Automating RAC audits

Oct. 22, 2014
Bob Zimmerman, Solutions Analyst, Hyland

Medicare Recovery Audit Contractor (RAC), Medicare Administrative Contractor (MAC) and other medical claims audits present a significant risk to revenues and profit margins for healthcare providers. These audits often represent a complex appeals process with significant penalties, including automated recoupment of funds with limited information to indicate the account being adjusted. To further complicate matters, effective January 1, 2014, the Medicaid RAC program as mandated by the Healthcare Reform legislation added a new level of difficulties, further endangering the revenues of healthcare providers.

How RAC audits have evolved

The Medicare Modernization Act of 2003 began an overhaul of the existing Medicare program in an effort to help providers comply with varying Medicare billing rules and the Centers for Medicare and Medicaid Services (CMS) lower its error rates and protect future Medicare beneficiaries (and us as taxpayers, of course). Fast forward some 10 years and millions of audits later where, earlier this year, CMS announced that, based upon industry feedback, it was revising the Statement of Work for RAC audits as the regional intermediaries contract renewals come due. CMS states that it is “confident that these changes will result in a more effective and efficient program with improved accuracy, less provider burden and more program transparency.”1

These changes will become effective with the next RAC contract awards, which are scheduled to occur before the end of 2014. One planned change to the existing program includes CMS’ desire to include one national durable medical equipment (DME) and Home Health/Hospice Recovery Auditor, in addition to retaining the four Regional Medicare A/B Recovery Auditors; however, the regions will be redefined to better align audit volumes. Other planned changes2 are noted in Table 1.

Table 1

Advancing RAC audits

While these changes will offer some level of relief for providers, additional benefits could be obtained through the automation and standardization of not only RAC audits, but all audit requests, in the true spirit of advancement and automation.

RAC audits will continue to be defined in two ways: automated reviews (audits that use computer software to detect improper payments) and complex reviews  (audits that utilize human review of medical records and other medical documentation). 

Note: Automated activity includes both the traditional automated activity as described above, as well as semi-automated review activity. These claims are denied in an automated manner if supporting documentation is not received on a timely basis.

Automated reviews are identified and submitted through use of Denial Remark Codes [N432] in the ANSI x12 835 Electronic Remittance Advice file, while complex reviews are sent through standard mail as correspondence; thereby causing unnecessary manual work to respond in a timely fashion. In fact, according to the American Hospital Association’s (AHA) January 2014 RACTRAC Survey results, almost 50 percent of the respondents indicate on-going communication problems with CMS RAC Auditors (see Table 2).

* Includes participating hospitals with and without RAC activity
Table 2

The impact of appealing RAC audits

These complications make it more important than ever to utilize an audit compliance management solution capable of handling all medical audit types. Healthcare providers need the ability to take control of the entire audit process, including the ability to capture, process, access, integrate, measure and store audit requests and their associated costs throughout the entire appeal process.

While some facilities record and track audits through computer software, many still do so in an extremely manual fashion; as is the case for facilities that utilize Excel-based solutions. While these solutions identify the information that needs to be captured, they require complete manual data entry on every audited transaction.

A recent report from the AHA indicates that more than 50 percent of reporting organizations are spending over $25,000 a year to manage their RAC process, with 12 percent spending more than $100,000. In contrast, 32 percent of organizations  are spending less than $10,000, likely indicating little or no appeal follow-up activities have taken place. This raises a primary concern of potential lost revenue for an organization due to the lack of a formalized appeal and tracking process.

The AHA reports that only 49 percent of all RAC denials were appealed, but when they were, organizations realized a 64 percent success rate in overturning the audit. This means an additional 32.6 percent of all RAC denials could be successfully appealed if organizations would simply track and appeal their RAC audits. Considering that over $2.6 billion in denials were reported through Q4 2013, with 97 percent (or approximately $2.5 billion) being complex audits requiring the medical record, organizations could have recovered approximately $815 million of additional gross revenue through a standardized appeal process.

Simplifying RAC audits

What should we be expecting from CMS in its contract renewal? First, we need to eliminate the manual correspondence notifications. This item tops the list of reported RAC process-related issues and can be easily rectified through identification of accounts similar to the automated appeals, through a unique denial remark code. Another alternative would be to have the RAC auditors provide this information electronically through their websites instead of through paper-based correspondence. With either of these options, providers can automate the appeals process in a fashion that focuses on the root cause of the denial and not on the antiquated means of how we communicate with RAC auditors.

Many software applications today are capable of automating much of the work associated with a corresponding denial code. For instance, upon receiving an electronically identified denial, a simple workflow can be used to capture and record the release of information and other data necessary to complete the claim appeal. Risk assessment dashboards, email notifications and time-sensitive escalations, along with historical follow-up communication, activity reporting and cost tracking, are all features that a complete audit management solution should provide. This content enables organizations to monitor and predict processing bottlenecks, allowing them to determine trends and weaknesses in their ability to respond to audit requests and requirements.

Organizations could also exchange information with the audit contractor by writing the patient chart to CD, DVD or allowing online viewing access to the chart. Since over 80 percent of RAC audits are due to one of three primary reasons (short stay medically unnecessary, 50 percent; other medically unnecessary, 22 percent; incorrect MS-DRG or other coding  error, 12 percent), system automation can be simplified to help identify and eliminate these issues on the front end of the billing process to stop these problems from occurring.

If CMS is truly dedicated to helping providers comply with varying Medicare billing rules, lowering error rates and protecting future Medicare beneficiaries, they will advocate additional system automation through electronic data exchange. These improvements further eliminate human error, reduce lag times and ease the administrative burden for both the RAC auditor and provider community. Implementing the same electronic data processing philosophy for all audits along with the billing, payment, eligibility, claims status and other HIPAA transactions should be the rule and not the exception.


  2. Ibid


Sponsored Recommendations

A Cyber Shield for Healthcare: Exploring HHS's $1.3 Billion Security Initiative

Unlock the Future of Healthcare Cybersecurity with Erik Decker, Co-Chair of the HHS 405(d) workgroup! Don't miss this opportunity to gain invaluable knowledge from a seasoned ...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...