.
Staying On Top of Your Records
It is critical to continuously and meticulously maintain medical records to comply with the recordkeeping requirements of both public and private payors. There are numerous federal guidelines that can be followed to establish compliant policies and procedures for maintaining records. Actors should consider not just the federal guidelines, but also applicable state guidelines (if any) and contractual terms that mandate specific obligations. Failing to properly maintain medical records can lead to consequences that no organization wants to face. Establishing principles of compliance is the best route to continuously maintain compliant medical records.
Koley Jessen’s Health Law Practice Group is highly skilled in the context of medical records and audits. If you have any questions regarding the topics in this article, please contact any member of the Koley Jessen Health Law Practice Group.
* The information contained in this document is provided for informational purposes only. It should not be construed as business, legal, accounting, tax, financial, investment or other advice on any matter and should not be relied upon for such.