confessions of an internal auditor 2014 florida hmfa fall institute
DESCRIPTION
Operations traditionally views Internal Audit as a necessary evil that hopefully doesn’t show up during budget season. With constant budget cuts and reduced reimbursement, Internal Audit can help improve both financial and operational outcomes with in-depth revenue cycle and hospital/clinic operations reviews at no cost to the department.TRANSCRIPT
TODAY’S OBJECTIVES
• Identify strategies to engage Internal Audit and focus their efforts on bottom-line outcomes and departmental priorities.
• Explore audit methodologies designed specifically for the revenue cycle and hospital/clinic operations.
• Review common findings related to the revenue cycle and patient care operations.
• Describe strategies to respond to internal audit reports.
ABOUT VANDERBILT UNIVERSITY MEDICAL CENTER
• $2.3 Billion Annual Healthcare Operating Expenses (excludes academics and research)
• $471.6 Million Annual Sponsored Research Budget
• $843.6 Million Annual
• Charity Care, Community Benefits, and other Unrecovered Costs
UNDERSTANDING AUDITORS
THE CLAW HAS SPOKEN
PREVIOUSLY CHOSEN
Bad Debt & Charity Care Write-offs Data Center Security Preoperative Services:
Implants & Supplies
Blood Bank Electronic Claim & Payment Processing
POS Collections & Deposit Process
Center for Women’s Imaging
User Account Security Reference Lab
Chemotherapy Pharmacy & Infusion Clinics Otolaryngology Administration Respiratory Care
Meaningful Use Pediatrics Sponsored Research Software Change Management
Controlled Substances Retail Pharmacy Physician Practice Acquisitions
PRELIMINARY PLANNING
• Auditors are trying to:
• Gain a high-level understanding of operations.
• Establish relationships.
• Identify key personnel and systems.
• Determine audit scope.
PRELIMINARY PLANNING
• Client departments need to:
• Provide prompt responses.
• Explain operational strengths and weaknesses.
• Share current trends and industry issues.
• Clearly communicate management’s audit goals.
WHAT TO EXPECT AT THE ENTRANCE CONFERENCE
• Meet all audit team members.
• Review audit objectives and scope.
• Discuss audit progress/timeline.
• Send out scope memo.
PROCESS DOCUMENTATION
• Orders/Referrals
• Registration/ Pre-authorization
• Check-in/ POS Collections
• Medical Records
• Charge Capture
• Denial Follow-up
FRONT-END
• Charge Interfaces
• Claim Edits
• Claim Submission
• Payment Processing
• Denial Management
• Account Follow-up
• Patient Collections
BACK-END
CHARGE CAPTURE
• Compare arrived appointments/schedule or orders to posted charges.
• Look for charges that should always be together (e.g., chemo drugs & infusion).
• Data entry controls (e.g., batch totals).
• Compare medical record to posted charges.
• Identify issues with the charge interface by comparing original charges to posted charges.
CHEMOTHERAPY INFUSION
CPT Description Billed Minimum Correct
96409 Push, first drug 0 1 0
96143 Infusion, first drug 1 0 1
96411 Push, additional drug 0 2 1
96417 Infusion, additional drug 0 0 1
96415 Infusion, additional hour 0 0 2
HCPCS Description
J9070 Cyclophosphamide, 100 mg
J9000 Injection, doxorubicin hydrochloride, 10 mg
J9370 Vincristine sulfate, 1 mg
J7510 Prednisolone oral, per 5 mg
CLAIMS & PAYMENTS
• Compare original charges (codes, quantity, and dollars) to final claim submission.
• Discuss problem payers with Contracting, Informatics, and Business Office.
• Compare contracted payments to actual payments.
• Look for no charge services or write-offs before claims are submitted.
• Review co-pay collection rates.
DENIALS
• Category (e.g., registration, coding, business office, and authorization)
• Payor
• Clinic/Service
• CPT/HCPCS Code
• Date of Service
• Provider
REVIEW DENIALS BY
• What denial reports are provided to management?
• Any recent changes to contracts or payor procedures?
• Any staffing changes, leaves, or issues?
• Changes to coding regulations.
ASK ABOUT
DENIALS BY PATIENT ADDRESS
FINANCIAL REPORTING
• What are the data sources?
• Who prepares the reports?
• How often are they updated & distributed?
• What benchmarks are used & what are the sources?
QUESTIONS TO ASK
• Reconcile reports to source systems and re-perform calculations.
• Review methodology for any estimates, allowances, or allocations.
• Review variances and trends with similar or related departments or services.
TESTS TO PERFORM
AUDIT REPORTS & COMMON FINDINGS
EXECUTIVE SUMMARY
• Summary of two to four key issues and recommendations.
• Background about the area audited including an overview of unique process and/or information systems.
• Key financial metrics and/or key performance indicators to support highlighted issues.
WHAT TO EXPECT
• Scrutinize the wording, this is negotiable.
• Review the background, some of this may not have been explicitly discussed during the audit and could contain errors or assumptions.
• Recalculate/reconcile financial metrics and KPIs.
WHAT TO DO
AUDIT OBJECTS & ASSESSMENT
Audit Objectives Assessment1 Determine that charge capture is complete and
accurate.
2 Payroll transactions are appropriate, properly supported, and approved.
3 Equipment is properly maintained and monitored by Clinical Engineering.
Effective Needs Improvement Ineffective
RECOMMENDATIONS
• Grouped by topic or function.
• Include a benefit and basis.
• Specify the area/department responsible for implementation the corrective action.
• Allow space for management’s action plan with target implementation date.
COMMON ISSUES: FRONT-END
• Cash Controls
• Co-Pay Collections
• Upfront Collections for Self-Pay Services
• Missing Charges
• Security of PHI
• Inaccurate Pricing Calculation (Implants, Pharmaceuticals)
• Equipment
• Asset Tags
• Preventative Maintenance
COMMON ISSUES: BACK-END
• Segregation of Duties
• Transaction Review
• Overtime Approval
• Authorized Vendors
• Executed Contracts
• Invoice Accuracy
• Use of Procurement Cards
• BAA Agreements
• Inventory Management
COMMON ISSUES: IT
• Storage of PHI on unsecured media
• CD/DVD with Medical Images
• Department File Servers, Local PCs, Laptops, etc.
• Inadequate Password Policy/Enforcement
• Unsecured/Sharing of Clinic Workstations
• Disaster Recovery
• Documented Downtime Procedures
• Oversight/Security of Portable Devices (e.g., iPads)
FOLLOW-UP REVIEWS
• Depends on the Severity of Findings
• Often Requested by Senior Management
• 12 to 18 Months After Report is Issued
• Limited to Items in Audit Report
• Significantly Reduced Time Compared to Original Audit