“Upcoding” remains a common mechanism of improper payments.
“Healthcare compliance is the process of following rules, regulations and laws that relate to healthcare practices,” according to the PowerDMS Policy Learning Center. Although all healthcare organizations have a compliance department, how the clinical documentation integrity (CDI) department interacts with compliance and supports practices compliant with Centers for Medicare & Medicaid Services (CMS) regulations varies across health systems. The purpose of a compliance program is to prevent, detect, and correct non-compliance to avoid fraud, waste, and abuse.
According to the U.S. Department of Health and Human Services (HHS), some healthcare entities pose a heightened risk to the financial security of Medicare due to the volume of improper payments they incur. Healthcare organizations have a duty to submit proper claims to CMS; however, “upcoding” remains a common mechanism of improper payments. Because compliance is the responsibility of everyone employed by the health system, CDI leadership should be actively engaged in monitoring CMS claims data for potential overpayments that could represent simple errors or process issues resulting in institutional non-compliance. In particular, CDI departments should be gatekeepers meant to avoid “billing for services at a level or complexity higher than services actually provided or documented in the medical record,” according to CMS.
An overpayment is defined by Medicare as one that “exceeds regulation and statute properly payable amounts.” Medicare overpayments can occur due to “incorrect coding and/or insufficient documentation,” both of which should be monitored by CDI and coding leadership. Healthcare entities have 60 days from overpayment identification to report and return a self-identified overpayment to Medicare. Reporting of an overpayment should include a written explanation for the overpayment, e.g., coding error, failure to follow organizational billing practices, etc. The concept of “identification” is broadly applied, as the rule states that this means when a person has or “should have, through the exercise of reasonable diligence” determined an overpayment.
Misusing codes on a claim, such as upcoding (when a provider assigns an inaccurate billing code to a medical procedure or treatment to increase reimbursement) and coding errors are examples of Medicare abuse if the incorrect coding or billing practices are not widespread practices, in which case it could be an example of fraud. CDI and coding professionals are both subject to the federal civil False Claims Act (FCA):
“The civil FCA imposes civil liability on any person who knowingly submits, or causes the submission of, a false or fraudulent claim to the Federal Government. The terms ‘knowing’ and ‘knowingly’ mean a person has actual knowledge of the information or acts in deliberate ignorance or reckless disregard of the truth or falsity of the information related to the claim. No specific intent to defraud is required to violate the civil FCA.”
CMS has a variety of tools to monitor inaccurate payments, including the Comprehensive Error Rate Testing (CERT) Program, Medicare Administrative Contractors (MACs), and the Recovery Auditors. According to CMS, the CERT program reviews a statistically valid stratified random sample of Medicare fee-for-service (FFS) claims to determine if they were paid properly under Medicare coverage, coding, and payment rules. CERT findings create the framework for MAC audits and those performed by Recovery Auditors. While CERT leverages a random sample of claims, the Program for Evaluating Payment Patterns Electronic Report (PEPPER) data provides hospital-specific Medicare claims data. Target areas included in PEPPER were identified by Recovery Auditors and MACs, and are updated periodically.
“PEPPER is an electronic report that provides provider-specific Medicare data statistics for discharges/services vulnerable to improper payments. PEPPER cannot be used to identify the presence of payment errors, but it can be used as a guide for auditing and monitoring efforts to help providers identify and prevent payment errors.”
If you manage a CDI or coding department, you should be reviewing your PEPPER data on a quarterly basis; however, the national download rate is currently at 62 percent. Failure to monitor Medicare claims data included in PEPPER can be an example of “deliberate ignorance or reckless disregard,” according to ACDIS, if your organization is an outlier. Although PEPPER data is not specifically distributed to Recovery Auditors or MACs, both of these Medicare contractors have the ability to request charts related to PEPPER target areas, and have sophisticated data mining techniques to identify outliers.
PEPPER target areas are constructed as a ratio. The numerator includes discharges identified from paid Medicare claims per CMS fiscal year (i.e., October to September) quarter that are identified as potentially problematic because they are likely to be miscoded or result in medically unnecessary services. The denominator is the larger reference group that includes the numerator.
For this article, our focus is coding target areas that include:
Each hospital’s ratio is compared to other hospitals at the state, MAC jurisdiction, and national levels, resulting in a ranking by volume percentage. PEPPER data uses the high outlier threshold of the 80th percentile and a low outlier threshold of the 20th percentile. If the percentage of paid Medicare claims for the specific target area ranks at the 80th percentile or above, the organization is considered a high outlier for that target area. In other words, the percentage range for a particular target area may be from 20 to 75 percent. The 80th percentile may result in all those hospitals with a target area ratio of 68 percent or higher. The ratios among all hospitals and the 80th percentile cutoff will vary from quarter to quarter.
If you are new to PEPPER and integrating a compliance focus into your CDI or coding practices, a good place to start is the National High Outlier Ranking Report. This page of PEPPER data will have red if your organization is a high outlier in any target area across the most recently reported 12 quarters of data, as well as the total number of times your organization was a high outlier for each target area. If your organization happens to be a high outlier for any coding target area, that does not necessarily mean there is a compliance issue. A best practice is to investigate why your organization is an outlier by sampling claims and reviewing documentation to validate the assigned codes and billing. Ask yourself, does it make sense for your hospital to be among the top 20 percent of all hospitals for that particular target area?
CDI departments are increasingly renaming the “I” from “improvement” to “integrity.” Integrity is defined as “the quality of being honest and having strong moral principles.” Reviewing PEPPER data is a way for CDI and coding managers to identify areas that may be vulnerable to overpayment. If outliers exist, investigate the associated claims to validate the coding and billing. If coding or billing errors occurred, determine the cause(s) of the errors, e.g., human error or process issues, and look for ways to prevent future non-compliant coding and billing practices. Even if your organization is not an outlier or the internal investigation does not reveal the potential for overpayment, CDI and coding leadership should ensure there are safeguards in place to prevent non-compliance, and monitor staff adherence to those processes.
Programming Note: Listen to Cheryl Ericson report this story live today during Talk Ten Tuesdays, 10 Eastern.
Although specifics remain under negotiation, early outlines and House resolutions suggest that Medicaid will face significant reductions, likely through a combination of structural funding changes
Based on the first Trump Administration, everyone expected an early focus on immigration, deportations, and audits. I think what has taken some employers by surprise
Please log in to your account to comment on this article.
Stop revenue leakage and boost hospital performance by mastering risk adjustment and HCCs. This essential webcast with expert Cheryl Ericson, RN, MS, CCDS, CDIP, will reveal how inaccurate patient acuity documentation leads to lost reimbursements through penalties from poor quality scores. Learn the critical differences between HCCs and traditional CCs/MCCs, adapt your CDI workflows, and ensure accurate payments in Medicare Advantage and value-based care models. Perfect for HIM leaders, coders, and CDI professionals. Don’t miss this chance to protect your hospital’s revenue and reputation!
Struggling with ICD-10-CM coding for diabetes and complications? This expert-led webcast clarifies complex combination codes, documentation gaps, and sequencing rules to reduce denials and ensure compliance. Dr. Angela Comfort will provide actionable strategies to accurately link diabetes to complications, improve provider documentation, and optimize reimbursement—helping coders, CDI specialists, and HIM leaders minimize audit risks and strengthen revenue integrity. Don’t miss this chance to master diabetes coding with real-world case studies, key takeaways, and live Q&A!
Uncover critical guidance. HIM coding expert, Kay Piper, RHIA, CDIP, CCS, provides an interactive review on important information in each of the AHA’s 2025 ICD-10-CM/PCS Quarterly Coding Clinics in easy-to-access on-demand webcasts, available shortly after each official publication.
Uncover critical guidance. Kay Piper provides an interactive review on coding guidelines and more in the AHA’s fourth quarter 2025 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Stay ahead of Medicare Advantage’s 2025-2026 regulatory changes in this critical webcast featuring expert Tiffany Ferguson, LMSW, CMAC, ACM. Learn how new CMS rules limit MA plan denials, protect hospitals from retroactive claim reopenings, and modify Two-Midnight Rule enforcement—plus key insights on omitted SDoH mandates and heightened readmission scrutiny. Discover actionable strategies to safeguard revenue, ensure compliance, and adapt to evolving health equity priorities before the June 2025 deadline. Essential for hospitals, revenue cycle teams, and compliance professionals navigating MA’s shifting landscape.
Struggling with CMS’s 3-Day Payment Window? Join compliance expert Michael G. Calahan, PA, MBA, CCO, to master billing restrictions for pre-admission and inter-facility services. Learn how to avoid audit risks, optimize revenue cycle workflows, and ensure compliance across departments. Critical for C-suite leaders, providers, coders, revenue cycle teams, and compliance teams—this webcast delivers actionable strategies to protect reimbursements and meet federal regulations.
Providers face increasing Medicare audits when using skin substitute grafts, leaving many unprepared for claim denials and financial liabilities. Join veteran healthcare attorney Andrew B. Wachler, Esq., in this essential webcast and master the Medicare audit process, learn best practices for compliant billing and documentation, and mitigate fraud and abuse risks. With actionable insights and a live Q&A session, you’ll gain the tools to defend your practice and ensure compliance in this rapidly evolving landscape.
Dr. Ronald Hirsch dives into the basics of Medicare for clinicians to be successful as utilization review professionals. He’ll break down what Medicare does and doesn’t pay for, what services it provides and how hospitals get paid for providing those services – including both inpatient and outpatient. Learn how claims are prepared and how much patients must pay for their care. By attending our webcast, you will gain a new understanding of these issues and be better equipped to talk to patients, to their medical staff, and to their administrative team.
Copyright © 2025 ICD10monitor. Powered by MedLearn Media.
Celebrate Lab Week with MedLearn! Sign up to win one year of our Laboratory All Access Pass! Click here to learn more →
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
