Skip to main content

What Makes For A Good Chart Compliance Program?

A chart compliance program is an essential ethical and legal component of a successful practice. With this in mind, the author outlines the basic principles of such a program and shares essential pearls on documentation, auditing and education for staff. 

There are a few truths one needs to understand before reading this article. 

Truth number one: All health care practices should have a plan in place to make sure they are in compliance with insurance and government regulations. 

Truth number two: Not all practices have such a plan in place. 

Truth number three: Those practices that have a plan in place, whether it is the practice of a single practitioner or a large multispecialty medical center, typically do not follow their own plan. 

Once you understand these truths, you are ready to read this article and subsequently develop and implement a functional compliance plan for your practice that you can follow. Accordingly, let us take a closer look at compliance as it relates to charting and coding as components of a comprehensive compliance program. First, what comprises a compliance plan warrants a review. 

Understanding The Purpose Of A Compliance Program

A comprehensive compliance program provides direction to employees as to how they should function in an ethical and legal manner. A compliance plan is designed based upon standards set forth by the Office of Inspector General (OIG).1 A compliance plan incorporates a number of key elements.

  • Compliance standards and procedures. This incorporates standards, policies and procedures that address issues most applicable to given individual practice.
  • Discretion in assigning positions of responsibility. This indicates the practice has appropriate procedures in place to avoid putting people who may have participated in, or have knowledge of, improper conduct in a position of authority over other employees.
  • Oversight responsibilities. A practice should designate a high-level individual as the Compliance Officer to oversee the implementation of and adherence to the compliance plan.
  • Training and education. The practice takes steps to effectively communicate its compliance plan to employees and provides the education and training necessary for staff to perform their jobs in an ethical and legal manner.  
  • Monitoring and auditing. The practice has an ongoing internal evaluation process of the plan’s effectiveness, including auditing charts and billing practices.
  • Enforcement and discipline. The practice develops and enforces consequences for violating the compliance plan.
  • Response and prevention. The practice has steps in place that dictate how violations of the compliance plan are adjudicated and how incidents may be used to educate employees on the prevention of future violations. 

Laying The Groundwork For Employee Education And Training

The success of a practice’s compliance plan depends on the effectiveness of the training program within that practice. Each employee should be trained in general compliance which includes but is not limited to nondiscrimination, HIPAA and OSHA regulations. In addition, employees must be trained in the compliance issues related to their individual job responsibilities, including ethical and legal aspects. Training should utilize all appropriate formats including printed materials, interactive lectures, webinars and other electronic means to accommodate and accentuate the knowledge of the employees. One should ensure appropriate training upon initial employment of staff and afterward on at least an annual basis. 

Any employee whose activities have any effect on the accuracy of claims submitted for reimbursement must receive targeted training regarding specialty-specific government and private payer reimbursement principles. This should include the claim development and submission processes along with proper and current diagnostic, procedural and site of service coding. 

Applicable employees should also have access to updated references including:

  • Medicare Administrative Contractor (MAC) policies;
  • Trade publications such as those from the American Medical Association (AMA), American Podiatric Medical Association (APMA), American College of Foot and Ankle Surgeons (ACFAS), American College of Foot and Ankle Orthopedics and Medicine (ACFAOM) and the American Association of Professional Coders (AAPC);
  • Current year Current Procedural Terminology (CPT) manual;
  • Current year International Classification of Disease (ICD) manual;
  • Current year Healthcare Common Procedure Coding System (HCPCS) Level II Codes manual;
  • Current Correct Coding Initiative (CCI) references;
  • Online coding resources (APMA Coding Resource Center, AMA Online Coding Resources);2,3

Employees should also have an understanding of what medical necessity means and the necessary requirements and documentation to meet medical necessity. They should also be familiar with prohibitions against false claims, referral inducements and self-referrals. Lastly, training is imperative in timely documentation completion, regulations regarding amending documentation after the fact, record retention, one’s duty to report misconduct and whistleblower protection. 

To elaborate on reporting misconduct, all people covered under the compliance plan, including employees, agents, subcontractors, consultants and practice associates, must report suspicious conduct, suspected violations of law and suspected violations of the compliance plan to the Compliance Officer. Failure to report such information is in itself a violation of the compliance plan and grounds for disciplinary action. Any person reporting a suspected violation is protected under the federal government whistleblower statutes. After a suspected violation is reported, it becomes the responsibility of the Compliance Officer to investigate the situation. 

What Are The Core Elements Of An Effective Chart Compliance Program?

Now that we understand what a compliance plan is and how a practice would implement it, let us turn our attention to the specifics of the charting, coding and reimbursement aspect of the compliance plan. 

The basic elements of a coding compliance program are auditing and education. A well-structured program includes a robust process of chart reviews followed by result-based education. Accordingly, when one performs an audit, he or she reviews the results with the employee and implements training designed to improve the results of future audits. The auditing process should be continuous with emphasis on providers that exhibit continued non-compliance and/or poor audit scores. One may obtain chart audit forms through your practice’s MAC or download it from Along with new practitioner and employee training, it is also important to provide annual updates to review coding changes, reimbursement policy changes (which may be insurance company-specific) and legislative or regulatory changes that may impact the practice. 

There are two general types of audits: internal and external. Internal audits are part of the practice’s compliance program. Insurance companies, government agencies and possibly law enforcement perform external audits. The main catalyst for an external audit is an aberrant billing pattern in comparison to providers of the same specialty in the same geographic area. These aberrations could include significant evaluation and management (E/M) level variances, overuse of modifiers, and “impossible days,” defined as the excessive use of higher-level E/M codes to the extent that it exceeds reasonable cumulative time thresholds available in a typical workday. 

For most codes, all associated documentation requirements must be met. The only exception is when a visit is predominantly focused on counseling. However, medical decision making must still be inherent to the encounter. In fact, in 2021, the E/M guidelines are changing to make medical decision making the predominant factor in determining which E/M code to report.5

Chart reviews, whether they are internal, outsourced or both, are a very effective way of identifying specific services and/or providers whose documentation does not agree with the coding submitted for reimbursement. An ongoing process of auditing and monitoring typically reveals some degree of revenue opportunities. At the same time, this process may identify providers in need of education or reinforcement of key concepts or guidelines associated with complete and accurate documentation that supports appropriate coding. 

Many providers feel that undercoding will protect them from audits. This is incorrect. The rules of correct coding state that the provider must code to the highest specificity and accuracy supported by their documentation. In the event of a payer audit, the financial repercussions of undercoding errors do not rise to the same level as overcoding, meaning one does not typically incur fines and penalties for undercoding errors. However, an inflated error rate can perpetuate additional auditing and scrutiny. Insurance companies may institute a prepayment audit requirement if they find errors in a random audit. This means that any claim sent to that insurance company for reimbursement must include chart documentation. This can dramatically increase the time to reimbursement and subsequently delay cash flow for the practice. Prepayment audits are particularly impacted by error rates as the provider must usually achieve and maintain an acceptable level of accuracy for a predetermined period of time to phase out of this program. 

Performing An Internal Chart Audit: What You Need To Know

Step 1: Establish Audit Objectives

The first thing to consider are the audit objectives. You must establish what you want to achieve from the audit. Objectives fall into two main groups: revenue-related objectives and compliance with correct coding policies.

Compliance with revenue objectives. An audit’s revenue objectives involve examining coding practices for lost revenue due to the improper use of codes. This process also may reveal inappropriate billing to gain higher reimbursement (which is an open invitation to a payor audit). When considering revenue, look at the following aspects of the revenue cycle. 

  • Missed charges. Compare the medical record to the billing to identify services documented in the medical record but not coded. This can be a result of ineffective communication between the provider and the billing staff or lack of knowledge on the part of the coders. Sometimes in a busy practice, the provider may simply forget to click on a charge on his or her computer screen, or forget to circle a charge on an encounter form. One can identify and rectify this in an internal audit. 
  • Underbilled or overbilled services. Compare the medical record to the billing to identify services documented in the medical record but not coded at the proper level. A provider may code his or her E/M services at an incorrect level in comparison to the documentation. Lesion excision is an area where documentation may lead to a decision that a higher (or sometimes lower) level of service should have been billed. Frequency of the service in question should also match from a documentation and billing perspective. One should document all services, including E/M services, ancillary procedures or services, and surgical procedures, with sufficient detail to allow the selection of the proper CPT, HCPCS Level II, and ICD-10-CM codes. 
  • Undocumented services. A good audit or review will identify instances when one has billed codes without proper supporting documentation. When a private payor, Medicare or Medicaid requests written proof of billed charges, the provider must be able to substantiate the service. Some examples of commonly misplaced information are laboratory test results, X-ray reports, problem lists and medication lists. You must be able to defend documentation to support medical necessity and be prepared to defend the documentation upon carrier/contractor appeal, or in a court of law. 
  • Denied services or downcoded services. Downcoded services are those the payor determines should be paid at a lower level of service. Analyze denied or downcoded services to discover the cause by comparing the billed services to the Explanation of Benefits (EOB) or Remittance Advice (RA) portion of the payor statement. 

Compliance with correct coding policies. The second set of audit objectives involves evaluating documentation for compliance with Medicare, Medicaid and/or private payor standards. Not only are compliance issues important to overall good patient management, they are also important for expedient and accurate reimbursement. When looking at compliance issues, consider the following aspects of the chart.

  • Current patient data. The patient information sheet will identify patient demographics as well as updated and complete insurance information. Verify and regularly update the patient’s date of birth, address and complete insurance information, including a copy of the card in the chart. Request that insured patients sign an assignment of benefits form to ensure direct payment of insurance benefits to the provider. Update this record yearly.  
  • Physician signatures. A thorough audit will verify that the provider signs or initials to acknowledge that he or she performed or supervised all services and procedures provided to a patient. An unsigned entry in a medical record may be viewed by an insurance payor as nonperformance of that service. Some areas of the country do not currently require an original signature or the initials of the provider of the service. Some carriers allow electronic signatures, initials and full signature. It is a good idea to check with each local carrier in your area to determine the requirements. The advent of electronic medical records (EMR) eliminates the necessity to physically sign each chart note as they are completed within the EMR and cosigning resident or physician extender documentation is now much easier to accomplish as well.
  • Signed consent forms. One should execute a written consent form for each patient that undergoes a procedure involving significant risk before the procedure in question. The consent should state that one has informed the patient about the procedure, its risks and benefits, and any alternatives. It should also indicate that the patient understood the issues discussed and has given consent to treatment. One may keep this information in a separate section of the chart or it can accompany the documentation of the procedure. Refer to your individual malpractice carrier for examples of consent forms. 
  • Insurance forms. An auditor should check claim forms, whether they are electronic or hard copy claims, to see if the clinician has completed them correctly. Include all pertinent dates and diagnostic and procedural coding information necessary for payors to generate reimbursement as well as linkage between diagnostic and procedural codes. If claims are submitted electronically, the medical billing system can generate the submitted insurance claim. 
  • Superbill/charge ticket. One may use these forms to record patient billing information. This may include procedure and/or diagnosis codes. Not all physicians use superbills, especially since the advent of EMR programs. Referencing this form identifies the intended coding of the practitioner and helps to identify data entry errors. 

Step 2: Address The Sample Size

The audit sample should include a certain percentage of patient encounters to ensure a representative sample. Auditing too few records may distort results while auditing too many records becomes too time-consuming, labor-intensive and normally is not any more effective. The compliance officer, office manager, and/or practitioner should help determine the appropriate number of medical records to review. A good sample size is 10 to 20 charts per audited time period. It is a good idea to concentrate on visits that took place during a specific time period so one can observe trends. Merely pulling charts at random will not always accomplish this goal. Reviewing charts that are six months to one year old serves no benefit. The OIG recommends five to 10 random charts per physician when conducting an audit. 

Step 3: Develop Or Select An Audit Tool

A good audit tool is important when auditing the medical record. If the auditor is conducting an E/M audit, for example, the auditor must identify which set of guidelines the practitioner is using, and the tool needs to reflect those guidelines. If the auditor is reviewing surgical notes, he or she should use a surgical audit tool. 

Some auditors use an electronic audit tool to audit records. This is generally in the form of software that will print audit reports and analyze the data after you enter the detail of the E/M level. Keep in mind that one must also satisfy medical necessity when reporting an E/M level. The computer software cannot analyze medical necessity. Sometimes the level selected by the audit software affords a higher level of service based on documentation alone but the medical necessity element cannot be incorporated into the software. This element is a “thinking” process and good clinical background is imperative. 

There are a variety of commercially available chart audit tools that one can find with a simple Internet search.

Step 4: Perform The Audit 

As stated earlier, auditing charts can be a valuable learning experience and provides much needed analysis for compliance. An auditor (internal or external) examines the documentation to determine whether it adequately substantiates the service billed and identifies medical necessity. If the quality of the medical record is not reviewed on an ongoing basis, one may not uncover incorrect or inappropriate documentation and coding practices. Given the importance of compliance with government and private payor guidelines, the audit or medical record review is critical in all medical practices. 

Be consistent when choosing a sampling of medical records to eliminate confusion. Select patient encounters (chart notes) to review that are no more than three to six months old. For each patient encounter, you will need the superbill/charge ticket, patient chart or date of service, claim form or billing record (validates what was submitted), and the Explanation of Benefits or Remittance Advice. 

Familiarize yourself with the chart organization, special forms including the history form, problem list, medication sheet, etc., and be familiar with the coding criteria for services provided. It is not recommended that you mix hospital, surgical and office services in one audit report. 

Step 5: Produce An Audit Report

Complete the summary report by identifying the number of encounters documented correctly and incorrectly, other coding issues, and suggestions for improvement. This report may be very detailed or simply a summary. 

Step 6: Set Up A Meeting With The Provider To Discuss Audit Findings

Schedule a meeting with the provider to review the findings of the audit to include areas where he or she is doing well, and any identified coding errors. Provide suggestions and answer his or her questions. Allow enough time to review all the medical records in which you found incorrect coding based on documentation. To enhance educational efforts, provide handouts with documentation of carrier and/or coding guidance to the provider that will help him or her maintain compliance. Discuss that you will continue to monitor and help him or her maintain compliance. 

Step 7: Make Recommendations For Improvement 

An audit is not complete if the auditor does not develop constructive recommendations for improving documentation. A good way to identify recommendations is in the post-audit report you develop for the provider. Identify utilization pattern abnormalities, coding errors and documentation errors. One can improve documentation by creating templates to help the practitioner capture all the services provided during the patient encounter, and ensure that the documentation supports the level of service based on the complexity of the case. 

However, one must exercise caution with templates. Documentation must be individualized for each patient encounter and must not appear to be cloned from previous encounters or similar services one provided to other patients. Cloning of documentation is currently a point of emphasis for the OIG. 

Step 8: Provide Effective Monitoring And Guidance 

After the baseline audit, the auditor, along with the practitioner, compliance officer and/or practice administrator should decide, based on the audit results, how often to review the practitioner’s documentation. 

Since it is safe to predict that no provider will pass all audits at 100 percent correctness, the schedule of future audits should be based on how well the individual provider is performing on the audits. For example, if auditing 10 medical records and 40 percent (four records) meet the documentation guideline requirements, it would be beneficial to perform audits more frequently than for the practitioner who is 90 percent compliant with coding and documentation. The physician who has more documentation and/or coding errors will need help and guidance more frequently than the practitioner who has minimal errors. 

Concluding Thoughts

One should now understand the basic principles of a practice compliance plan and specifically how one can implement a charting, documentation and reimbursement audit as part of this program. At an initial glance, it may seem daunting but when one breaks this down into components, a chart audit plan is easy to develop and implement, and will ultimately result in better patient care and better outcomes. 

Dr. Ward is board-certified by the American Board of Foot and Ankle Surgery and the American Board of Podiatric Medicine. He is the podiatric advisor to the American Medical Association (AMA) CPT Panel and has served on the AMA’s CPT Assistant Editorial Board. Dr. Ward practices within the Cape Fear Valley Health System in Southeastern North Carolina. He is a Past President of both the American Podiatric Medical Association and the North Carolina Foot and Ankle Society as well as being a former city councilman. One may contact Dr. Ward at

By Phillip E. Ward, DPM
  1. Compliance. Office of Inspector General. Available at: . Accessed December 27, 2019.
  2. Coding Resource Center. American Podiatric Medical Association. Available at: . Accessed December 27, 2019.
  3. American Medical Association. Finding Coding Resources. Available at: . Accessed June 3, 2020.
  4. Program Integrity: Documentation Matters Toolkit. Centers for Medicare and Medicaid Services. Available at: .  Accessed December 27, 2019.
  5. American Medical Association. CPT Evaluation and Management (E/M) Office or Other Outpatient (99202-99215) and Prolonged Services (99354, 99355, 99356, 99XXX) Code and Guideline Changes. Available at: . Accessed June 3, 2020.
  6. Centers for Medicare and Medicaid Services. Available at: . Accessed December 27, 2019.
  7. American Association of Professional Coders. Available at: . Accessed December 27, 2019.
  8. Healthcare Compliance Network. Available at: . Accessed December 27, 2019.


Back to Top