Corporate Compliance

1. HIPAA security: Use risk analysis to prioritize your efforts
2. 12 steps for auditing medical necessity
3. Gov't audit insider

Healthcare Auditing Weekly, July 1, 2003

Health Care Auditing Strategies
NEW Newsletter
Guide to Compliance Auditing: Applying OIG Techniques and Tools
Strategies for Health Care Compliance
July 15, 2003
Vol. 1, No. 11

SUBSCRIBE to Health Care Auditing Weekly



Do your auditing and monitoring practices meet OIG standards?

Health Care Auditing Strategies, the 12-page monthly newsletter, can help you get the most out of your audits. It offers practical how-to articles, sample policies and procedures, best practices, and auditing techniques for specific areas, including coding systems, billing systems, cost reports, credentialing processes, employee background checks, education and training programs, and quality of care. For more information, including how you can save 10%, Click here Or call 800/650-6787 and mention Source Code EN1614B.



Auditing news and tips

Sample audit programs (For subscribers to Health Care Auditing Strategies only)

Sample compliance policies and procedures. (For subscribers to Strategies for Health Care Compliance only)

The OIG Work Plan for Fiscal Year 2003

Ask the Expert

Tip of the Week

Compliance Hot Topics: Auditing, Billing and Coding, EMTALA, Stark, HIPAA

Question of the Week

In This Week's Issue

  1. HIPAA security: Use risk analysis to prioritize your efforts
  2. 12 steps for auditing medical necessity
  3. Gov't audit insider

This Week's Headlines

1. HIPAA security: Use risk analysis to prioritize your efforts

Conducting a security risk analysis will help you determine where to spend your time and money-and where not to waste your resources. This analysis will also help you determine whether to deal with certain addressable specifications, says Kevin Beaver, CISSP, founder and president of the Atlanta-based information security consulting firm Principle Logic, LLC. Organizations can scale addressable specifications to their needs, or eliminate the specification if it doesn't make sense for the organization.

When you perform a risk analysis to help your organization comply with the upcoming medical information security regulations, analyze the costs and benefits of certain protections. Use the following steps in your risk analysis:

1. Identify and place value on your assets-and estimate potential losses
2. Identify the threats to your assets
3. Evaluate your risk safeguards

For more on performing a security risk analysis, subscribe to the newsletter "Strategies for Health Care Compliance." This newsletter helps compliance professionals thrive in the ever-changing compliance environment by providing easy-to-understand compliance advice and analysis on the latest regulations. Each month, this 12-page newsletter offers how-to information, tips, and tools for improving the efficiency and effectiveness of your corporate compliance program. Click here to receive 10% off the regular price.

Back to top

Are you auditing correctly?

Auditing and monitoring are among the most important parts of your compliance program and probably the most complex. Determining what to audit and monitor can be an issue you're struggling with, but our special report "An Inside Look at Compliance Auditing and Monitoring: Integrating Government Standards" can help. Should you use internal staff or an outside firm to conduct your audits? What do you do when a problem arises? How do you protect sensitive information? This special report has the answers you need. Order it today at

2. 12 steps for auditing medical necessity

To make sure fiscal intermediaries pay your facility what it deserves, perform pre-billing and post-billing medical necessity audits. Use the following 12 steps:

1. Choose samples based on volume and diagnostic tests, says Stacie Buck, RHIA, LHRM, president of HIM Associates in North Palm Beach, FL. "It is important to audit each department that orders and performs ancillary tests. Make sure the sample captures all diagnostic tests performed by the facility."

2. Obtain the following documentation for each patient included in the audit:

  • Signs/symptoms or diagnosis on test order
  • Diagnostic test results
  • Emergency department (ED) record for ED patients
  • Copy of UB-92
  • National coverage determinations and applicable local medical review policies (LMRP) from the fiscal intermediary

    To get all 12 steps for auditing medical necessity, plus tips on examining medical necessity denials, identifying risk areas, and using LMRP criteria, buy the pay-per-view article "Medical necessity: Tips for auditing your facility's claims denials." The article costs $10. Subscribers to the online version of Health Care Auditing Strategies have free access to it. Subscribers to the print edition can find it in their July issues.

    Or for only $23 per month, you can get even more auditing best practices and how-to articles by subscribing to Health Care Auditing Strategies. Save 10% by ordering online.

    Back to top

    Network with your audit colleagues

    "Audit Talk" is a new, moderated chat forum that members can use to post messages or questions for their peers 24-hours-a-day. "Audit Talk" offers a free forum to network, share ideas, and solve problems for those in the audit industry. Getting involved is easy. To subscribe, just send your request to this e-mail:


    Hospital consolidation

    When two hospitals consolidated to form the Medical Center of Louisiana at New Orleans (MCLNO), did they follow Medicare regulations? The center's change of ownership is analyzed here in this audit.

    The Office of Inspector General (OIG) used the following steps in its audit:

    1. Accessed the national claims history files to identify patterns indicating a potential hospital consolidation, with one of the hospitals reporting most of its inpatients transferred to the same hospital.

    2. Identified the following University Hospital or MCLNO claims

  • Those the center never should have submitted because the patient was moved between its two campuses
  • Those the center should have submitted as a transfer to another prospective payment system hospital, instead of as a discharge
  • Those that affected the consolidated cost report for the following years ending on June 30: 1995, 1996, 1997, and 1998

    3. Confirmed the consolidation of University and MCLNO by reviewing files for TriSpan, the fiscal intermediary for the state of Louisiana.

    4. Discussed the change of ownership regulations with TriSpan officials and the procedures they followed for audit or reimbursement of consolidating hospitals.

    5. Discussed with the hospitals' internal auditors the reasons for the continued use of both provider numbers to submit consolidated cost reports for the affected years.

    For more information on the OIG's "Review of Compliance with Medicare Regulations Related to the Consolidation of University Hospital and the Medical Center of Louisiana at New Orleans," go to this Web link:

    Back to top


    In addition to each 12-page monthly newsletter, Health Care Auditing Strategies (HCAS) subscribers receive the following benefits:

  • Audit talk-This is a free forum to network, share ideas, and solve problems for HCAS subscribers.

  • Audit advantage-Readers log on each month to the HCAS subscriber-only Web page that lists sample audit plans and government documents. Go to and enter the password that is printed in each issue of HCAS.

  • Fax and email alerts-When there's late breaking news that just can't wait until the next issue of HCAS, we'll fax or email the pertinent information to you immediately.

  • Editorial special reports-When there's a new regulation or news on laws related to health care auditors, our expert writers gather the necessary information and compile a special report. Subscribers received a free special report on the Sarbanes-Oxley Act with their May issues.

    Take advantage of these subscriber benefits, as well as auditing best practices and how-to articles by subscribing to Health Care Auditing Strategies. Save 10% by ordering online.


    To learn more about the Sarbanes-Oxley Act and how it affects internal auditors and compliance officers, order the special report "Sarbanes-Oxley Act: Impact on Health Care Organizations"

    Share the news!

    You've been benefiting from our informative e-mail newsletter, so why not pass on this resource to your peers? Sign up a colleague and get $20 off your next purchase on HCPro's Healthcare Marketplace!

    Send your comments and questions about Health Care Auditing Weekly to:

    Melissa Osborn
    Managing Editor

  • Health Care Auditing Weekly (c) 2003 HCPro, Inc. You have permission to forward Health Care Auditing Weekly, in its entirety only, to your colleagues, provided this copyright notice remains part of your transmission. Better yet, send them to where they can subscribe to the newsletter directly. All other rights reserved. None of this material may be reprinted without the expressed written permission of HCPro, Inc.

    DISCLAIMER Advice given is general, and readers should consult professional counsel for specific legal, ethical, or clinical questions. Users of this service should consult attorneys who are familiar with federal and state health laws.

    SPONSORSHIPS For information about sponsoring Health Care Auditing Weekly, contact Margo Padios at or call 781/639-1872 ext 3145. If you would like further information about any of HCPro's products, including books, seminars, videos, consulting services, or newsletters please visit

    YOUR SUBSCRIPTION You are receiving this message as a subscriber to Health Care Auditing Weekly. If you would like to unsubscribe, please visit If you do not have web access, please forward this email to: and type "Remove" in the body.

    Copyright 2003 HCPro, Inc.

    Most Popular