Revenue Cycle and Regulatory Compliance

Question 1

What is HIPAA?

Answer 1

The Health Insurance Portability and Accountability Act of 1996. This is a federal regulation that was designed to provide protection of confidentiality and security for patients. It was also the first rule that standardized patient confidentiality.

Question 2

What is ARRA?

Answer 2

American Recovery and Reinvestment Act

Question 3

What is HITECH?

Answer 3

Health Information Technology For Economic and Clinical Health Act

Question 4

What is the Stark Law?

Answer 4

This law prohibits physician referrals of designated health services for Medicare and Medicaid patients if the physician has a financial relationship with that entity.(immediate family member)

Question 5

What is the OIG?

Answer 5

Office of Inspector General for the United States Department of Health and Human Services(HHS) is dedicated to fighting waste, fraud, and abuse and to improving the efficiency of Medicare and Medicaid by developing guidelines. They have a hotline or website.

Question 6

What is The Fair Debt Collection Practices Act?

Answer 6

(FDCPA) Is a consumer protection amendment, establishing legal protection from abusive debt collection practices. Part of the Consumer Credit Protection Act, as Title VIII.

Question 7

What is the False Claims Act?

Answer 7

It is a federal law that prohibits any person or organization to knowingly make a false record or file a false claim regarding any federal health care program.

Question 8

What is ROI?

Answer 8

Release of Information

Question 9

What is TPO?

Answer 9

Treatment, Payment, and Healthcare Operations

Question 10

What is NCCI?

Answer 10

National Correct Coding Initiative, this program prevents coding errors that could lead to inappropriate reimbursement for Medicare claims.

Question 11

What is Privacy?

Answer 11

It is the patient’s right to have their Protected Health Information(PHI) safe-guarded.

Question 12

What is an Aging Report(AR)?

Answer 12

It is a report of outstanding claims. Claims that have not been paid 30 days or more. The report is divided into 30-day increments. You should work on the oldest accounts first.

Question 13

What is Accounts Receivable?

Answer 13

It is money owed to the provider.

Question 14

What is the key tool to collecting patient payments?

Answer 14

Communication

Question 15

What is Security?

Answer 15

It is controlling access to records, protecting PHI, and giving efficient employee training.

Question 16

When can you disclose PHI?

Answer 16

When the patient has signed an authorization.

Question 17

What is Fraud?

Answer 17

The intentional misinterpretation of health information to receive higher reimbursement.

Question 18

What is Abuse?

Answer 18

The un-intentional misinterpretation of health information to receive higher reimbursement.

Question 19

What is the best practice when dealing with a Denial?

Answer 19

It is to perform an analysis to determine where the errors are occurring.

Question 20

What should be done once your organization determines where the errors are occurring?

Answer 20

Additional training or workflow corrections should be implemented.

Question 21

What is Revenue Cycle Management?

Answer 21

This is the process that health care providers use to manage financial viability by increasing revenue, improving cash flow, from registration to final payment.

Question 22

Where does communication start?

Answer 22

It starts at the point of service, during registration and scheduling, where the information is gathered from the patient to create an account.

Question 23

When is it important to communicate with the patient?

Answer 23

When notifying the patient of their financial responsibility.

Question 24

Why should there be good communication between the provider and staff?

Answer 24

To ensure that medical record documentation meets the assigned code requirements for reporting purposes.

Question 25

What are the primary Stakeholders?

Answer 25

Patients, Providers, Third-Party-Payers, and Policymakers.

Question 26

What are Providers?

Answer 26

They are licensed individuals who can submit claims for services rendered for reimbursement. Providers administer the delivery of care within the policy framework. They also coordinate the patient’s care and maintain their health record.

Question 27

What are Third-Party-Payers?

Answer 27

These are organizations that cover medical expenses of the policyholder and dependants. This includes employers, commercial or private organizations, government programs, Work comp, and homeowner/auto insurance.

Question 28

What are Third-Party-Payers responsible for?

Answer 28

They maintain the financial stability of health care policies and programs. They have administrative processes to analyze premium rates and annual deductibles to meet changes.

Question 29

What are Regulatory Agencies composed of?

Answer 29

Policymakers that develop the rules and guidelines.

Question 30

What are policymakers?

Answer 30

They establish the framework that determines who is eligible to receive care and what services are provided, how, where, and by whom. They determine how services are paid and determine the quality of care standards for the patients.

Question 31

What are Covered Entities?

Answer 31

This is an entity that transmits health information in electronic form(Providers, Health plans, Clearinghouses…)

Question 32

How long should providers retain HIPAA-related documents?

Answer 32

They must keep records for 6 years and 2 years after a patient’s death. Medicare Managed Care patients medical records must be kept for 10 years.

Question 33

What are the critical components of maintaining data?

Answer 33

Back-up & Recovery

Question 34

What is the Practice Management System?

Answer 34

This is a collective source of administrative data within an organization.

Question 35

What does the Practice Management System include?

Answer 35

Health care technological tools to perform operational tasks and the EHR components such as data from patient encounters. (demos, med records, insurance info, and coded data)

Question 36

What is the Administrative Uses of Data?

Answer 36

This includes important operational tasks such as analyzing the number of patients for census purposes to determine how many patients are being treated, population health management, quality improvement, and cost vs. reimbursement analysis.

Question 37

What are Clinical Uses of Data?

Answer 37

This is used to maintain the health and well-being of the population. This data can be used to determine cost-effectiveness, reimbursement decisions, and strategies.

Question 38

What is Data Storage?

Answer 38

This refers to records, files, and documents that are physically or digitally stored for future reference and use. Data is usually stored off-site in case of a disaster.

Question 39

What is Data Transmission?

Answer 39

This refers to sending digital information over individual or multiple secure communication channels.

Question 40

What is Electronic Data Interchange?

Answer 40

Computer technology contains the exchange of data between the health care provider and payer. i.e. Electronic Remittance Advices or Eligibility

Question 41

What is Data Reporting?

Answer 41

This refers to the process of collecting pertinent facts about patient care and outcomes to perform security or other analyses, as well as reporting performance measures for incentive programs.

Question 42

Why is Reporting Data vital to a health care organization?

Answer 42

They can assist in making informed decisions that support organizational objectives.

Question 43

What are Guidelines? (Federal, HIPAA….)

Answer 43

Guidelines outline how to receive and manage protected information. Other laws and regulations include expectations of an organization to protect patient privacy and how to prevent fraud & abuse.

Question 44

What should be the priority of a Health Care Organization?

Answer 44

Complying with Rules & Regulations.

Question 45

Why is Reporting Breaches important?

Answer 45

Providers are responsible for safeguarding patient and other stakeholder information.

Question 46

What is the HIPAA Breach Notification Rule?

Answer 46

This regulates reporting of impermissible use or disclosure of PHI.

Question 47

What happens if there is a breach and patient information is released?

Answer 47

The organization is responsible for taking the appropriate steps to disclose or report the breach.

Question 48

What is a Compliance Plan?

Answer 48

This plan addresses compliance rules and regulations of government and private payers. This is a culture that manages and protects the administration of health care services to patients.

Question 49

What does having a formal compliance plan indicate?

Answer 49

That the practice is making a good-faith effort to achieve a state of compliance for safe, effective, and efficient care of their patients.

Question 50

What should be referenced when developing a Compliance Plan?

Answer 50

The OIG Federal Register to identify potential areas of risk and develop standard practices around the guidelines. Compliance program guidance plans are specified by the type of organization.

Question 51

What is the Federal Register?

Answer 51

This is a yearly, published work plan identifying at-risk or emerging issues.

Question 52

What does the OIG offer as components as the foundation of a Compliance Plan?

Answer 52

1. Conducting internal monitoring and audits
2. Implementing compliance and practice standards
3. Designating a compliance officer
4. Conducting appropriate training & education
5. Responding appropriately to detected violations
6. Developing open lines of communication(meetings, bulletin boards)
7. Enforcing disciplinary standards

Question 53

What is the Provider Self-Disclosure Protocol(SDP)?

Answer 53

This is a program developed by the OIG for health care providers to self-disclose instances of potential fraud. This protocol is voluntary and implements the compliance plan to support the organization’s culture of safe and effective health care. This lowers the cost and disruption of an OIG-initiated audit. The OIG website includes the SDP submission link.

Question 54

What is Confidentiality?

Answer 54

This refers to the protection of patient information from an unauthorized person. This means limiting medical information from being accessed and maintaining private information.

Question 55

What are other practices for Confidentiality & Security?

Answer 55

1. Conducting periodic training on confidentiality protocols

2. Activity monitoring of EHR

Question 56

What is a key protection for the HIPAA Privacy Rule?

Answer 56

The Minimum Necessary Standard

Question 57

What is The Minimum Necessary Standard?

Answer 57

This standard mandates that covered entities review their practices and safeguards routinely to ensure appropriate access to and disclosure of Protected Health Information(PHI).

Question 58

What does The Minimum Necessary Standard require?

Answer 58

It requires that employees be limited to protected information, accessing only the areas of that medical record required to complete their task.

Question 59

What is a Breach of Confidentiality?

Answer 59

This is normally unintentional and involves the release and disclosure of patient information to a third party.

Question 60

What are examples of Breaches of Confidentiality?

Answer 60

1. Communicating with staff in a public space
2. Disclosing information in unattended areas like lab results
3. Discussing patient information with family without consent
4. Announcing patient information in the lobby
5. Retrieving patient information not related to your tasks

Question 61

What do Regulations like Confidentiality & Security ensure?

Answer 61

This ensures patients have control of their health information, how it is used, and who it can be shared with.

Question 62

What is the Release of Information?

Answer 62

This is a feature of the HIPAA Privacy Rule and is a method of controlling and tracking access to PHI about a patient. this ensures the patient’s privacy is protected while allowing appropriate access to health care services.

Question 63

What should a provider do when the privacy restriction applies?

Answer 63

The health care provider should obtain the patient’s signature on a consent form.

Question 64

What are the Elements of a Medical Record Release Form?

Answer 64

1. Identification of organization & patient
2. Timeframe to identify the service date and admission/discharge date
3. Information requested to be released
4. Purpose for the request
5. Date of request
6. Original signature from patient/legal guardian

Question 65

What is Implied Consent?

Answer 65

This type of consent does not require a signature or any specific documentation in the medical record.

Question 66

What is Informed Consent?

Answer 66

This consent includes communicating the nature of the proposed treatment, associated risks, and alternatives, and answering all the patient’s questions. The patient then signs or declines the consent to have the service done.

Question 67

What is Consent?

Answer 67

This is an important communication that occurs when a provider explains the risk and benefits of a specific procedure to a patient so they can make an informed decision.

Question 68

What is Written Consent?

Answer 68

When a procedure has a significant risk of complication, written consent is signed. This means the patient is giving permission for the procedure to be done.

Question 69

What does HIPAA allow the patient to do with their medical records?

Answer 69

Patients can review and receive their medical and billing records. They can also request a change if they find an error.

Question 70

Who can request records?

Answer 70

The patient or patient’s representative

Question 71

What is the time frame medical record requests need to be processed?

Answer 71

Within 30 days from the date of request. Extensions are permitted if records are archived or stored off-site.

Question 72

What must organizations do regarding record releases?

Answer 72

They must maintain a log to document where PHI was released and who the authorized requestors in the event of a breach.

Question 73

When are providers allowed to send records without patient permission?

Answer 73

If it is for the use of Treatment, Payment, or Operations(TPO)

Question 74

What is the Treatment in TPO?

Answer 74

This is the coordination and management of one’s health care.

Question 75

What is the Payment in TPO?

Answer 75

This is the activities related to the provider’s billing and reimbursement.

Question 76

What is the Operations in TPO?

Answer 76

These are the administrative processes that are typical for health care organizations.

Question 77

What is a Subpoena?

Answer 77

This allows the disclosure, and authorization from the patient is not required.

Question 78

What are Privacy Exceptions?

Answer 78

Times when there is a reasonable need to release medical records for legal proceedings, or emergency situations.

Question 79

What is the Privacy Rule exception regarding Psychotherapy notes?

Answer 79

Mental health records are kept separate from medical records and will not be released unless the patient has given consent.

Question 80

When are patient records kept confidential?

Answer 80

If the patient has HIV/AIDS, to prevent discrimination, but will be disclosed if necessary for treatment. And substance use.

Question 81

What are two important features of the HITECH Act?

Answer 81

1. Promotes the use of EHRs by health care providers

2. Strengthens HIPAA Privacy and Security Rules

Question 82

What can fraudulent billing and coding result in?

Answer 82

Severe civil and criminal penalties ranging from fines to imprisonment.

Question 83

What are the 3 main categories of fraud?

Answer 83

1. Billing for services that have not been performed
2. Reporting fraudulent diagnosis
3. Purposeful coding errors(unbundling, upcoding…)

Question 84

Can you write off a patient’s out-of-pocket expenses?

Answer 84

No, it will be fraud. It is in the provider’s contractual agreement to collect patients out-of-pocket portions.

Question 85

What is the penalty for Abuse?

Answer 85

1. Educational sessions
2. Recovery of overpayment
3. Withholding future reimbursement

Question 86

What are the best practices to minimize unintentional claim errors?

Answer 86

1. Accurate & timely documentation
2. Appropriate code linkage
3. Accurate code assignments
4. Correct provider & referring provider information on claim
5. Correct service date

Question 87

What is Unbundling?

Answer 87

This is the process of reporting two separate procedure codes with the intent of reimbursement on two codes when CPT rules state only one code should be used.

Question 88

What are the 3 categories of billing & coding errors?

Answer 88

1. Unintentional billing & coding errors
2. Unnecessary charges
3. Billing for non-medically necessary charges

Question 89

What is the Federal Claims Collection Act(FCCA)?

Answer 89

This allows Medicare administrative contractors to collect claims overpayments from health care providers and beneficiaries.

Question 90

What are two ways NCCI Edits work?

Answer 90

1. One of the codes is a component of the other code.

2. One of the codes excludes the other by their code description.

Question 91

What are Encounter Forms used for?

Answer 91

They are used to bridge the administrative and clinical departments as both contribute elements to the claim.

Question 92

What do Encounter Forms contain?

Answer 92

Diagnoses, Services, and Procedures

Question 93

What is Adjudication?

Answer 93

The process when clean claims are submitted to the payer is processed and paid according to the individual plan.