Commentary: The unspoken ICD-10 risk of medical fraud
One of the issues that doesn't come up very often when discussing ICD-10 implementation is fraud.
A simple definition refers to incidents where people get more money than they are entitled to. It's one of the risks addressed in a report, ICD-10 Transformation: Five Critical Risk Mitigation Strategies, from the Healthcare Information and Management Systems Society (HIMSS). The report gives a couple statistics:
- "The American Society of Business and Behavioral Sciences estimates that 80 percent of healthcare fraud is committed by hospitals, clinics and medical professions."
- "According to an April 2000 article published in the Journal of the American Medical Association, 39 percent of providers surveyed admitted that they sometimes exaggerate a patient’s symptoms, report symptoms the patient did not have, or change the diagnosis so the patient’s insurance company will pay the claim."
This behavior may be due to healthcare professionals who feel they are entitled to money that is being denied by healthcare payers as part of the struggle that has become the business of healthcare. Since the vigorous opposition to ICD-10 implementation is based partly on the cost of transition, there may be more temptation to increase reimbursements.
These problems usually are detected by looking for non-conforming diagnoses in claims. After Oct. 1, 2013, just about everything will be non-conforming. Because ICD-10 codes are so different from ICD-9 codes, there will be totally different vulnerabilities and potential fraud. Auditors and healthcare payers may be flag more medical claims than before.
How to mitigate the risk
The same issue were raised in a virtual briefing "Educate Your Providers: Mitigating Risk of Fraud, Waste and Abuse through Effective Training" presented by HIMSS in October. :
- Get really good at ICD-10 coding: Understanding how ICD-10-CM/PCS is organized and assigning the proper medical codes to diagnoses will create medical claims with fewer questions.
- Documentation is key: Proper documentation will help justify diagnoses or medical claims that are questioned.
- Hire your own independent auditor: Someone who examines 6-12 months of claims may find any issues you can correct.
- Screen your hires: Hire people who will not put your practice at risk.
Another way to protect the organization would be to make compliance officers part of the ICD-10 transition team. "Compliance professionals are intimately familiar with coding and with the risk associated with incorrect coding and insufficient documentation," said Cynthia Trapp, Director of Professional Coding at Lahey Clinic.
The HIMSS report goes into a bit more detail:
- "Review existing practice management billing software to ensure its ability to successfully transition to ICD-10."
- "Train clinical and administrative staff on new code sets, technological changes, as well as fraud, waste and abuse regulations and reporting."
- "Review third-party agreements to ensure any vendors involved in billing processes will be compliant with ICD-10 requirements."
- "Ensure clinical documentation procedures reflect the increased level of detail required by ICD-10."
- "Contract with an outside entity to audit six to 12 months of claims submitted by an organization to identify any activity that might be considered fraudulent."
- "Take immediate corrective action where necessary."
- "Augment your provider credentialing/hiring processes with a provider screening service that will identify the level of risk associated with any professional individuals considered for employment."
Protection from fraud allegations is a pretty good reason to use dual coding systems before the ICD-10 deadline. In addition to helping staff become better at medical coding, it will establish a history that can be used to show ICD-10 codes are conforming when questioned.