Monthly Archives: October 2017

Signature Requirements: Important things to remember

By: Christina Colegrove RN, BSN – Clinical Consultant

The Medicare Program Integrity Manual requires that services provided/ordered are authenticated by the author.  This can be in the form of a handwritten or electronic signature.  Signature stamps are not acceptable. Please see some other important points related to signatures below.

Handwritten Signatures

  • Illegible signatures: MACs, ZPICs, SMRC, and CERT will consider evidence in a signature log, attestation statement, or other documentation submitted to determine the medical record entry author’s identity
  • Signatures missing from an order: MACs, SMRC, and CERT will disregard the order in the review of the claim.
  • Signature missing from medical documentation: MACs, SMRC, and CERT will accept a signature attestation completed by the author of the medical record entry


Signature Log

  • Signature logs list the typed/printed name of the author associated with initials/illegible signature
  • Signature logs can be on the actual page with the author’s initials/illegible signature or on a separate document
  • Although not required, it is recommended that the providers’ credentials be included in the log


Signature Attestation Statement

  • Attestations must contain sufficient information which identifies the beneficiary and they must be signed and dated by the author of the medical record entry
  • Noridian and CGS both have Signature Attestation Statement forms which are available for use

Electronic Signatures

  • There should be notation that these signatures were electronically signed
  • Electronic systems have a potential for misuse/abuse with alternate signature methods (i.e. the system/software need to be protected against modification)
  • The PIM encourages providers to check with their attorneys/malpractice insurers regarding the use of alternative signature methods

It is also important to note that Medicare considers a physician’s signature to include credentials and a date to be valid. Make sure that you are reviewing your orders to ensure they are correct prior to submitting your claims.

Prepare for the future – New Social Security Number Removal Initiative

By: Nancy Conant, Clinical Consultant

Are you aware the Medicare Access and CHIP Reauthorization Act (MACRA) of 2015 mandates the removal of the SSN-based HICN from Medicare cards?  This is a huge undertaking as CMS has identified approximately 90 different stakeholder entities that receive, store, use, or provide the HICN today.  The reason for this Act is to address the threat of beneficiary medical identity theft for people on Medicare.  In April 2018, Medicare will begin to mail new Medicare cards with the MBI # randomly by geographic regions.  CMS processes and systems are being updated to accept and return MBIs by April 2018.  A transition period is expected to run April 2018 through April 2019 where either/both the HICN or MBI can be submitted to Medicare.

Stakeholders, in turn, are expected to adjust their systems to submit or exchange MBIs starting April 1, 2018.  This means all stakeholder systems must be ready to process the MBI cards as of April 2018.  By now, system revisions in your offices/facilities have been considered and you have a timeline in place to implement the changes into your business practices and processes.

Medicare is committed to assist you to get ready for the new cards and MBIs.  Outreach and training is available to help you to be ready by April 2018:

  • Go to Medicare’s website and sign-up for the weekly MLN Connects® newsletter.
  • Attend Medicare’s quarterly calls to get more information. Medicare will let you know when calls are scheduled in the MLN Connects newsletter.
  • Verify all of your Medicare patients’ addresses. Make sure the addresses you have on file are not different than the Medicare address you use on electronic eligibility transactions. If different, ask your patients to contact Social Security and update their Medicare records.
  • Work with Medicare to help your Medicare patients adjust to their new Medicare cards. This fall Medicare will have helpful information about the new Medicare cards you can display in your facilities. Hang posters in your offices about the Medicare card changes to help spread the word.
  • Most importantly, test the system changes and work with the billing office staff to be sure the office/facility is ready to use the new MBI format.

As of January 2020, HICNs will no longer be used as beneficiary identifiers. Beneficiaries who receive their new MBI cards are encouraged to start using them immediately, people new to Medicare will be assigned a MBI card during the transition period.




Who Must Comply with HIPAA Requirements?

Generally, when you hear about HIPAA the discussion is associated with a hospital or a medical group that had a breach or HIPAA violation. What most people don’t know is that HIPAA applies to organizations outside of hospitals and health networks. So who exactly needs to be compliant when it comes to HIPAA?

It can be somewhat vague when you start looking at HIPAA. The US Department of Human Health Services describes those who must be compliant are called “covered entities.” Let’s dig a little deeper and understand what types of organizations are considered to be a covered entity.

Health Plans – Anyone who deals with insurance or medical information for patients.

  • HMOs
  • Medicare
  • Medicaid
  • Human resource employees/employers and schools who handle patient information when the employees are hired and students are enrolled.

Health Care Clearinghouses – These are the organizations that collect any patient information from healthcare entities.

  • Billing/Collection Services
  • Health Management Information Systems

Health Care Providers – These are the entities that come to mind when thinking about HIPAA compliance.

  • Physicians
  • Surgeons
  • Dentists
  • Optometrists
  • Hospitals
  • Clinics
  • Nursing Homes/Care Facilities
  • Pharmacies

Business Associates – This is where most people wouldn’t assume they need to be HIPAA compliant, but if you’re involved in any of the following, you need to ensure you’re in compliance.

  • Data Processors
  • Medical Equipment Companies
  • Consultants
  • Medical Transcription Services
  • External Accountants and Auditors
  • Any third party organization dealing with PHI.


At the end of the day, anyone who accesses or deals with Protected Health Information should be complying with HIPAA regulation. PHI includes:

  • Any conversation with medical professionals about a patient’s care or treatments
  • Any patient billing information
  • Any medical insurance information

If you have any questions about covered entities or whether you or your organization should be HIPAA compliant, please contact us! We can help you determine your needs and get started with compliance.

UPDATE: Targeted Probe and Educate (TPE) Pilot

UPDATED: October 6, 2017

In October 2017, the TPE Pilot is now open to all four DME MAC Jurisdictions. Suppliers will be chosen based on the following criteria:

  1. Items that pose the greatest financial risk to the Medicare Trust Fund – HCPCS with high national error rates, high dollar equipment, etc.
  2. Individual suppliers with high error rates

HCPCS that were currently under widespread prepayment reviews will likely be the first group included in the TPE selection.

Lastly, the goal of the TPE program is to eventually replace all other DME MAC audits, meaning widespread prepayment and documentation reviews will eventually be phased out entirely.


In recent months, the CMS has been touting its new “provider friendly” approach, which is, in part, a way to decrease the ever-mounting appeals backlog. And they have introduced several initiatives to do just that, including limiting the scope of review of Redeterminations and Reconsiderations and adjusting serial claims found favorable in the appeals process. The next item on the list, however, may be positive or negative, depending on what side of the coin you fall on. Let me explain.

The DME MACs have recently began to roll out the Targeted Probe and Educate (TPE) Pilot program. Beginning on July 3, 2017, CMS authorized the DME MACs to conduct the Targeted Probe and Educate (TPE) Pilot review process. This pilot is currently open to Jurisdictions B and D DME MACs. TPE includes up to three rounds of supplier-specific prepayment probe reviews followed by education to improve identified errors. The goal of TPE is to improve the claims payment error rate and reduce the volume of appeals through claim review and education.

Suppliers chosen for the TPE program can expect the following:

  • DME MACs will utilize data analysis to select the suppliers in the probe. The identified suppliers will receive written notification that will include the topic being reviewed, data reasons for the selection and the process of the review.
  • The first-round prepayment probe review will begin following notification to the supplier. The DME MAC will request 20 – 40 claims for audit.
  • Suppliers with a high error rate on their prepayment probe review will receive an offer for one-on-one education relative to the specific errors identified through the probe review.
  • Following education, suppliers are expected to make necessary adjustments/process changes with sufficient improvement. This will be demonstrated through a second round of claim reviews to occur several months later during a second-round probe review. The probe review will again contain 20 – 40 claims for audit.
  • If improvement in the second-round probe review is not sufficient, suppliers will undergo another round of education followed by another probe review.
  • Following three rounds of probe and education, suppliers that do not demonstrate sufficient improvement in their error rate will be referred to CMS for possible further action.
  • Once a supplier has reached an acceptable error rate, the TPE process will end and the DME MAC will notify the supplier of successful completion.

It’s important to note that if selected for review, suppliers are not excluded from other Medical Review activities, such as, automated reviews, other pilot review programs, prior authorization, etc. as directed by CMS or other contractor reviews.

The DME MACs have indicated that if a high error rate persists following the maximum rounds of review and education, they will refer the supplier to CMS for possible further action. What does that include? Referrals to the ZPIC/UPIC for concerns related to potential fraud/abuse and Recovery Auditor (RA) for collaboration of vulnerability and to ensure there is no duplication of reviews.

One thing that is missing from the published articles and TPE letters: The potential for revocation of your Medicare supplier number. The Final Rule, effective December 3, 2014, states in part that, under authority of the ACA, CMS can and will deny or revoke enrollment of entities and individuals that pose a program integrity risk to Medicare for “… providers and suppliers that have a pattern and practice of billing for services that do not meet Medicare requirements.  This is intended to address providers and suppliers that regularly submit improper claims in such a way that it poses a risk to the Medicare program. “We saw contractors start adding this language into overpayment demand letters over the past year, which leads us to believe they would eventually like to use this as a tool to suppliers they feel pose too much of a risk.

Now more than ever, suppliers must be vigilant in the claims they submit to Medicare. Documentation should be reviewed prior to claim submission to ensure the LCD guidelines have been met. It is also necessary to educate your staff – from intake to billers. If you are selected for the TPE program you will be required to present documentation that supports the medical necessity for the equipment provided. Be sure that you have what you need to be considered “compliant” in your billing practices. TPE allows you three chances to “get it right”. Then you could face extrapolations, RAC audits that go back three years, or worse, revocation.

Data analysis will look for high error rates, high reimbursement dollars, and top billers by area. Don’t wait for the DME MAC to send you a letter advising that you are a chosen participant in the TPE pilot. Taking a proactive approach could save your business. The van Halem Group can help. We offer a variety of proactive services that will identify issues, educate your staff, and help you make the necessary corrections going forward. Don’t wait until you get the TPE notification letter.