Hot Topics

• Security Awareness Training Part II: Tips and Techniques for Improving Your Program
• Chargemaster Functions and Compliance

AMA Coding Guidance

• Molecular Pathology Update
• Wireless Capsule Endoscopy
• CPT Assistant THEN and NOW: Care Plan Oversight Services (99374-99380)
• Coding Consultation: Frequently Asked Questions

Note to readers:

Our subscribers told us that they are challenged by the high volume of information they need to process. They stated it’s not the quantity of information that’s important, it’s getting the right high-value information at the right time. To meet the goal of providing valuable resources while reducing email load, we will be updating and consolidating our Health Net News emails into a single source of professional health care information and solutions. Covering content in Health Care Compliance, Medicare and Medicaid Reimbursement, Health Reform, Life Sciences, and Medical Coding this resource is designed to provide you with the content and features most useful to you, highlighting the key developments of the month. Your first consolidated Net News will be sent in December.

Hot Topics

Security Awareness Training Part II: Tips and Techniques for Improving Your Program

Increasingly, effective and ongoing training is viewed as one of the priority components of effective information security and privacy programs. New programs and training methods have been developed and implemented across organizations to reflect these changes and, most importantly, to respond to the needs of the workforce to understand and interpret new requirements. Working together, governance, management, and the workforce must be able to protect the organization’s confidential information against ever-increasing threats, both internal and external.

Part 1 of this series presented a discussion of training and awareness as key concepts to an effective information security program, including the HIPAA Security Rule standard and implementation specifications, the role of the CISO, the importance of goals, and expectations for users. In Part 2, we include nine tips and techniques for improving security awareness and training.

Tips and techniques for developing and implementing effective security training and awareness programs

Informing users about security does not lead to behavior change. Users need to understand the “why” of policies and practices when it comes to protecting confidential information. You won’t get much traction with long lectures, boring slides, use of jargon, emphasizing the “don’ts” as the basis for security awareness training. We have only to survey OCR’s “wall of shame” to know that most cases that hit the public domain could have been prevented.

Following are suggestions for taking your security awareness training program to the next level, emphasizing behavior change and user engagement.

1. Set goals and objectives for security awareness training. Review and modify these goals and objectives on a periodic basis. Evaluate training programs. Use results of training to change and improve processes and update policies that need attention. Work with education and organizational development to achieve these goals. Treat security awareness as a performance improvement activity, a shared responsibility across the organization. Recognize that awareness and changing behavior is a continual process.

2. Borrow techniques from other areas and disciplines. Use the Safety Program, Quality Program, Biomedical Engineering, Medical Education Program, Nursing Education, Human Resources, Marketing, and others as examples. Embed security awareness into existing programs. Enlist managers and users in these programs to include security awareness in their programs and initiatives. Think of your organization’s “wash your hands” campaign or public safety “fasten your seatbelt” messages as examples.

3. Don’t think annual, think continuous. The Security Rule does not require annual training, although most organizations consider this a requirement and embed this notion in their policies. Remember that short bursts of training (“small bites” or appetizers) are more effective in getting users to remember key concepts and change behavior.

4. Select key themes and focus energies and resources on achieving recognition and behavior change in these areas. Reinforce lessons by repeating the key themes (e.g., mobile security, encryption, timely logging off computers, locked doors and cabinets, etc.) several times, using different media (e.g., screen savers, email messages, Q&A, guidelines, reminders at staff meetings, posters, etc.) and advertising techniques.

5. Emphasize and explain the “why”, i.e., why is it important to use a strong password on your smart phone?” If a user understands why something is important and the implications of taking the action, s/he is more likely to adhere to your standards. Train managers to give feedback to their employees in a positive, constructive way. Train in context, i.e., provide users with information they can use in their jobs and outside of work to protect information (and themselves). Ask employees for feedback on training and solicit topics they want to learn about.

6. Re-frame your messages to be about the benefits of good security practices, not the regulations or the negative consequences of not following policies or rules. Engage the users and keep the material interesting, always answering the “why” of a practice or procedure.

7. Use scenarios and tell stories. Select real cases from the headlines and the “wall of shame”. Use storytelling techniques to describe the situation. Elicit suggestions from users. Ask and discuss: “Could this happen here? How would this damage our organization? How would you prevent this from happening to our organization?”

8. Test and evaluate training methods. Consider using social engineering and phishing techniques to test how well the training is working. Modify training, based on lessons learned. Involve trained educators in developing and evaluating programs. Solicit feedback on training techniques from users.

9. Involve middle management. Middle managers and supervisors are probably the most valuable players in security awareness. They hold the key to involving their employees and changing work processes to be more secure, based on good security techniques and practices. Train your middle managers in basic security practices and elicit their suggestions for training users. Make them responsible for overseeing their areas and monitoring security practices. Incorporate security issues into environment of care and other regular rounding practices in their areas.

In healthcare, information is a valuable resource. Maintaining confidentiality, integrity and availability of patient information is our primary consideration in providing high quality, coordinated care to our communities. Protecting this information is a primary strategic objective. Without a carefully conceived, well planned information security program, with security awareness as a core foundation, we cannot and will not achieve our goals.

“Even the most secure system, operated by ill-informed, untrained, careless or indifferent personnel, will not achieve a significant degree of security.” (ISACA Information Security Governance, Guidance for Information Security Managers)

Back to Top

Chargemaster Functions and Compliance

A hospital chargemaster (CDM) is a hospital specific computer file that includes all hospital procedures, services, supplies, and drugs that are billed on the Uniform Bill UB-04 Claim. Each line item is made up of corresponding data items. Most chargemasters are made up of several thousand line items. Depending on the system used, each department may have their own list of items or facilities may share one master list.

The CDM plays an important role, sitting in the middle of the revenue cycle process. The CDM

• is a source of repeating denials
• is a database of services provided, supplies used and other goods provided to patients
• information ends up on patient bills and is used on insurance claims
• requires total accuracy
• requires department participation and involvement to ensure completeness and accuracy. Each department where the services are provided should have a thorough understanding of its content.

A CDM file includes data fields that help create each line item within the CDM:

• The CDM line item identifier is a unique identifier that links that line item to a specific department.
• The description should accurately reflect the service provided or the supply item used. The description is hospital specific, but should be listed in a way that is recognizable to others. Many services and supplies require a unique code to be assigned to them for billing purposes. When this is the case, the description of the service or supply must mirror the description of the code assigned. Most systems allow for a separate data field to place a more patient friendly description to be used on a patient bill.
• Revenue codes are a three digit number that describes cost classifications. The revenue codes are different from the cost center in that they are service specific and are required by many payors.
• Most current procedural terminology (CPT) and Healthcare Common Procedure Coding System (HCPCS) codes have specific revenue codes assigned for use with that code. Quoted from the Medicare Claims Processing Manual, "Generally, CMS does not instruct hospitals on the assignment of HCPCS codes to revenue codes for specific services provided under outpatient prospective payment system (OPPS) since hospitals' assignment of cost vary. Where explicit instructions are not provided, providers should report their charges under the revenue code that will result in the charges being assigned to the same cost center to which the costs of those services are assigned in the cost report."
• The department identifier, sometimes referred to as the cost center, is an internal mechanism used to track revenue by department.
• The charge type, if included as a data field option, is typically used to describe the type of charge the item represents and is used for tracking purposes. Categories may include titles such as Charge (used for ancillary services), Room Rates, Statistical Code (used for tracking purposes, no charge items), Multipliers (used for pharmacy items), Supplies, etc.
• The effective date reflects the date an item was previously entered or the current activity of a line item. This option allows for tracking code changes and/or pricing updates. It is important to track these changes and maintain an audit trail for auditing purposes. Any date prior to approval or effective date is considered not covered by Medicare.
• The charge field applies a charge to the service provided or the supply item or items used to provide a service. Charges should be uniformly applied across all payor categories assigning like charges for like services. The charge entered in this field reflects one unit of service. If multiple units of service are selected, the charge should multiply itself by the number of units applied. The provider reimbursement manual "requires that costs and charges for a given service be matched and placed in the same cost center." Charges refer to the regular rates established by the provider for services rendered to both beneficiaries and to other paying patients. Furthermore, it states that "charges should be related consistently to the cost of the services and uniformly applied to all patients whether inpatient or outpatient." It also "states that in order to assure that Medicare's share of the provider's costs equitably reflects the costs of services received by Medicare beneficiaries, the intermediary, in determining reasonable cost reporting, evaluates the charging practice of the provider to ascertain whether it results in an equitable basis for apportioning costs. So that its charges may be allowable for use in apportioning costs under the program, each facility should have an established charge structure which is applied uniformly to each patient as services are furnished to the patient and which is reasonably and consistently related to the cost of providing the services. While the Medicare program cannot dictate to a provider what its charges or charge structure may be, the program may determine whether or not the charges are allowable for use in apportioning costs under the program." "Providers may submit cost reports with cost and charges grouped differently than in prior years, so long as the cost and charges are properly matched and Medicare cost reporting instructions are followed."
• Current Procedure Terminology known as CPT codes published by the American Medical Association and Healthcare Common Procedure Coding System known as HCPCS codes published by CMS are updated on an annual basis and become effective January 1st of each year. It is important that each line item of a CDM is reviewed and updated with any updates, changes, and new services added to ensure accuracy of claims submitted beginning January 1st of the New Year.

In many ways the CDM is a target for audits. We are obligated to follow a number of regulatory requirements and policies. These rules and regulations come from the Federal Register, CMS, Medicare Manuals and contractors, local and national coverage determinations, and billing and coding manuals. Organizations may have contractual obligations as well.

If the CDM is not accurate, claims will not be accurate. To name a few, a request to audit claims could come from many directions... the Recovery Audit Contractor (RAC), Office of Inspector General (OIG), Prepayment Request, Comprehensive Error Rate Testing (CERTs), or Defensive Audits. It is important that, if a problem is discovered within the CDM, internal processes to rectify it immediately should be followed.

Interfacing the CDM and involving multiple departments is the key to a successful revenue cycle process.

• The coding interface is particularly important because the CPT and HCPCS codes are linked to revenue codes and charges which drive payment. Coding not only comes from the CDM but is done in Health Information Management through abstracting, which then interacts with the CDM and can sometimes override the CDM.
• The CDM impacts the billing department; if it's not accurate, the claims could hit a billing error, which in turn increases accounts receivable days in billing.
• The CDM information is used for cost reporting and accounting.
• It captures and sets charges.
• And is used for statistical reporting.

It's important to identify coding responsibility between Health Information Management and coding functions provided by the CDM. Often times Health Information Management staff are responsible for inpatient coding, along with outpatient observation, outpatient surgical procedures, surgical wound care and encounters from the emergency department.

The CDM provides line items for departments to enter their own charges for non-surgical procedures, some wound care procedures, supplies used, infusions and injections, and limited procedures within the emergency department.

It's important for organizations to define what the revenue cycle looks like; from the time the patient schedules an appointment or walks through the door and is registered for services to be provided to posting the payment. Creating a Revenue Cycle team can assist with responsibility and oversight of the CDM and maintenance process. A revenue cycle team or CDM committee can help define workflows and have authority to make policy changes and decisions. While the CDM Coordinator may report to the committee any issues or concerns with line item accuracies or special requests for review and approval, the committee should also be aware of billing changes and denials. The Revenue Cycle committee should look at coding accuracy as it relates to the CDM. As important, the committee should provide education and communication across the organization of changes and/or updates as necessary.

Setting charges is not an easy task. Consider Medicare's charging rule, hospitals cannot charge Medicare patients more than any other patient. The hospital's charges must be consistent and based on the cost of providing that service. Work to ensure that the charges make sense.

• Ensure charges reflect actual costs
• Review cost structures, consider Medicare reimbursement
• Work with departments and physicians to identify medically unnecessary practice patterns
• Ensure policies are in place for supply orders to ensure best pricing through preferred vendors
• Coordinate device orders through materials management or a purchasing department
• Require sales associates and vendors work only through and with materials management or a purchasing department

The key to your success will be maintaining an accurate and up to date CDM, and to also ensure that charging tools such as charge tickets or encounter forms are up to date. Ensure charging tools match the claim information and that it all follows and agrees with the CDM and services being delivered.

Modifiers help provide greater specificity when attached to a procedure code. However, use caution with the use of modifiers in a CDM. Modifiers eliminate the appearance of unbundling or duplicate billing on a claim. Modifier use effects payments, both for discounting and additional payment options. Test your modifier use by ensuring the documentation supports what you are billing.

Modifiers to be aware of.

• Modifier 25 is to be used on a significant, separately identifiable evaluation and management service provided by the same physician or other qualified health care professional on the same day of the procedure or other service. Modifier 25 should only be used when documentation has been reviewed and verified that the two services performed together are truly separately identifiable.
• Modifier 52 and 53 are used with surgical procedures to indicate a service was reduced or discontinued.
• It is never recommended to include modifier 59 in the CDM. This modifier allows for two procedures to be billed and paid separately, where it's quite possible that one is eligible for payment.
• Modifier 91 is used for repeat clinical diagnostic laboratory tests. Documentation must support the necessity to obtain multiple testing and was repeated based on specific orders from the physician. Modifier 91 is not to be used when tests are re-run to confirm initial results due to testing or equipment problems.

Include individual departments with your CDM assessment. Conduct line by line reviews with departments. Look for previous charges not currently set up. Look for unused charges or unusual usage of a given line item. Look for new services being performed, but have not been set up in the CDM. Ask departments if there are any services being performed that they are unable to charge for currently because they don't have the option in their system to do so. Ask departments if anything has changed with the services they provided, are these new approaches or new techniques being used? If so, you may need to update your CPT or HCPCS codes to match the service being delivered. And ask if there are any new supplies being used. You want to keep an eye on your supply items to be sure that the items continue to be separately billable items.

How often you conduct these reviews is up to you and the resources in place to conduct them more frequently. It is recommended that a full review be conducted on an annual basis because of the updates to CPT and HCPCS codes. A biannual review would be better and, of course, a quarterly review would be ideal.

Look for opportunities. Procedures performed on the same day as other services are often overlooked and not charged for. Look at high volume departments and high denial items to identify and correct the issue as soon as possible. Keep an eye on your revenue producing areas such as the emergency department, radiology, surgery, and pharmacy. Monitor coding for accuracy in more complex coding areas such as evaluation and management services, surgeries, and injections and infusions to ensure you are capturing all possible charges.

Conduct ongoing chart reviews. Collect charge tickets, encounter forms, medical records claim forms, and explanation of benefits (EOBs).

• Review the accuracy of your charges, are the charges correct? Are they dropping on the claim appropriately?
• Do your bills reflect what was documented in the medical record?
• Is medical necessity supported? Have you looked at your local and national coverage determinations?
• And are you getting paid correctly?

The benefit to all of this is a standardized CDM, which improves reimbursement, ensures uniform pricing, and helps to identify lost charges and reduces audit findings. Most importantly, a standardized CDM brings you into compliance and helps to ensure billing accuracy.

Back to Top

AMA Coding Guidance