Your Corporate Integrity Agreement: what will the IRO audit?

Workers wondering what the IRO will audit.

Corporate Integrity Agreements (CIAs) can be overwhelming for those healthcare organizations facing one. Tasked with rectifying past non-compliance, these agreements are a roadmap to regaining trust and ensuring future adherence to regulations. This post will pull back the curtain on the Independent Review Organization (IRO) audit process, offering clarity on the pivotal elements of CIAs.

In this Article …


The Significance of CIAs in Healthcare

Most health care providers or healthcare organizations will never have to wonder about the answer to that question. Most medical professionals or hospitals will never come under the scrutiny of the Office of Inspector General (OIG) of the Health and Human Services (HHS) Department of the Federal government. But when a health care organization is facing a settlement with the OIG as a step necessary to avoid exclusion from government healthcare programs like Medicare or Medicaid, they can’t learn fast enough about the terms of corporate integrity agreements (CIA).

So after you learn to spell CIA, and understand a few things about your CIA obligations, you can drill down into the CIA requirements for an independent review organization (IRO). The IRO services you will need are a function of the terms of the CIA requirements, which are related to the misconduct or mistakes the OIG has determined you made.


What are the Typical Types of Reviews Required by CIAs?

The most common reviews required by CIAs are Claims Reviews, Arrangements Reviews, and Clinical Quality Reviews.

Let’s take a detailed look at what the IRO will audit in each type of review.

Text boxes showing the most common types of reviews required in a healthcare CIA.


What is an IRO Claims Review?

When the OIG has reached an agreement on the terms of the corporate integrity agreement with a medical provider involving issues related to claims for payment submitted by the provider, the agreement is usually called an Integrity Agreement. By the way, there is precious little chance to actually negotiate these terms. Most corporate integrity agreements we have seen have identical terms except for the name of the medical professionals or healthcare organizations.

The distinction the OIG is making by calling some CIAs Integrity Agreements seems mainly to be the terms of the agreement and the frequency of the IRO reviews required in the agreement. CIAs typically are for a term of five years, and require an annual review by the IRO. Integrity Agreements require a quarterly claims review process and last for three years.

The claims review process starts at the end of the quarter after the date of signature on the CIA. It consists of two parts: a claims review and a systems review. The methods the independent review organization must use to conduct reviews are also specified in the CIA. For instance:

  • The Reporting Period is defined as the three-month period ending 90 days after the date of the last signature (which is always an OIG official) on the Corporate Integrity Agreement.
  • The claims review population consists of all Paid Claims paid by federal health care programs during the Reporting period. This is sometimes an obstacle for the healthcare organization. Most billing and accounts receivable systems are able to track the date of services of a claim. Implementation of a claims review is sometimes difficult. For instance, it can be hard to get a report of the date of payment of individual claims. The reports have to be furnished to the IRO for review within fifteen days after the end of the Reporting Period
  • From the report containing the claims review population, the IRO must create a Discovery Sample. This is a sample of at least 30 claims from the population, drawn at random using the RAT-STATS random number generator software available from the OIG. The information submitted on each claim has to include details such as the name of each patient, the dates of service and payment, the procedure code(s) billed on the claim, and the beneficiary’s federal health care program identification number.
  • The IRO also asks for medical record documentation supporting each claim in order to assess the medical necessity and correct coding of each claim.


What is an IRO Systems Review?

A systems review is usually only required during the first quarterly Reporting Period. The IRO must identify, by position, the personnel involved in coding and billing, and describe the controls in place to ensure all claims submitted to federal health care programs are medically necessary and appropriately documented.


What Information Does the IRO Include in an Audit Report?

The content of the report the IRO must submit is specified in the description of IRO services in the CIA. The IRO must describe the source of the data used in its report, along with a narrative of how the quarterly claims review was conducted. The IRO must track the dates of receipt of materials from the healthcare organization, and decide on the relative weight of other types of material it received after the initial submission of claims data and medical record documentation.

Additional content of the IRO report includes quantitative results of the reviews. For instance, the IRO must calculate the total number and percentage of instances where the coding was incorrect or where the medical record documentation did not support the claim. It must also calculate the amount of overpayment to the healthcare organization due to coding errors and documentation deficiencies.

The IRO report must also contain any recommendations from the IRO for improvements in the organization’s controls for ensuring all items and services billed to federal government health care programs are medically necessary and appropriately documented.

The IRO has 60 calendar days from the end of the Reporting Period to submit its report to the health care organization. The organization then must submit it to the OIG.


What are the Consequences of Overpayments in the Discovery Sample?

The consequences of errors determined by the IRO can be severe. The IRO is required to calculate a mean point estimate of the actual overpayments in the claims review population. For instance, assume the average overpayment in the Discovery Sample of 30 claims was $10. If there are 1000 claims in the claims review population, the mean point estimate of the actual overpayment is $10 times 1000, or $10,000. Of course, many health care organizations dispute this methodology and attempt to negotiate repayments they consider excessive.


What are the Qualifications of IRO Staff for Performing a Claims Review?

There are several requirements for IRO staff members working on claims reviews. They include:

  • Expertise in the federal government health care programs applicable to the claims being reviewed;
  • Certification in medical coding by a nationally recognized coding organization;
  • Knowledge about appropriate statistical sampling techniques; and
  • Licensure as a health care professional and acting within their scope of practice to make decisions about medical necessity.

Sometimes the medical professional requirements are even more specific. For instance, one IRO was required to utilize a physician with a specific board specialty to conduct reviews of interventional cardiology procedures.


What is an Arrangements Review?

The second most frequent category of corporate integrity agreements requires an Arrangements Review. This type of CIA is imposed on healthcare organizations that have run afoul of the Anti-kickback statute or the Stark Law. They may have had fines or other penalties imposed on them for their conduct. But instead of expelling them from a program like Medicare, the OIG requires a CIA in which their relationships with referring physicians are tracked and scrutinized.

Arrangements review CIAs usually last for five years, with an annual Reporting Period. The IRO staff must be familiar with the requirements of the Anti-kickback statute and the Stark Law.


What are the Components of an Arrangements Review?

There are two components to Arrangements Reviews: an Arrangements Transaction Review and an Arrangements Systems Review. The Arrangements Transaction Review is conducted annually. The Arrangements Systems Review is conducted during the first and fourth Reporting Periods, as long as there are no major changes in the Arrangements systems or policies during subsequent Reporting Periods.


What is Covered in an Arrangements Systems Review?

The Arrangements Systems Review basically looks at two issues: does the healthcare organization have policies and systems in place to manage its Focus Arrangements with physicians or other referral sources. A Focus Arrangement is a financial arrangement with a physician who makes a referral to the healthcare organization for patient services billed to a government healthcare program.

Policies health care organizations must have in place include policies to initiate, review, approve, and track all Focus Arrangements. There must also be policies on internal reporting on Focus Arrangements, and responses when there is a suspected violation of the Anti-kickback statute or Stark Law.

The reviews during the first and fourth Reporting Periods look at both the content of the required policies and the documentation of the implementation of the policies and required reporting.


What is Covered in an Arrangements Transaction Review?

Arrangements Transactions Reviews usually require review of a random sample of at least 50 Focus Arrangements entered into or renewed during the Reporting Period. The RAT-STATS program must be used to develop the random sample from the population of arrangements entered into or renewed during the Reporting Period. The IRO must review each arrangement to verify:

  • The arrangement and remuneration is being tracked,
  • Was reviewed and approved using the organization’s policies,
  • That service and activity logs related to the arrangement are completed, and any leased space or medical supplies are monitored, and
  • The arrangement is in writing, a staff member has completed training on the Anti-kickback statute and Stark Law provisions, and the parties agree in writing to not violate these laws.


What is the Content of an IRO Arrangements Review Report?

The report prepared by the IRO at the end of the first Reporting Period covers the IRO’s findings with respect to the Arrangements Systems Review and the Arrangements Transaction Review. The IRO must assess the compliance of the organization with its policies and other activities. It must also make recommendations on improving the scope of the policies, as well as improving its implementation of the various types of policies and systems.


What is a Clinical Quality CIA?

This type of CIA is relatively rare. It can involve a pre-procedure review by a medical professional, usually a physician, of services proposed for Medicare patients by another physician. It can also include a post-procedure review of medical necessity for procedures. The overarching goal of a Clinical Quality CIA is to ensure that the overall quality of clinical services provided aligns with established medical standards and best practices, safeguarding patient care and trust. Many of the provisions of a claims review and IRO services will also apply to this type of CIA.


Some Final Thoughts …

So if you are in a position where a settlement of some kind with the OIG is in the offing, start reviewing other CIAs to see what obligations your organization may become subject to. And know that The Fox Group stands ready to guide you through the IRO audit process, ensuring clarity and compliance.


When you need proven expertise and performance

Jim Hook, MPH

Mr. James D. Hook has over 30 years of healthcare executive management and consulting experience in medical groups, hospitals, IPA’s, MSO’s, and other healthcare organizations.